NewsBits for May 17, 2005 ************************************************************ Hackers stole $332,000 A Yemeni court on Saturday convicted four Yemenis of stealing $332,000 from Canadian oil company Nexen Inc. through Internet fraud, judicial source said. The four men were ordered to repay 1.26 million Malaysian ringgit ($332,000) which they had transferred to Malaysian bank accounts after one of them, a former Nexen employee, hacked into the company's computer system in North America. - - - - - - - - - - Tsunami charity website 'hack' trial drags on The trial involving the alleged hacking of a charity website set up to raise funds for victims of December's Asian tsunami disaster has been delayed yet again while witness reports are compiled by computer forensics experts. Daniel James Cuthbert, 28, from Whitechapel in East London has been charged with one offence under section one of the Computer Misuse Act following what police called an "unauthorised" attempt to access the Disasters Emergency Committee (DEC) website on New Year's Eve.,39024677,39130464,00.htm - - - - - - - - - - Burgled mum finds stolen iPod on eBay A US mum tracked down a thief who burgled her home after the ill-gotten gains were offered for sale on eBay. Karen Todd, a US Census Bureau computer programmer, spotted a personally-inscribed iPod on the auction site weeks after it was robbed from her Washington DC area home. - - - - - - - - - - Court rules for German ISPs in P2P identities case ISPs in the state of Hamburg can't be forced to provide customer data to record companies, even when illegal copying is suspected, at least for now. The Higher Regional Court in Hamburg has ruled that there is no legal basis for demanding customer data. ISPs, the court argues, aren't part of the criminal act. They merely provide access to the web. - - - - - - - - - - Child porn costs actor 7 1/4 years A Fort Wayne actor known in several states for his impersonation of George Washington at historical events was sentenced Tuesday to 87 months in federal prison for admitting he had received a digital image of child pornography. Steven A. Black, 61, of the 200 block of West DeWald Street, made a brief, inaudible statement to U.S. District Court Judge Theresa L. Springmann before she accepted his plea agreement and meted out the recommended sentence. - - - - - - - - - - Pentium 4 loophole could let in hackers Intel is acting to calm fears that technology in its Pentium 4 processors will enable hackers to steal passwords by reading "footprints" in the cache. Hyperthreading, introduced in Intel's Pentium 4, could allow hackers to access secure information, according to Colin Percival, a 23-year-old Ph.D. student from Vancouver, British Columbia. The technology makes software run faster by letting two threads run on the same processor at the same time. - - - - - - - - - - Bilingual Sober Virus Travels Far and Wide Sober has contained German messages since it was first identified. "If you look at the first couple of variants of Sober, they didn't even spread outside of Germany," noted Bruce Hughes, senior virus researcher at Trend Micro. "But they spread so much in Germany that the antivirus vendors inGermany were overwhelmed." - - - - - - - - - - Commwarrior virus marches on The cell phone virus Commwarrior recently surfaced in Italy, in a sign that destructiveness of the Symbian OS nemesis is reaching a boil after simmering for months. As feared, the virus is showing its propensity for spreading. Italy is the third nation in only three weeks to suffer Commwarrior attacks, according to security experts F-Secure. The other nations are India and Oman. - - - - - - - - - - 14 African countries agree to standardize cyberlaws The 14 member countries of the Southern Africa Development Community (SADC) plan to harmonize their cybercrime laws to ease the prosecution of cross-border crimes, according to government officials.,10801,101755,00.html Cybercrime fight lack funds - - - - - - - - - - Special cells for cyber crime in Mah Nagpur: Maharashtra police would set up special cells in Nagpur, Pune and Thane to firmly deal with the growing economic and cyber crimes, state Director General of Police P S Pasricha said today. "The cell will be headed by an officer of the rank of Deputy Commissioner", he told reporters here in reply to a query that his immediate predecessaor K K Kashyap had made obervations here that criminals are ahead of police personnel. - - - - - - - - - - Susilo Wants Closer Cooperation In Curbing Transnational Crimes Indonesian President Susilo Bambang Yudhoyono, Tuesday called for closer cooperation among the police