NewsBits for June 9, 2005 ************************************************************ Israel espionage case points to new Net threat Experts: Targeted spy attacks could soon be common. Executives of top telecom firms accused of spying on each other. A jealous ex-husband suspected of monitoring his former in-laws. Private investigators implicated in computer-hacking-for-hire; one now involved in a possible attempted suicide. So much bad publicity, government officials worry it might impact the entire nations economy. http://www.msnbc.msn.com/id/8145520/ Trojan suspect throws himself down Israeli cops stairs http://www.theinquirer.net/?article=23827 - - - - - - - - - - Warner Gets a Jump on Film Pirates in China In a groundbreaking response to movie piracy, Warner Bros. Entertainment released its latest film on DVD in China the same day it debuted in U.S. theaters. The goal for Warner is to battle rampant piracy in China by giving movie fans a legitimate alternative to bootlegs. But the boldness of Warner's action, which it took last week with no fanfare, was tempered by its choice of movie: "The Sisterhood of the Traveling Pants," a relatively low-budget film that the studio had not planned on releasing in Chinese theaters. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-dvd9jun09,1,5124475.story - - - - - - - - - - Mytob worm picks up phishing trick The creators of recent Mytob worm variants have borrowed tricks from phishers to infect more computer users, security experts are warning. The latest Mytob attacks send out an e-mail message that contains a fake URL pointing to a Web site that hosts the malicious worm code, security company Sophos said Wednesday. http://news.zdnet.com/2100-1009_22-5739271.html Mytob variant hides sting in the tail http://www.vnunet.com/vnunet/news/2137705/online-game-ends-murder - - - - - - - - - - ISPs found innocent of aiding zombie attacks in 'trial' Internet service providers were put on "trial" this week with hundreds of IT security professionals serving as jurors, for not doing enough to keep subscribers' computers from being compromised and used as tools in attacks on corporate networks. http://computerworld.com/securitytopics/security/story/0,10801,102373,00.html - - - - - - - - - - Latest Bluetooth attack makes short work of weak passwords Phones, PCs and mobile devices that use the wireless Bluetooth standard for short-range communications are open to eavesdropping attacks if their users do not set long passwords, researchers said this week. The two-step attack can cause two devices to reestablish the link between them, a process known as "pairing," and then use the data exchanged during pairing to guess the password that secures the connection in well under a second. http://www.securityfocus.com/news/11202 - - - - - - - - - - ACLU to challenge Utah porn-blocking law Opponents of a Utah law that requires Internet service providers to offer to block Web sites deemed pornographic will file a lawsuit Thursday to overturn the measure. The American Civil Liberties Union of Utah is seeking an injunction in federal district court in Salt Lake City as part of its lawsuit claiming that the Utah law violates state residents' rights to free expression and unlawfully interferes with interstate commerce. http://news.zdnet.com/2100-9588_22-5738964.html - - - - - - - - - - Leader: Call a spyware a spyware Symantec has taken to the courts to be able to call web browser tools made by Hotbar.com adware. The security firm claims its efforts are motivated by benevolence for the internet and the good of the customer - not by profit. http://software.silicon.com/security/0,39024655,39131118,00.htm - - - - - - - - - - Do Google Ads Help Fund Spyware? Google's sponsored-link ads may have helped turn the world's best-known search engine into a financial powerhouse, but they also are coming under attack for contributing to spyware practices that undermine trust on the Web. Anti-spyware researcher Ben Edelman this week criticized Google Inc. for playing a role in the distribution of browser toolbars that he says violates Google's own principle about software downloads. http://www.eweek.com/article2/0,1759,1825983,00.asp Google Needs to Step Up in Spyware Fight http://www.eweek.com/article2/0,1759,1826004,00.asp Spyware related stories from e-Week http://www.eweek.com/category2/0,1738,1731478,00.asp Spyware probe PI in hospital after fall http://www.theregister.co.uk/2005/06/09/spyware_probe_pi_injured/ - - - - - - - - - - Flurry of Bulletins Due on MS Patch Tuesday Microsoft plans to ship 10 security bulletins to cover a range of potentially serious vulnerabilities in its Windows operating system. After a one-month patching respite, next Tuesday's patch barrage from Microsoft Corp. will cover seven holes in Windows, some rated "critical," the company's highest severity rating. A "critical" rating is used to rate a vulnerability that can be exploited to allow the propagation of an Internet worm without any user action. http://www.eweek.com/article2/0,1759,1826194,00.asp http://news.zdnet.com/2100-1009_22-5739542.html Microsoft fixes Hotmail hack http://www.vnunet.com/vnunet/news/2137707/hotmail-hack-fixed - - - - - - - - - - Study: High-tech firms doing better with online customer privacy Although high-tech companies in the U.S. are doing a better job of respecting the privacy of their online customers, they could be more responsive to customer needs, according to a new study on the respect shown to customers by computer products and services companies. http://computerworld.com/managementtopics/ebusiness/story/0,10801,102382,00.html - - - - - - - - - - Forum host grapples with cyberattack Web bulletin boards hosted by Ezboard are slowly coming back online after being hit by a hacker, the company's chief said. In what CEO Robert Labatt called "a very precise and malicious Internet attack," all of the historical postings on all of Ezboard's forums were erased late in the evening on May 30, Memorial Day