NewsBits for July 5, 2005 ************************************************************ Brooklyn Youth Denied Bail in Killing During IPod Theft A Brooklyn teenager was arraigned yesterday on murder charges in the killing of a 15-year-old boy, who the authorities say was stabbed to death after more than a dozen youngsters set upon him and three friends and stole an iPod from one of them. http://www.nytimes.com/2005/07/05/nyregion/05ipod.html - - - - - - - - - - German admits creating Sasser The 19-year-old is being tried as a minor behind closed doors. A German youth has admitted to creating the Sasser computer virus during the first day of his trial in Germany. Sven Jaschan is charged with computer sabotage, disrupting public services and illegally altering data. The 19-year-old is being tried as a minor behind closed doors as he was 17 when he wrote the worm. http://news.bbc.co.uk/2/hi/technology/4649361.stm http://www.computerworld.com/securitytopics/security/story/0,10801,102959,00.html http://www.eweek.com/article2/0,1759,1834303,00.asp http://www.vnunet.com/computing/news/2139328/virus-writer-confesses-guilt http://www.theregister.co.uk/2005/07/05/sasser_trial_begins/ http://software.silicon.com/security/0,39024655,39150056,00.htm http://news.zdnet.com/2100-1009_22-5774877.html - - - - - - - - - - S.J.-based grand jury indicts six in child porn investigation Law enforcement officials in Europe and the United States, acting on information contained in a federal grand jury indictment issued in San Jose last month, have arrested the Michigan operator of child pornography Web sites and numerous alleged subscribers, including several in Northern California. The U.S Attorney's Office in San Francisco announced the indictment today, more than two weeks after Edward Aaron Harvey, 35, of Canton, Mich., was charged with advertising child pornography, sending it across state lines and international boundaries, and laundering the proceeds of his sales. http://www.mercurynews.com/mld/mercurynews/news/12059422.htm - - - - - - - - - - Child porn suspects set to be cleared in evidence shambles DOZENS of men accused of downloading child pornography from the internet may have been wrongly prosecuted, according to expert prosecution and defence witnesses. New evidence suggests that Operation Ore, Britains biggest child pornography investigation, may have prosecuted innocent men on the basis of discredited American police testimony and questionable forensic methods. http://www.timesonline.co.uk/article/0,,2087-1678810,00.html - - - - - - - - - - Child porn charges laid against teen A disturbing eye opener for parents today it was announced Thunder Bay Police had laid child pornography charges against a 15-year-old boy. Police held a news conference Monday afternoon where they announced the youth is facing 30 charges stemming from a two-month investigation. http://www.tbsource.com/Localnews/index.asp?cid=75936 - - - - - - - - - - Internet fraud: con artist sentenced to 3 years of jail Novgorod City court has refused to commute punishment for the Novgorod local man charged of Internet fraud. According to the Novgorod police department, a 38-year-old man posted announcements at several websites during 2002-2004 years proposing jobs. He hired Russian people on behalf of fictitious married couples allegedly living in Austria, the USA and France. http://www.crime-research.org/news/02.07.2005/1335/ - - - - - - - - - - Brit nicked for hacking Xbox A 22-year old British man has been convicted for modding an Xbox. The Cambridge graduate was tracked down by an investigator for the trade body Elspa tipped off Caerphilly trading standards and Gwent police. He was sentenced to 140 hours of community service at Caerphilly Magistrates court and must pay PS750 in costs, according to the BBC. http://www.theregister.co.uk/2005/07/05/brit_xbox_chipping/ - - - - - - - - - - Flawed USC admissions site allowed access to applicant data A programming error in the University of Southern California's online system for accepting applications from prospective students left the personal information of users publicly accessible, school officials confirmed this week. The authentication process can be bypassed, and you can find the information for any student who has filled out an application online. http://www.securityfocus.com/news/11239 - - - - - - - - - - Hackers attack Mashreqbank Mashreqbank suspended some of its online banking services last week, citing the threat of hacking attacks. The bank said it had detected evidence it was being targeted by hackers. Customers were sent an urgent e-mail warning to change their passwords from a safe PC and the bank temporarily suspended third-party payments online. http://www.itp.net/news/details.php?id=16534 - - - - - - - - - - Oz watchdog bans mobile porn The Australian Communications and Media Authority (ACMA) - as of 1 July the newly formed face of the Australian