NewsBits for June 3, 2005 ************************************************************ Bin Laden Trojan quickly constrained A spam e-mail that promises pictures of a captured Osama bin Laden but carries a malicious attachment has failed to spread widely, security experts said Friday. Millions of copies of various versions of the e-mail were mass-mailed on Thursday, representatives from F-Secure and McAfee said. All versions of the message announced that the al-Qaida leader had been seized and included an attachment called "pics" that, when opened, attempted to download a worm to the victim's PC, the antivirus companies said. http://news.zdnet.com/2100-1009_22-5731405.html http://www.vnunet.com/vnunet/news/2137506/osama-mail-spreads-virus http://www.usatoday.com/tech/2005-06-03-email-virus_x.htm http://www.theregister.co.uk/2005/06/03/osama_trojan/ - - - - - - - - - - S. Korea MSN hack went undetected for days Password-stealing software planted by hackers was active on Microsofts popular MSN Web site in South Korea for days before the worlds largest software company learned about the break-in and removed the computer code. Police investigators and Microsoft specialists are continuing to search for clues to the culprits behind this weeks high-profile computer break-in. More details emerged Friday about the hacking, which targeted subscribers of an online game called Lineage that is popular in Asia. http://www.msnbc.msn.com/id/8078108/ Microsoft admits popular MSN site hacked in Korea http://www.signonsandiego.com/news/computing/20050602-1615-microsofthacked.html http://www.siliconvalley.com/mld/siliconvalley/news/editorial/11809324.htm http://www.securityfocus.com/elsewhere/41092 MSN Korea hack targeted online gamers http://news.zdnet.com/2100-1009_22-5731460.html - - - - - - - - - - Man indicted on child porn possession charges A Waltham man has been indicted on child pornography charges, more than a year after he ordered a video from a company known to sell the illicit material, a Middlesex District Attorney spokeswoman said. The U.S. Postal Service and the Waltham Police Department had been investigating James Casey Jr. since September 2003, when he ordered the video from a company known to sell and distribute child pornography, spokeswoman Melissa Sherman said. Casey, 35, is charged with six counts of possession of child pornography. http://www.dailynewstribune.com/localRegional/view.bg?articleid=56758 - - - - - - - - - - MPAA files new round of swap suits Hollywood studios filed a new round of lawsuits Thursday against individuals accused of trading copyrighted movies online. This is the Motion Picture Association of America's fifth round of suits against individual file-swappers, but the group has not provided details about the number or location of people targeted. http://news.com.com/2110-1030_3-5730072.html New wrinkle in movie swapping http://news.com.com/New+wrinkle+in+movie+swapping/2100-1025_3-5731042.html - - - - - - - - - - Triple-Barreled Trojan Attack Builds Botnets Anti-virus researchers are sounding the alert for a massive, well-coordinated hacker attack using three different Trojans to hijack PCs and create botnets-for-hire. The three-pronged attack is being described as "unprecedented" because of the way the Trojans communicate with each other to infect a machine, disable anti-virus software and leave a back door open for future malicious use. http://www.eweek.com/article2/0,1759,1823633,00.asp Experts Warn of Growing Trojan Threat http://www.eweek.com/article2/0,1759,1823498,00.asp CA details 'remarkably sophisticated' Web attack http://www.computerworld.com/securitytopics/security/story/0,10801,102214,00.html Hackers plot to create massive botnet http://www.theregister.co.uk/2005/06/03/malware_blitz/ - - - - - - - - - - New Mytob worm poses as IT administrator Another variant of the Mytob worm began wiggling its way into inboxes this week, enticing recipients to open an e-mail attachment that could allow a remote hacker to access and perform commands on an infected machine. http://www.networkworld.com/news/2005/060105-mytob-worm.html Mytob writers could be creating a superbug http://www.computerworld.com/securitytopics/security/story/0,10801,102220,00.html - - - - - - - - - - Commwarrior cell phone virus marches on Network security experts F-Secure say there's a relatively simple reason why even the savviest cell phone owners are falling prey to a new virus. Phone owners are duped because the virus, known as Commwarrior, is attached to premium cell phone e-mail known as MMS, which makes incoming e-mail look as if it was sent by someone the victim knows, according to F-Secure's analysis of an interview with a Commwarrior victim in Finland. http://news.zdnet.com/2100-1009_22-5729695.html - - - - - - - - - - Zombie war goes worldwide Give the Federal Trade Commission some credit: It has some marketing skills. "Operation Spam Zombies" got plenty of play recently both because it is a good idea and because the name attracted a lot more attention than it would have if it were, say, "Operation Computer Spring Cleaning." Yawn. Seriously, the FTC had a program a year or so ago called Operation Secure Your Server. I'm sure you recall that. Aside from its attention-grabbing name, Operation Spam Zombies appears to at least have some strategy behind it. http://www.it-observer.com/news.php?id=5175 - - - - - - - - - - Phishers going after small fry Phishers are widening their net to take in credit unions, according to a new report. While most of the fraud schemes still focus on big businesses such as major banks, smaller financial companies are increasingly being hit said the report, published Friday by the Anti-Phishing Working Group. "Hackers are modifying their attack methods by shifting away from attacking popular or large institutions," the monthly report