NewsBits for July 11, 2005 ************************************************************ USC: Hacker may have accessed applicants' records Officials of the University of Southern California said they will contact everyone who used the school's online application system in the past eight years to warn them that a hacker may have been able to read their files. http://www.cnn.com/2005/TECH/internet/07/11/usc.hacked.ap/index.html - - - - - - - - - - Pentagon uber-hacker rap sheet spills attack details THe US indictment against alleged Pentagon hacker Gary McKinnon reveals the IP addresses of attacked computers. The rap sheet against the suspected uber-hacker contains the IP addresses of the Pentagon, US Air Force, and other Department of Defense servers he's accused of breaking into as part of an alleged quest to unraveling the truth about UFOs. http://www.theregister.co.uk/2005/07/11/mckinnon_indictment_snafu/ - - - - - - - - - - Cybercrooks lure citizens into international crime To Karl, a 38-year-old former cabdriver hoping for a career in real estate sales, the help-wanted ad radiated hope. The ad sought "correspondence managers" willing to receive parcels at home, then reship them overseas. The pay: $24 a package. Karl applied at kflogistics.biz, a fraudulent Web site imitating a legitimate site. http://www.usatoday.com/tech/news/2005-07-10-cyber-mules-cover_x.htm - - - - - - - - - - Virus exploits London Tube bombs A Windows virus has been created that claims to link to amateur video footage of the aftermath of one of the bombs on the London Underground. http://news.bbc.co.uk/2/hi/technology/4671111.stm - - - - - - - - - - Soft Sasser sentence slammed Over three quarters of business PC users believe that the Sasser author's suspended sentence was too lenient, according to a poll by security software company Sophos. Fewer than a fifth of the 550 respondents thought that the 21-month suspended sentence given to 19 year-old Sven Jaschan was appropriate, compared to 78 per cent who thought the he got off lightly. Interestingly, one in 20 considered the sentence too harsh. http://www.vnunet.com/vnunet/news/2139606/sasser-sophos http://news.zdnet.co.uk/internet/security/0,39020375,39208512,00.htm - - - - - - - - - - Feds Fear Air Broadband Terror Federal law enforcement officials, fearful that terrorists will exploit emerging in-flight broadband services to remotely activate bombs or coordinate hijackings, are asking regulators for the power to begin eavesdropping on any passenger's internet use within 10 minutes of obtaining court authorization. http://www.wired.com/news/technology/0,1282,68147,00.html - - - - - - - - - - GAO gives failing grades to DHS information security The Homeland Security Department is showing major weaknesses in ensuring information security for its computer systems, according to a Government Accountability Office report released today. DHS has not fully implemented a comprehensive, departmentwide information security program to protect the information and information systems that support its operations and assets, the GAO said. http://www.gcn.com/vol1_no1/daily-updates/36345-1.html DHS information security plans lacking, GAO says http://www.govexec.com/story_page.cfm?articleid=31711 - - - - - - - - - - Report: Computer hijacking on the rise Personal computers that play unwitting host to "zombie" code are proliferating at a startling pace, according to a new report. Incidents involving the malicious code, also known as "bot" code, reached 13,000 from April through June, according to a report from antivirus-software maker McAfee. That's quadruple the number tracked by the company in the previous three months. McAfee estimated that 63 percent more machines were exploited by bot programs and by spyware and adware--their slightly less insidious, but more common, cousins--in the first six months of this year than in the whole of last year. http://news.zdnet.com/2100-1009_22-5783646.html Its 11 p.m. -- Do You Know What Your Computer Is Doing? http://www.computerworld.com/securitytopics/security/story/0,10801,103033,00.html - - - - - - - - - - Downloading of injustice DOZENS of men accused of downloading child pornography from the internet may have been wrongly prosecuted, according to expert prosecution and defence witnesses. New evidence suggests that Operation Ore, Britain's biggest child pornography investigation, may have prosecuted innocent men on the basis of discredited US police testimony and questionable forensic methods. http://www.theaustralian.news.com.au/common/story_page/0,5744,15812959%255E2703,00.html - - - - - - - - - - Powell Urges China to Address Intellectual Property Violations The authorities in China should go further in protecting intellectual property rights, former United States Secretary of State Colin Powell said in remarks here Saturday. However, he said, protectionist laws are not the answer. "There is an increase in tension over a number of the trade issues. http://www.eweek.com/article2/0,1759,1835662,00.asp - - - - - - - - - - Microsoft denies its antispyware favors Claria Microsoft is moving to quash claims that its antispyware tool is now giving preferential treatment to adware maker Claria. The beta version of Microsoft AntiSpyware previously recommended that users quarantine several products from Claria, but this changed last week. http://news.zdnet.com/2100-1009_22-5782848.html Microsoft denies adware allegations http://news.zdnet.co.uk/software/windows/0,39020396,39208622,00.htm Group delivers definition of spyware http://news.zdnet.com/2100-1009_22-5783926.html Zombie bots fuel spyware boom http://www.theregister.co.uk/2005/07/11/malware_report_mcafee/ - - - - - - - - - - Detectives on guard for online scams Two Orland Park police detectives are doing all they can to catch cyber hustlers. But it's tough. "Every day on the Internet, somebody's getting ripped off," said Detective