Broadcasting Authority and the Australian Communications Authority - has banned hard-core porn from mobile phones. According to various media reports, mobile operators will not be allowed to punt X18+ content or anything which has been refused classification. They will also be obliged to check customers' ages before ejaculating "less offensive" (MA15+ or R18+) moboporn. Furthermore, operators will have to monitor chat room services. http://www.theregister.co.uk/2005/07/05/oz_mobile_smut_ban/ - - - - - - - - - - China signs anti-spam pact China - the world's second biggest producer of spam behind the US - has signed up to an international agreement to crack down on unsolicited email. Beijing has added its name to the list of countries that have adopted the London Action Plan on Spam Enforcement Collaboration - a group that works to target spammers. http://www.theregister.co.uk/2005/07/04/china_spam/ - - - - - - - - - - Indian Air Force gets ready for cyber warfare Information warfare is an emerging area. It relates to computer virus attacks, precision attacks on command and control nodes and soft and hard skill capabilities to significantly degrade or paralyse the information structure of the adversary.Although there is a chance of hackers doing some damage, they cannot affect equipment because they have stand-alone computerised systems integral to the weapon system and equipment. http://www.financialexpress.com/fe_full_story.php?content_id=95482 - - - - - - - - - - Smartphone-breaking Symbian Trojan found A Trojan that travels with the CommWarrior.B mobile phone virus poses a danger to users of Symbian smartphones. A new Symbian Trojan horse called Doomboot.A has been found which loads the virus CommWarrior.B onto Symbian Series 60 smartphones. CommWarrior.B generates enough Bluetooth traffic to drain the battery of a smartphone in less than an hour and rebooting the phone can then cause data loss. http://news.zdnet.co.uk/communications/0,39020336,39207193,00.htm http://www.theregister.co.uk/2005/07/04/symbian_trojan_doomboot/ - - - - - - - - - - Criminals send malware levels soaring Nearly 8,000 different pieces of malicious code have been detected by Sophos this year - mainly emanating from criminal gangs. Security firm Sophos has seen a dramatic rise in the number of viruses, worms and Trojan horses this year as more organised criminals turn to cybercrime. http://news.zdnet.co.uk/0,39020330,39207187,00.htm Phishing Attacks Reach All-Time High http://www.newsfactor.com/story.xhtml?story_id=011000008QB1 - - - - - - - - - - Pop-up smut tops spyware chart A strain of spyware that displays pornographic pop-ups has retained its place as the top spyware nuisance on the net last month. ISTbar was responsible for 3.5 per cent of infections detected by Panda Software's free online malware scanner, more than any other spyware or adware application. ISTbar, which poses as an ActiveX control, acts as an entry-point for other malware, adware and dialers. It also displays pornographic pop-ups, installs a toolbar and changes the home page of browsers on infested PCs. http://www.theregister.co.uk/2005/07/04/spyware_chart/ - - - - - - - - - - Experts: Hackers make way for criminals Spotty teenage hackers who set off global email viruses are being replaced by serious online crooks whose stealth attacks don't make headlines but cause more damage, security software makers said on Tuesday. "Two years ago we stayed up all night, concerned about a great mass-mailing worm," said Mario Juarez, a product manager at the security business unit of U.S.-based Microsoft. http://www.msnbc.msn.com/id/8474294/ - - - - - - - - - - Hackers crack two-factor security IT experts warned today that, contrary to popular belief, two-factor authentication is not secure enough to curb internet banking fraud. "Two-factor is good, but hackers are responding," Graham Cluley, senior technology consultant at Sophos, told vnunet.com. http://www.vnunet.com/vnunet/news/2139253/two-factor-authentication - - - - - - - - - - Credit card fraud is paying The Ukrainian law enforcement detained an Internet con artist who allegedly created quite an efficient scheme of covering his tracks and stole quite a sum out of the EU and US citizens. The hacker has been saving up the sum for 2 years. Starting from 2003, he transferred funds from the compromised credit cards to his own account. http://www.crime-research.org/news/04.07.2005/1336/ - - - - - - - - - - New IE flaw details published All versions of Internet Explorer 6 are affected by a vulnerability that could allow for arbitrary code execution. A patch is not yet available. Microsoft has issued a security advisory for Internet Explorer, after a research firm published a working exploit to demonstrate how attackers could take advantage of the flaw. http://news.zdnet.co.uk/internet/security/0,39020375,39207112,00.htm Warning over unpatched IE bug http://www.securityfocus.com/news/11237 - - - - - - - - - - Will firms foot bill for ID checks? Firms could end up footing a substantial part of the bill for the UK's identity card scheme, it emerged last week. After the government won the latest Commons vote on its controversial plan, the Home Office confirmed it is considering charging firms to verify identities. http://www.vnunet.com/itweek/news/2139259/firms-foot-bill-id-checks - - - - - - - - - - Disk crypto tool secures laptop data UK security firm BeCrypt has updated its Disk Protect drive encryption tool for Windows desktop and laptop systems. The new version offers single- sign-on, secure hibernation, encryption of removable media, and extended support for smartcards. http://www.vnunet.com/itweek/news/2139234/disk-crypto-tool-secures-laptop - - - - - - - - - - Hackers turn to root kits for web attacks Growing in popularity and difficult to beat Security experts at Microsoft today warned of the danger posed by internet root kits which are increasingly being used by hackers in preference to traditional malware such as Trojans.A root kit is a specially formulated piece of malware that gives a hacker full administrator rights to an infected PC, allowing them to change and copy data at will. http://www.vnunet.com/vnunet/news/2139331/root-kits-hackers - - - - - - - - - - A Tool to Wake Up Wi-Fi Zombies Sean Savage wants to hook you up by tearing you away from the internet. The one-time promoter of flash mobs is once again waging battle against digital alienation with a new tool aimed at getting Wi-Fi cafe "zombies" to look up and smell the coffee. The problem: Computers are fabulous at connecting people over a long distance, but they can become a wall between people who are sitting right next to each other. http://www.wired.com/news/culture/0,1284,68056,00.html - - - - - - - - - - Map Hacks on Crack On Wednesday, Google opened a set of programming interfaces for its popular Google Maps service, in the hope hackers will overlay the maps with data from outside sources -- such as wireless cafes. http://www.wired.com/news/technology/0,1282,68071,00.html - - - - - - - - - - After a privacy breach, how should you break the news? Following recent data debacles at ChoicePoint, LexisNexis, Bank of America and other places, more and more people are receiving the dreaded news that their personal information is at risk because of a privacy breach. Based on a recent study conducted by Ponemon Institute, we can provide some insight on what customers' expectations are when they receive notification. http://www.computerworld.com/securitytopics/security/story/0,10801,102964,00.html Financial firms to share ID theft data with FTC http://www.computerworld.com/securitytopics/security/story/0,10801,102963,00.html - - - - - - - - - - Who's to blame? If there's one thing the security industry is really good at, it's pointing fingers. We all like to say that, "security starts with you," so that everyone can share a piece of the mud pie. While we're pointing fingers, let's look at a few groups and individuals and see how they can share the blame for their own insecurity - and prevent the spread of viruses, Trojans and worms. http://www.securityfocus.com/columnists/337 "Scattergun" security leaves businesses exposed http://software.silicon.com/security/0,39024655,39150054,00.htm Tech Alone Can't Stop Security Breaches, Says ChoicePoint CISO http://www.computerworld.com/securitytopics/security/story/0,10801,102930,00.html - - - - - - - - - - Leader: Your security is rubbish? Well d'uh... We want this, and we want that and we want it yesterday... now why isn't it secure? It appears security at the enterprise level is in a right old mess. Too little strategy and too few clues as to how to get it right are dogging companies as they try to tame the manifold threats which exist. http://software.silicon.com/security/0,39024655,39150062,00.htm - - - - - - - - - - Getting Tough on Purveyors of Spam Unfortunately, the legislative strategies that are emerging show that lawmakers aren't willing to do battle with advertisers. This was exactly the mistake that Congress made two years ago with its CAN-SPAM Act, which was supposed to deal with the problem of unsolicited commercial e-mail. http://www.newsfactor.com/story.xhtml?story_id=011000008QGU - - - - - - - - - - GAO: Dont give criminals passports Poor information-sharing practices are hurting the State Departments ability to ensure that criminals and terrorists dont get U.S. passports, the Government Accountability Office reports. State faces a number of challenges to its passport fraud detection efforts, including limited inter- and intra-agency information sharing and insufficient fraud-prevention staffing, training, oversight and investigative resources, auditors at the congressional watchdog agency wrote in a report released last week. http://www.fcw.com/article89461-07-05-05-Web *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.