said. http://news.zdnet.com/2100-1009_22-5731174.html Hilton customers targeted by phishers http://www.vnunet.com/vnunet/news/2137481/hilton-customers-targeted-phishers - - - - - - - - - - N.K. hacking ability matches that of CIA, analyst says North Korea has hundreds of well-trained cyber soldiers and its intelligence warfare capabilities are believed to have reached the level of the U.S. Central Intelligence Agency, a South Korean arms expert said yesterday. Computers are a rarity and Internet access is almost nonexistent for most people in the reclusive country, but Byun Jae-jung, researcher at a state-run Agency for Defense Development, believes that "North Korea is capable of cyber attacks on both the command and control system of the U.S. Pacific Command and the critical infrastructures of the U.S. mainland, such as electric power." http://www.koreaherald.co.kr/SITE/data/html_dir/2005/06/03/200506030002.asp - - - - - - - - - - Code-Abiding Porn to Get .xxx Domain The nonprofit organization that oversees Internet addresses has approved a new online neighborhood specifically for pornographic Web sites: the .xxx domain. The Internet Corporation for Assigned Names and Numbers said on Wednesday that it had approved a new "top-level domain" specifically for adult- oriented Web sites that voluntarily agree to adhere to a set of "industry best practices." http://www.washingtonpost.com/wp-dyn/content/article/2005/06/02/AR2005060201927.html - - - - - - - - - - Next Anti-Spyware Group Pushes for Standards A group of anti-spyware software makers and public- interest groups is forming a new coalition to define spyware, according to an executive at the Center for Democracy and Technology, which is running the coalition. The Anti-Spyware Coalition, which met for the first time last week, includes leading anti-spyware vendors Aluria Software LLC, Computer Associates International Inc. and Webroot Software Inc. http://www.eweek.com/article2/0,1759,1823707,00.asp Group seeks spyware's defining moment http://news.zdnet.com/2100-1009_22-5730290.html http://news.zdnet.co.uk/0,39020330,39201805,00.htm - - - - - - - - - - Hack can upgrade XP Home to XP Pro Lite German computer magazine C'T claims that by changing only 2 bytes from the file setupreg.hiv in Windows's XP Home kit, users can get access to certain functions only avalaible in Windows XP Professional, such as Remote Desktop, User management and enhanced security features. http://www.theregister.co.uk/2005/06/03/xp_hack/ - - - - - - - - - - Google's Long Memory Stirs Privacy Concerns When Google Inc.'s 19 million daily users look up a long-lost classmate, send e-mail or bounce around the Web more quickly with its new Web Accelerator, records of that activity don't go away. In an era of increased government surveillance, privacy watchdogs worry that Google's vast archive of Internet activity could prove a tempting target for abuse. http://www.eweek.com/article2/0,1759,1823547,00.asp http://www.cnn.com/2005/TECH/internet/06/03/google.privacy.reut/index.html - - - - - - - - - - Two-pronged tech aims to plug data leaks Information security provider Tablus is expected to unveil on Monday a two-pronged approach to stopping leaks of sensitive corporate information. The company has integrated its Content Alarm NW product for networks with Content Alarm DT for desktop computers, which is based on technology picked up in Tablus' recent acquisition of Indigo Security. The package aims to provide a single dashboard to monitor and manage data to prevent it from being copied, printed or transmitted in violation of a company's policies. http://news.zdnet.com/2100-1009_22-5731369.html - - - - - - - - - - Uneasy Rider Ask Jeeves didn't ask before installing a search tool on millions. The unwanted traveler hovers underneath the URL box on my copy of Internet Explorer, just below the invaluable Google toolbar. It's called the MySearch toolbar. It waits silently, begging me to enter a search term so it can whisk me to a page that contains advertising links for companies that paid for placement. http://www.msnbc.msn.com/id/8086560/site/newsweek/ - - - - - - - - - - Your E-Mail Is Getting a Reputation Opinion: I hereby declare that DomainKeys has won the SMTP authentication battle. But the war against mail abuse isn't over, and the next stage isn't well-understood. It's taken so long for e-mail authentication to get to this point that you might assume the whole idea had failed and been forgotten. Not true. The really important work has gone on, out of the spotlight. http://www.eweek.com/article2/0,1759,1823338,00.asp Leader: Spam laws shame the UK http://software.silicon.com/security/0,39024655,39130948,00.htm - - - - - - - - - - Entrepreneur's plan for voluntary biometric ID gets first taker Since the federal government began letting select frequent fliers with new high-tech passes speed through airport security checkpoints, one of the biggest complaints has been that the year-old program is too limited to be of much use. Now, a privately run version coming online in Florida could spur efforts to broaden the program -- and boost media entrepreneur Steven Brill's vision of installing such a system across the nation at airports and other security-sensitive locations. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/11809326.htm - - - - - - - - - - Bushs choice to run Information Sharing Environment draws criticism President Bushs decision to place director of national intelligence John Negroponte in charge of the newly created Information Sharing Environment is a bad idea that will reduce the power of the Homeland Security secretary, a Heritage Foundation scholar said today. http://www.gcn.com/vol1_no1/daily-updates/35990-1.html http://www.govexec.com/story_page.cfm?articleid=31404 *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.