NewsBits for June 29, 2005 ************************************************************ FBI looks into possible hacking The FBI is investigating whether a former P&H Mining Equipment employee hacked into the company's computer system from his home and copied files of projects he had worked on. The FBI has seized about a dozen computers from the suspect's Milwaukee home and is analyzing them for evidence that could result in criminal charges. The former employee, a computer systems administrator, has not been charged with a crime and is not being named for this article. http://www.it-observer.com/news.php?id=5236 - - - - - - - - - - Prosecutors cut 6 counts in Acxiom hacker case U.S. attorneys want to drop six of 144 charges against Florida spammer Scott Levine, two weeks before he stands trial on charges that he orchestrated a massive data theft from Little Rock's Acxiom Corp. http://www.it-observer.com/news.php?id=5237 - - - - - - - - - - Hacker cracks Google video security The Norwegian who became a hacker hero for developing software to crack DVD encryption has posted a program to break the lock on Google's brand-new video viewer. Jon Lech Johansen's latest program was posted on his "So sue me" website on Tuesday. That was just one day after Google, the internet-leading search engine, launched free software allowing users to watch videos. http://www.it-observer.com/news.php?id=5243 http://www.siliconvalley.com/mld/siliconvalley/news/editorial/12014743.htm http://www.msnbc.msn.com/id/8404090/ http://www.wired.com/news/technology/0,1282,68038,00.html http://www.usatoday.com/tech/news/computersecurity/hacking/2005-06-29-dvd-jon-google_x.htm - - - - - - - - - - FBI probes possible eBay phishing A Norwegian Internet radio site has been shut down pending an FBI investigation of a possible attempt to swindle customers of the eBay Web auction house, the company hosting the site said Wednesday. "EBay had found a possible swindle attempt, and contacted the FBI. Then they contacted us, and we shut down the account immediately," Trond Didrichsen, of the site host lettnett.no, said by telephone. http://www.msnbc.msn.com/id/8405442/ - - - - - - - - - - Tech firms call for approval of cybercrime treaty Computer security and software companies are urging the U.S. Senate to approve the world's first treaty targeting cybercrime. A letter from the groups, including the Business Software Alliance, VeriSign, InfraGard and the Cyber Security Industry Alliance, called on senators to ratify the controversial document, which was the subject of a brief flurry of attention last year before it expired without a floor vote. http://news.zdnet.com/2100-1009_22-5768462.html - - - - - - - - - - India to tighten data protection laws Indian Prime Minister Manmohan Singh has asked for changes in the country's cybersecurity laws to protect the data in foreign work handled by Indian companies. In a meeting Wednesday, Singh directed the Department of Information Technology to hasten the process of amending the Indian IT Act to ensure that any breach of secrecy and any illegal transfer of commercial or privileged information is made a punishable offense. http://news.zdnet.com/2100-1009_22-5768412.html http://www.newsfactor.com/story.xhtml?story_id=13100002VQWY - - - - - - - - - - Internal attacks blighting banks As the threats from outside decrease, financial services firms' security officers are seeing a massive rise in internal breaches. Financial services firms are facing more internal security breaches than external hacking and virus attacks, according to consultancy firm Deloitte. http://news.zdnet.co.uk/internet/security/0,39020375,39205936,00.htm - - - - - - - - - - New Worm Kedebe-F Circulates with Conspiracy Theories In messages containing supposed news items, the links promise exclusive material not covered in the mainstream press. One message about the recent death of Pope John Paul II purports to contain a document stolen from a secret government body and describes how the Popeactually was killed as part of a larger plot. http://www.newsfactor.com/story.xhtml?story_id=13100002VMRR http://www.eweek.com/article2/0,1759,1833107,00.asp Fake news spreads email virus http://www.theregister.co.uk/2005/06/29/papal_spyware/ - - - - - - - - - - Spyware blizzard shows no sign of let up Hackers are continuing to target British workers with a series of specially crafted Trojan horse attacks two weeks after a UK government agency issued an unprecedented security warning. The latest batch of malware again targets a small network of specifically targeted domains in assaults designed to slip under the corporate radar and allow hackers to steal privileged information or launch further attacks from compromised systems. http://www.securityfocus.com/news/11233 Hackers unleash industrial spy Trojan http://www.vnunet.com/vnunet/news/2139033/hackers-unleash-industrial-spy - - - - - - - - - - Credit card breach: Tracing who dunnit News that hackers broke into the database of payment processor CardSystems, which contained information