forces of the 10 Asean countries to more effectively check and curb the increasing rate of transnational crimes. Closer cooperation was very much needed as the nature of crimes committed now was very different from that in the past, he said, citing examples like terrorism, drug trafficking, human trafficking, commercial crime, money laundering and cyber crime. Host Forum on Global Cyber Crime: "Battling International Organized Cyber Crime" - - - - - - - - - - Privacy advocates confident about ID card defeat Campaigners hope that a 'damning' report will blow the controversial ID card scheme out of the water. A leading privacy organisation claims government plans to introduce national ID cards will be defeated thanks to the publication of a new report from the London School of Economics (LSE).,39020651,39198892,00.htm - - - - - - - - - - GAO: Federal agencies lack basic wireless security More than two years after the National Institute of Standards and Technology warned of the security risks posed by wireless networks, a new study shows that government agencies have done little to improve wireless security. Technology alarmism in spades - - - - - - - - - - Study examines motives for office sabotage Corporate insiders who sabotage computers so sensitive they risk endangering national security or the economy commonly are motivated by revenge against their bosses, according to a government study released Monday. - - - - - - - - - - Invalid banking cert spooks only one user in 300 Up to 300 BankDirect customers were presented with a security alert when they visited the bank's website earlier this month and all but one dismissed the warning and carried on with their banking. The bank's logs show about 300 customers used the single affected server during the 11-hour period when the certificate was out of date and only one backed out of the page, says Clayton Wakefield, head of technology for BankDirect owner ASB. - - - - - - - - - - Phishing gets personal Fraudsters are using stolen information to lure victims into divulging additional sensitive information in a new form of phishing attack. These so-called personalised phishing attacks target individual named accountholders at specific banks, according to anti-fraud software firm Cyota. - - - - - - - - - - Microsoft looks to "monkeys" to find Web threats Researchers for the software giant are building a system of Windows XP clients that crawl the Web finding sites that use unreported vulnerabilities to compromise unsuspecting users. Researchers at Microsoft are creating their own version of a million monkeys to crawl the Internet looking for threats in an effort to secure the Web for Windows. - - - - - - - - - - Messaging spreads office gossip One in five people in the UK are using instant messaging at work but the majority of firms are failing to regulate its use. In an online survey commissioned by security firm Akonix, a quarter of users admitted they see IM as the perfect vehicle for office gossip. Another quarter say they have used it to send something their boss wouldn't approve of. And 16% have sent or received sensitive company information via IM. - - - - - - - - - - Tor Torches Online Tracking Privacy tools can sometimes create strange bedfellows. That's what has happened with an anonymizer system that was originally developed and funded by the U.S. Naval Research Laboratory to help government employees shield their identity online. It is now being co-funded and promoted by the civil liberties group Electronic Frontier Foundation. The system, called Tor, allows users to surf the internet, chat and send instant messages anonymously.,1848,67542,00.html - - - - - - - - - - DOD prepares biometric ID system for U.S. bases in Iraq The Defense Department is fine-tuning a $75 million biometric identification system designed to improve force protection at U.S. military bases in Iraq, said officials involved with the project. At a recent demonstration, DOD officials said the state- of-the-art system will use biographical data, facial photographs, fingerprints and iris scans collected from Iraqis and other non-U.S. citizens who want to work on U.S. bases in Iraq to develop ID cards that cannot be counterfeited. - - - - - - - - - - DISA inundated with security data, seeks enterprise tools The Defense Information Systems Agency collects hundreds of terabytes of security-related data from its various firewalls, intrusion detection systems and other network defense mechanisms. - - - - - - - - - - In Malaysia, it's a hackers heaven Hackers know best. As far as they are concerned, the Internet security of most organisations in Malaysia is far from