NewsBits for June 13, 2005 ************************************************************ Japanese 'Yahoo! phisher' arrested Japanese police today arrested a man from Osaka who allegedly ran an Internet phishing scam based around a site called Yafoo. The Yafoo site was, reportedly, almost identical to the popular Yahoo auction site. According to The Asahi Shimbun the man wasn't nabbed for tricking internet users into providing personal information, but - believe it or not - for violating the Copyright Law. The web site contained a logo owned by Yahoo Japan, but it said "Yafoo!" instead of "Yahoo!" http://www.theregister.co.uk/2005/06/13/japan_phishing/ http://www.msnbc.msn.com/id/8203128/ - - - - - - - - - - Motorola downplays data security breach A pair of computers containing personal information on Motorola workers stolen from the office of a third party contractor has sparked a minor security flap. The theft from the Chicago-area offices of human resources outsourcing firm Affiliated Computer Services resulted in the disclosure of the names and social security numbers - but not financial information - of an unspecified number of Motorola staffers. http://www.theregister.co.uk/2005/06/13/motorola_worker_data_security_breach/ http://news.zdnet.com/2100-1009_22-5743173.html http://www.eweek.com/article2/0,1759,1827276,00.asp - - - - - - - - - - Skulls Trojan poses as security code Virus writers have created mobile phone malware that poses as a pirated copy of F-Secure's mobile anti-virus software. Skulls-L is a minor modification of the Skulls-C Trojan. Only the names have altered to leave the innocent at risk: Skulls-L unlike Skulls shares the same name as F-Secure's mobile anti-virus installation package, and the Trojan shows dialog text "F-Secure Antivirus protect you against the virus. And don`t forget to update this!" http://www.theregister.co.uk/2005/06/13/skulls_trojan_f-secure/ Smart-Phone Trojan Poses as Anti-Virus App http://www.eweek.com/article2/0,1759,1827394,00.asp - - - - - - - - - - Hong Kong plans to enact anti-spam law Hong Kong plans to enact an anti-spam law next year to crack down on companies that send unsolicited e-mails or make automated telemarketing calls to consumers, an official has said. http://www.msnbc.msn.com/id/8202463/ - - - - - - - - - - Puddle Phishing" Hits Small Banks, Credit Unions Phishers are baiting users of smaller banks, a security firm says, calling the practice "puddle phishing." Phishers are baiting users of smaller banks, a security firm said Monday, calling the practice "puddle phishing." "In the past, phishers focused on mainstream consumer sites with millions of users, but now the targets are becoming much smaller and more localized," said Dan Hubbard, senior director of security at Websense, in a statement. http://www.informationweek.com/story/showArticle.jhtml?articleID=164302700&tid=6004 - - - - - - - - - - Banks must allay customers' net banking fears Consumers are becoming wary of internet banking. Concerns about phishing, pharming and keyloggers mean customers are now afraid someone might loot their bank account without them knowing it. http://www.stuff.co.nz/stuff/0,2106,3311615a11275,00.html - - - - - - - - - - Cyber scouts to scour networks for holes Security experts have warned that vulnerability assessment worms, which assess computers for security flaws and relay the information back to the author, are likely to become more of a threat. James Kay, the chief technology officer of Blackspider, said on Friday that vulnerability assessment worms are quite rare at the moment but their number will probably increase as virus writers focus their attacks more carefully and try to avoid detection. http://software.silicon.com/security/0,39024655,39131135,00.htm - - - - - - - - - - Internet Piracy Sails On Combatants and spectators in the Internet piracy war are checking their watches right about now. They're waiting for the Supreme Court to issue a decision that could shape the future of how people in America get their entertainment. http://www.washingtonpost.com/wp-dyn/content/article/2005/06/13/AR2005061300540.html Hollywood's Boogeyman Is Getting Bigger http://www.nytimes.com/2005/06/13/technology/13drill.html - - - - - - - - - - Visa USA adds tool to its credit card antifraud arsenal Aiming to reduce credit card fraud, Visa USA Inc. has launched a security tool that allows merchants to instantly check transactions in stores or online, so they can identify fraud before a transaction is completed. http://www.computerworld.com/securitytopics/security/story/0,10801,102472,00.html - - - - - - - - - - Liberty Alliance takes on ID theft In the wake of several high-profile data breaches, the Liberty Alliance is branching out to take on identity theft. The organization, formed to develop technology standards for online authentication, plans to launch its Identity Theft Protection Group on Tuesday. Headed by representatives from American Express and Fidelity Investments, the new effort plans to release an identity theft glossary next month and to subsequently come up with ways to prevent ID theft. http://news.zdnet.com/2100-1009_22-5744641.html - - - - - - - - - - NIST Preps Compliance Testing Guidelines The National Institute of Standards and Technology will soon begin releasing guidelines that federal agencies can use to assess their compliance with a set of mandatory information-security rules due to take effect early next year. http://computerworld.com/securitytopics/security/story/0,10801,102422,00.html - - - - - - - - - - Net porn domain .xxx advances A red-light district tentatively cleared for construction on the Internet -- the .xxx domain -- is being billed by backers as giving the $12 billion online porn industry a great opportunity to clean up its act. A distinct online sector for the salacious, one with rules aimed at forbidding trickery, will reduce the chances of Internet users accidentally stumbling on porn sites, they argue. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/11883399.htm Will Porn Migrate to .XXX? http://www.wired.com/news/culture/0,1284,67829,00.html A new answer to Internet pornography proliferation http://www.usatoday.com/tech/news/techpolicy/2005-06-13-internet-porn_x.htm - - - - - - - - - - Mobile & Wireless World to focus on Wi-Fi, security, RFID When it comes to mobile and wireless technology, what keeps a CIO up at night? John Wade, CIO of the Saint Luke's Health System in Kansas City, Mo., said he faces many of the same problems confronting other CIOs when it comes to supporting mobile and wireless technology in a large organization. http://computerworld.com/securitytopics/security/story/0,10801,102463,00.html - - - - - - - - - - IBM, Microsoft Invest in RFID Despite Lull With initial RFID deadlines from retailers such as Wal-Mart Stores Inc. past, the fervor around the electronic tagging technology is quieting in part because of the elusive benefits of radio-frequency identification data. The lull, however, has done little to slow investments in the technology by major software developers IBM and Microsoft Corp., both of which have new RFID technologies in the works. http://www.eweek.com/article2/0,1759,1826630,00.asp RFID Helps Stop Power Tools From 'Walking Off' Job Sites http://informationweek.com/story/showArticle.jhtml;jsessionid=UXFN4ZLKBZHPKQSNDBGCKHSCJUMEKJVN?articleID=164302475 Microsoft Previews RFID Infrastructure http://redmondmag.com/news/article.asp?EditorialsID=6739 - - - - - - - - - - Law and the Spyware Plague After a U.S. Senate hearing earlier this month, one senator was quoted as likening spyware to "somebody walking around your house, kind of invisibly." The analogy was inadequate. http://computerworld.com/securitytopics/security/story/0,10801,102393,00.html - - - - - - - - - - US expected to abandon Biometric passport plan Rules requiring Irish citizens to carry high-tech passports when visiting the US are to be dropped because the technology behind the scheme is seen as unreliable. The US Department of Homeland Security had previously set an October 2005 deadline for the inclusion of biometric information chips in the passports of European citizens who avail themselves of the Visa Waiver programme. http://www.theregister.co.uk/2005/06/13/us_bio_passports/ - - - - - - - - - - NRC to restore docs following security review The Nuclear Regulatory Commission (NRC) announced last week it will restore more than 70,000 documents to its online library for public view in a continuing effort to scrub its site of sensitive documents. About 5,000 documents per day will be restored to the site to limit the impact on the NRCs electronic records system, which is expected to be completed by June 20. http://www.fcw.com/article89201-06-13-05-Web - - - - - - - - - - The Force is strong with Firefox Firefox is still chipping away at Internet Explorer's market share. Although IE's share is colossal, Firefox is consistently increasing its share by between 0.5% and 1% from month to month. Its reach is growing beyond tech-savvy early adopters and into the mass market, according to NetApplications.com, which compiled the data from more than 40,000 websites monitored by its HitsLink.com service, which identifies among other things the type of browser visitors are using. http://www.crime-research.org/news/13.06.2005/1298/ - - - - - - - - - - Invisible Encryption Why didn't this happen sooner? Seagate Technology has just announced a hard disk drive for laptops and other mobile devices that automatically encrypts all data as it goes into and comes out of the drive. Result: Nothing on the drive is accessible unless you know the password. If you lose your laptop with a drive like this installed, that's all you lose. The data is safe from prying eyes -- a thief can't even boot it up. http://computerworld.com/securitytopics/security/story/0,10801,102414,00.html Data losses push businesses to encrypt backup tapes http://www.usatoday.com/tech/news/2005-06-13-encrypt-usat_x.htm Data Slips Call for Safer Storage http://www.newsfactor.com/story.xhtml?story_id=03100000O3H2 - - - - - - - - - - Dear Sir: Your Data Was Stolen You haven't been properly inaugurated into the 21st century until you get a letter warning that your personal information has been stolen and you may be a victim of fraud. I received my letter a few weeks ago. The University of California at Berkeley, where I attended journalism school as a graduate student, wrote to tell me that a computer containing my social security number was stolen in March. http://www.wired.com/news/privacy/0,1848,67811,00.html - - - - - - - - - - Live Online: Washington Post columnist Rob Pegoraro will be online to field your questions and discuss his latest column, which examined password management. Rob writes that computers can remember complex bits of data effortlessly, but people routinely fumble that task. http://www.washingtonpost.com/wp-dyn/content/discussion/2005/06/06/DI2005060600562.html Password Insecurity and a Laptop Review http://www.washingtonpost.com/wp-dyn/content/article/2005/06/11/AR2005061100171.html - - - - - - - - - - Shred It! The second worst thing you can do in the face of a government investigation is to destroy the documents relevant to that investigation. The worst thing you can do, of course, is to almost destroy these documents. http://www.securityfocus.com/columnists/332 - - - - - - - - - - Police arrest nine after alleged violent DVD hits Fresno stores Nine people have been arrested here after a DVD depicting gangs and crime in the city's southwest and southeast neighborhoods showed up for sale at local stores, police said. The arrests came 10 days after "Fresno Uncensored" was released June 1 to three area stores, and police viewed the footage. Fresno Police Chief Jerry Dyer called the film "a slap to the face" of the community. http://www.mercurynews.com/mld/mercurynews/news/11879493.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.