on over 40 million credit card accounts, raises the obvious question: Who did it? The FBI is investigating and doesn't discuss cases that are pending. But if recent history is any guide, there's a fair chance the hackers may not be caught, or not anytime soon. http://money.cnn.com/2005/06/28/pf/security_hackers/index.htm A thief stole my credit card number. Am I a victim of identity theft? http://www.wired.com/news/privacy/0,1848,68032,00.html - - - - - - - - - - Password hackers propel identity theft Charlie Cookston responded to what looked like a legitimate e-mail from PayPal, an online payment service. It asked for his user name and his password and he gave them. Turns out it wasn't PayPal, it was a scam. http://www.msnbc.msn.com/id/8408391/ - - - - - - - - - - Bluetooth group offers security tips to avoid attacks After two Israeli researchers published a paper earlier this month explaining how security mechanisms in short-range wireless Bluetooth technology could be quickly undermined, members of the Bluetooth Special Interest Group (SIG) are now urging users to take several precautions. http://www.it-observer.com/news.php?id=5244 - - - - - - - - - - Microsoft Unveils New Security Service Microsoft Corp. has released a free service to replace the mechanism it currently uses to patch Windows computers. The new service, known as Microsoft Update, supplants the traditional "Windows Update" system and promises several new improvements. If you're using Windows XP or XP Professional and have automatic updates turned on, you may have already received a notice prompting you to download the new Microsoft Update, though if I recall from seeing this notice on my screen last night at home Windows Update called it something different, like "package installer." http://blogs.washingtonpost.com/securityfix/2005/06/microsoft_pushe.html As support fades, Microsoft offers Win2000 update http://www.computerworld.com/securitytopics/security/story/0,10801,102860,00.html Trojan masquerades as Microsoft patch http://www.vnunet.com/vnunet/news/2139057/trojan-microsoft-patch - - - - - - - - - - Co-operating with the internet police National Hi-Tech Crime Unit chief Sharon Lemon aims to work with businesses and IT vendors. Since its launch in 2001, the UK's National Hi-Tech Crime Unit (NHTCU) has tracked down dozens of criminals who use the internet to carry out crimes such as blackmail, money- laundering and theft. http://www.vnunet.com/computing/analysis/2139090/operating-internet-police - - - - - - - - - - File-Sharing For Fee The Supreme Court's ruling against Internet file-sharing networks was just what Wayne Rosso was waiting for. Just after midnight, the online music entrepreneur announced a deal with Sony BMG Music Entertainment to distribute the label's music on Rosso's Mashboxx network. Music by Sony BMG artists will be sold through Mashboxx at 99 cents per download, the same price that Apple charges at its iTunes online music store. http://www.washingtonpost.com/wp-dyn/content/article/2005/06/29/AR2005062900549.html - - - - - - - - - - Denial of Service Attacks: "Smurfing" This article provides good information on what a Denial of Service (DoS) attack is and why they can be so harmful to networks and sites on the Internet. The information here provides in-depth information regarding "smurf" and "fraggle" attacks with a focus on Cisco routers and how to reduce the effects of the attack. http://www.it-observer.com/news.php?id=5242 - - - - - - - - - - Fighting EPO Viruses This short article describes the so-called Entry-Point Obscuring (EPO) virus coding technique, primarily through a direct analysis of the Win32.CTX.Phage virus. The reader should know the basics of IA-32 assembly and the main elements of the Portable Executable (PE) file structure to fully understand this article. The author also advises the reader to review the Win32.CTX.Phage description written by Peter Szor and Wason Han , since this article does not cover all the features of the virus. http://www.securityfocus.com/infocus/1841 - - - - - - - - - - Forget fingerprints and eye scans; the latest in biometrics is in vein Fujitsu Ltd. will start selling a biometric security device next month that relies on vein patterns in the hand to verify a user's identity, it said today. The company's palm-vein recognition system has been available in Japan for just over a year and has already achieved some notable success. http://www.computerworld.com/securitytopics/security/story/0,10801,102861,00.html - - - - - - - - - - ID cards bill passes second Commons reading The government's majority was reduced to a slender 31 votes, but the bill has taken another step towards the statute book. The government's majority was slashed by more than half at the ID cards bill vote in parliament on Tuesday, despite Home Secretary Charles Clarke promising a range of concessions in order to stave off a full-scale backbench Labour rebellion. http://news.zdnet.co.uk/business/legal/0,39020651,39206427,00.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.