secure. "The system administrators of the organisations or companies should pay attention to the latest in information technology," said Anonymous, 24, a hacker from Shah Alam. "It is easy to hack a website and to find weaknesses in the system. Even a primary school kid can do it. - - - - - - - - - - IT security risks extend beyond viruses Viruses are getting more virulent, and hackers faster and smarter. The threat of a zero-day virus attack is rapidly becoming a reality. These risks, according to Jean-Noel Ezingeard, Professor of Management Studies at Henley Management College in the U.K., while concerning, are not what should be keeping CIOs and IT managers awake at night. Lax security leaving networks wide open - - - - - - - - - - Microsoft Tries to Leapfrog the Consumer Security Problem Sometimes it's amazing to see how Microsoft can take their time with things that others view as a crisis, and there's no better example than security. Nearly two years after Microsoft bought an anti-virus company, they have finally decided what to do with it.,1759,1816379,00.asp - - - - - - - - - - Spyware wars Congress has spyware in its sights. The very thought of it gives me goose bumps, and not in a good way. Remember that woefully ill-advised CAN-SPAM Act (see: "U.S. Congress Makes No Progress On Spam"), which President George W. Bush signed into law in early 2004? In its 17 months of existence, it's done very little to stem the tide of spam clogging our e-mail in- boxes. When last I checked, spam still constituted more than half of the e-mail sent on the Internet. And in March of this year, a few senators got all fired up about phishing. Anti-Spyware Activists Seek to Recruit Advertisers,1759,1816805,00.asp eSafe 5 Targets 'Drive-By' Spyware Sites,1759,1816444,00.asp Worst Browser Threats May Not Be Security Holes - - - - - - - - - - Sasser: The Last Big Network Worm? Debby Fry Wilson has more than a few reasons and sleepless nightsto remember Sasser, the last major network worm to clog Windows systems around the world. It was on her birthday, a year ago this month, when the first Sasser reports started filtering in and, for Wilson and her colleagues at the MSRC (Microsoft Security Response Center), the outbreak presented an opportunity to test a new emergency-response system that had just been implemented by Microsoft.,1759,1816530,00.asp - - - - - - - - - - Business continuity in the face of terrorism Before Richard Clarke published his book, Against All Enemies: Inside America's War on Terror, and became associated with election year politics, he was a senior security adviser to the White House with expertise in counterterrorism and homeland security. After Sept. 11, 2001, Clarke met twice with a CIO organization that called itself the Chicago Research Planning Group (CRPG) but has since renamed itself the Security Board.,10801,101770,00.html Businesses unprepared for IT disasters,39020654,39198733,00.htm - - - - - - - - - - Fun with Spam If we can't stop spam, at least we should have fun with it. Most people don't think of fun and spam as residing in the same universe. But if you can't beat it, I say, why not have fun with it? OK, you're right; maybe I have been spending too much time in front of the computer lately. But if spam is going to show up despite my best efforts, I might as well make the best of it. So every day, I try to turn dealing with spam into a series of games.,1759,1816760,00.asp - - - - - - - - - - FCC set to require 911 dialing for Internet phones VoIP phone users reported problems getting emergency help. Internet telephone providers may soon have to offer full emergency 911 calling services under an order that U.S. regulators are expected to adopt Thursday in response to incidents of customers having trouble getting help.,10801,101796,00.html - - - - - - - - - - L.A. County jail tags inmates with RFID The next fashion accessory for some inmates at the Los Angeles County jail will be a radio frequency identification bracelet. The country's largest jail system has launched a pilot project with Alanco Technologies to track inmates using the technology, also known as RFID. - - - - - - - - - - Steamy firehouse raises an eyebrow The report from human resources reads like the plot of a soap opera set inside a firehouse. A county fire medic finds out his wife, also a fire medic, is having an affair with a longtime firefighter who used to be her boss. He complains to human resources, saying the affair violates county policy regarding personal relationships between subordinates and their supervisors. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2005,, Campbell, CA.