Dennis Pratl, who has a specialty in Internet-related crime. "People have a false sense of security on the Internet, but doing business on the Internet is very risky." http://www.dailysouthtown.com/southtown/yrtwn/swest/061swyt4.htm - - - - - - - - - - DOD cyberwarriors in a war of attrition Military officials can better protect their communications systems by building fake networks or Honeynets to divert adversaries away from critical systems and to gain intelligence on their attack methods, a top official in the Defense Departments cyberdefense organization suggests in a new paper. http://www.fcw.com/article89526-07-11-05-Web - - - - - - - - - - Security confusion letting in hackers Widespread confusion about the installation of endpoint security on enterprise client PCs is leaving firms vulnerable to malware, malicious code and destructive spam, industry experts warned today. http://www.vnunet.com/vnunet/news/2139592/eps-security-confusion-hackers - - - - - - - - - - Hacker mag closure spells bad news for security Notorious hacker magazine Phrack is to close its doors after almost 20 years serving the darker side of the internet and communications community. Yet surprising to many will be the fact the antivirus and security industries are actually coming out to say they will be sorry to see the back of the title which was run by, and for the benefit of, those they seek to thwart. http://software.silicon.com/security/0,39024655,39150241,00.htm http://news.zdnet.com/2100-1009_22-5783383.html http://www.theregister.co.uk/2005/07/11/phrack_shuts/ - - - - - - - - - - Capital open to hackers About 50 Wellington corporations have unsecured wireless networks that are sitting ducks for hackers, says wireless security firm Aura Software Security. Managing director Andy Prow says he was shocked to find so many vulnerable networks during a recent survey. "There are 50 corporate networks sitting there wide open. Others had a very low level of security." http://www.it-observer.com/news.php?id=5269 - - - - - - - - - - New Credit Security Standards Prompt Soul-Searching With headlines about the compromise of hundreds of thousands of credit card numbers at CardSystems Solutions Inc. still fresh, the industry is implementing long-awaited data security rules for merchants and card processors. http://www.eweek.com/article2/0,1759,1834923,00.asp Security's House of Credit Cards http://www.eweek.com/article2/0,1759,1832454,00.asp - - - - - - - - - - Users Act to Encrypt Mobile Data Companies looking to protect data on mobile client devices such as notebooks, handheld devices and smart phones are getting more options to choose from. http://www.computerworld.com/securitytopics/security/story/0,10801,103062,00.html - - - - - - - - - - Longhorn following Unix on security? Microsoft's delayed Longhorn operating system appears to be taking a page from the Unix management book by curbing user's administration rights. Mike Nash, Microsoft's security business and technology unit corporate vice president, has said Longhorn would accord end-users certain rights and privileges apparently ending the concept that everyone using their PC is also the PC's administrator. http://www.theregister.co.uk/2005/07/11/longhorn_security/ - - - - - - - - - - Internet Banking Security: Separating Fact From Fiction Businesses across the country must keep things in perspective and shouldnt lose faith in Internet banking just because there have recently been a series of highly publicized data breaches. These incidents, while regrettable, have absolutely nothing to do with online banking, which is a very safe and secure channel for both consumer and commercial banking transactions. http://computerworld.com/managementtopics/management/story/0,10801,103035,00.html - - - - - - - - - - Taking Steps To Prevent Child Porn A few years ago, the headlines were filled with stories about corporate financial scandals and executives who were cooking their books. These days, it's identity theft and the lack of protection that some companies apply to their customer data. http://www.informationweek.com/story/showArticle.jhtml?articleID=165701073 - - - - - - - - - - Report: Sarbanes-Oxley could threaten security The multimillion-dollar cost of complying with the Sarbanes-Oxley Act is diverting spending away from protecting against other security threats, according to a new report. The Information Security Forum, an international security association, said Monday that it calculates that many of its members expect to spend more than $10 million on information security controls to comply with regulations laid down by Sarbanes-Oxley. http://news.zdnet.com/2100-1009_22-5783472.html - - - - - - - - - - Fear, Anger, Distrust Can your users change when it comes to security? Yes, probably. At least that's what two surveys that came out last week suggest. The Pew Internet & American Life Project polled 1,300 Internet users about spyware and related problems. http://computerworld.com/securitytopics/security/story/0,10801,103060,00.html - - - - - - - - - - Germany moves forward with e-passports Germany is moving forward on introducing biometric ID systems. The German Parliament today approved an electronic passport plan to begin Nov. 1, with Lufthansa Airlines and Siemens AG of Munich initiating a test in which passengers thumbprints will be used to verify identity before boarding a plane. http://www.gcn.com/vol1_no1/daily-updates/36340-1.html - - - - - - - - - - Spy agencies craft terrorist watch list data exchange standard The intelligence community is building a data exchange standard to help its various agencies share information about terrorists. The Terrorist Watchlist Person Data Exchange Standard was mandated by a memorandum of understanding among the Justice and Homeland Security departments and the CIA. http://www.gcn.com/vol1_no1/daily-updates/36346-1.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.