in the United States. A significant amount of back-up data was also lost, he said Thursday, noting that some data will never be restored. http://news.zdnet.com/2100-1009_22-5739605.html - - - - - - - - - - Crime Scene Investigation: Dimension Data Dimension Data today announced a new managed service for security - Incident Management and Response Service. The customised service includes everything from training and the management skills required to enable staff to provide these services in-house, to an ongoing and fully outsourced offering. A global first for Dimension Data, this solution proactively and reactively combats computer security incidents by assisting organisations in creating and following a planned response, rather than reacting to incidents in an ad hoc manner. http://www.computerworld.com.au/index.php/id;1073360499 - - - - - - - - - - Oracle, IBM update identity management packages Oracle Corp. and IBM this week reinforced their identity management software offerings with new features and functions. The Oracle Identity Management suite is an update and integration of the technology Oracle acquired when it purchased Oblix in March. The suite can now run across operating systems, directories, application servers and applications from different vendors, according to Amit Jasuja, vice president of development at Oracle. http://www.computerworld.com/securitytopics/security/story/0,10801,102364,00.html - - - - - - - - - - Agencies said to overlook ID tag privacy and security issues As the private and public sectors adopt technology allowing commuters to travel through toll booths and librarians to track the location of books, security and privacy concerns have gone unheeded, according to congressional auditors. Best known for tracking materials in warehouses, radio- frequency identification technology rapidly is ushering out the era of the bar code and the magnetic strip for identifying documents, materials and people. http://www.govexec.com/story_page.cfm?articleid=31422 RFID Tags Need Privacy Policies http://www.newsfactor.com/story.xhtml?story_id=02100000GAXI - - - - - - - - - - Cash, Charge or Fingerprint? Retailers Experiment With Biometric Payment To Speed Up Service And Prevent Fraud, A Move That Worries Some Privacy Advocates. Three or four days a week, Darren Hiers gets lunch at a Sterling convenience store near the car dealership where he works. He grabs a chicken sandwich and a soda and heads to the checkout counter, where a little gadget scans his index finger and instantly deducts the money from his checking account. Hiers doesn't have to pull out his wallet to buy lunch -- and if it were up to him, he'd never have to write a check or swipe a credit card again. http://www.washingtonpost.com/wp-dyn/content/article/2005/06/08/AR2005060802335.html - - - - - - - - - - U.S. easing off on European e-passports The United States reportedly looks set to ditch its demand that EU visitors to the country have biometric passports by this October. According to a report Thursday in the Financial Times, U.S. and European officials said the plans are set to be shelved in order to prevent disruption in transatlantic travel and to prevent travelers from being put off visiting the United States as a result. http://news.zdnet.com/2100-1009_22-5739467.html - - - - - - - - - - The Citi Sleeps Lynne B. Barr, a Boston-based partner at law firm Goodwin Procter LLP, recently observed that "virtually every day, either the evening news, the trade news or the front page of the Wall Street Journal talks about another data security leak." Today was just another one of those days. This time, Citigroup (New York, $1.49 trillion in assets) came under scrutiny with its revelation that its computer tapes were lost in transit by shipping and logistics provider UPS (Atlanta). http://www.banktech.com/news/showArticle.jhtml;jsessionid=HA2GU5FJBVGAMQSNDBCCKHSCJUMEKJVN?articleID=164301262 - - - - - - - - - - The poor man's pharm DNS poisoning requires elite hacking skills, which is why most analysts believe it falls short of a large-scale threat. But before you get too complacent, take notice of the poor man's pharm, a less sophisticated and far less costly way to hijack Web page requests and forward unsuspecting users to counterfeit sites. http://computerworld.com/securitytopics/security/story/0,10801,102361,00.html - - - - - - - - - - The Scramble to Protect Personal Information Perhaps more than most corporations, Citigroup knows the perils of moving personal data. In February last year, a magnetic tape with information on about 120,000 Japanese customers of its Citibank division disappeared while being shipped by truck from a data management center in Singapore. The tape held names, addresses, account numbers and balances. It has never turned up. http://www.nytimes.com/2005/06/09/business/09data.html - - - - - - - - - - Gartner lambasts security FUDmongers Some organisations are holding back on the deployment of new technologies because of exaggerated IT security risks, according to Gartner. The analyst firm took aim at what it identified as the five most over- hyped threats at the end of a three-day IT security conference at its Stanford, Connecticut HQ, this week. http://www.theregister.co.uk/2005/06/09/gartner_attacks_fud/ - - - - - - - - - - FBI Outlines Plans For Computer System Program Will Replace Canceled Project. The FBI laid out its strategy yesterday for creating a more ambitious computerized case management system than the $170 million project it had planned but ultimately abandoned because the program was beset by hundreds of deficiencies. http://www.washingtonpost.com/wp-dyn/content/article/2005/06/08/AR2005060802329.html FBI CIO: Case management efforts moving forward http://computerworld.com/governmenttopics/government/story/0,10801,102365,00.html FBI names new chief of information management project http://www.govexec.com/story_page.cfm?articleid=31458&sid=28 *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.