NewsBits for August 9, 2005 ************************************************************ Byelorussian hacker hacks 37 banks for $15,1m A citizen of Byelorussia suspectedly damaged 37 international banks for $15.1 million. http://www.crime-research.org/news/08.09.2005/1412/ - - - - - - - - - - Former 'Spam King' pays MS $7m to settle lawsuit Former 'Spam King' Scott Richter has agreed to pay Microsoft $7m to settle an anti-spam lawsuit. The settlement to a December 2003 lawsuit comes a month after Richter - long ranked one of the world's top three spammers - was removed from the Register of Known Spam Operators maintained by the Spamhaus Project. Richter was dropped from the ROKSO list after his outfit OptInRealBig.com cleaned up its act and stopped sending out junk mail that violated US anti-spam rules. http://www.theregister.co.uk/2005/08/09/richter_ms_settlement/ - - - - - - - - - - Huge ID theft ring affects at least 50 banks A major identity theft ring discovered last week has affected the customers of at least 50 banks, according to Sunbelt Software, the security firm that uncovered the operation. The operation, which is thought to be under investigation by the FBI and Secret Service, is currently gathering personal data from compromised machines and sending them to a server where they are saved in a file. http://software.silicon.com/security/0,39024655,39151163,00.htm - - - - - - - - - - FBI director says businesses reluctant to report cyber attacks Most businesses do not report cyber attacks to law enforcement authorities, fearing the disclosure would harm their image and benefit rivals, FBI Director Robert Mueller said Tuesday. This reluctance has become especially important at a time when identity theft is growing rapidly and terrorists are increasingly using the Internet, Mueller said in a speech to the InfraGard national conference, private companies that share security tips and expertise with the FBI. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/12341472.htm - - - - - - - - - - Feds fund VoIP tapping research The federal government is funding the development of a prototype surveillance tool by George Mason University researchers who have discovered a novel way to trace Internet phone conversations. Their project is designed to let police identify whether suspects under surveillance have been communicating through voice over Internet Protocol (VoIP)--information that would be unavailable today if people choose to communicate surreptitiously. http://news.zdnet.com/2100-1009_22-5825932.html - - - - - - - - - - MPs build PS2m security awareness website The government is to launch a PS2m joint initiative with banks, IT vendors and online companies to promote internet security to the public. The Cabinet Office is building getsafeonline.org.uk - a security awareness website that has already been backed by the likes of eBay, Dell, HSBC, LloydsTSB, MessageLabs and Microsoft. The companies have all donated PS150,000 to match the Cabinet Office's investment in the project. http://management.silicon.com/government/0,39024677,39151150,00.htm http://www.vnunet.com/vnunet/news/2140888/safe-online-october-launch - - - - - - - - - - File breach prompts call for inquiry An industry group has called for a public inquiry into the way confidential information is handled, saying the disclosure of hundreds of police files by the Office of Police Integrity is just the "tip of the iceberg". The Australian Computer Society said computer security was the missing link in the debate surrounding increased national security. It said it was "frighteningly easy" to obtain information. http://www.theage.com.au/news/national/file-breach-prompts-call-for-inquiry/2005/08/08/1123353263586.html - - - - - - - - - - One in ten law firms suffered security breaches ACCORDING TO AN NOP World survey, 50% of law firms in the UK are missing basic security measures and just under half have no budget dedicated to digital security, despite the recently increasing IT security threats. http://www.theinquirer.net/?article=25159 - - - - - - - - - - ID theft automated using keylogger Trojan Anti-spyware researchers have uncovered a massive identity theft ring linked to keylogging software. The malware was discovered by Patrick Jordan of Sunbelt Software while doing research on the infamous CoolWebSearch application but the key logger itself is not CWS. It's far nastier. http://www.theregister.co.uk/2005/08/09/key_log_scan/ - - - - - - - - - - Alliance Seeks to Halt Child Porn on Cox Communications An Oklahoma City based anti-pornography group today announced a petition drive to ask Cox Communications to halt its distribution of Usenet newsgroups through its High Speed Internet service. "Cox is distributing newsgroups that are generally known to carry child pornography and other obscene images," stated Paul Cardin, President of the Alliance for a Safer Internet. "It's been going on for years and it's time Cox put an end to it." http://www.ereleases.com/pr/20050809007.html - - - - - - - - - - German bank launches new system to combat phishing Postbank customers will be given code numbers, in addition to PINs, that are required for each specific transaction. German retail bank Postbank AG has launched a new plan designed to prevent phishers from capturing and misusing transaction numbers required by online banking customers to make money transfers. http://www.infoworld.com/article/05/08/08/HNgermanbank_1.html Postbank with new TAN system as phishing defense http://www.heise.de/english/newsticker/news/print/62572 Fifth Third bank buys UK anti-fraud software http://software.silicon.com/security/0,39024655,39151188,00.htm Pharming: Another New Scam http://www.computertoaster.com/archives/spamscams/pharming_another_new_sc.php - - - - - - - - - - Netscape catches up to Firefox patches Netscape has released a new version of Netscape 8 to bring the Web browser as up to date on security patches as the underlying Firefox software. Netscape 8.0.3.3, launched Monday, includes all the fixes that have been made in the Firefox browser, according to the update's release notes. That means it has all patches through Firefox version 1.0.6, which was issued by its development group, the Mozilla Foundation, last month. http://news.zdnet.com/2100-1009_22-5825342.html - - - - - - - - - - Blu-ray consortium launches new DVD security features One of the two groups vying to produce the next generation of DVDs rolled out new security features Tuesday to entice entertainment and electronics companies to adopt its technology. http://www.usatoday.com/tech/products/2005-08-09-blu-ray-security_x.htm - - - - - - - - - - Stealing your neighbor's Net Forty bucks for high-speed Internet access? Not a bad deal. But how does free sound? To a growing number of Internet piggy-backers, it's the sweet sound of pirating their neighbor's wireless network. http://money.cnn.com/2005/08/08/technology/personaltech/internet_piracy/index.htm - - - - - - - - - - TippingPoint leans into network threats Intrusion-detection and intrusion-prevention products have come a long way in a short time, as vendors have been fast to incorporate new detection techniques and bolster defenses to an ever-widening range of threats. TippingPoint is one vendor that has blazed the trail to multipronged protection. http://www.computerworld.com/securitytopics/security/story/0,10801,103792,00.html Who'll Fill the Gap in the Gateway Security Market? http://www.eweek.com/article2/0,1759,1845977,00.asp - - - - - - - - - - The Web as Weapon Zarqawi Intertwines Acts on Ground in Iraq With Propaganda Campaign on the Internet. The jihadist bulletin boards were buzzing. Soon, promised the spokesman for al Qaeda in the Land of the Two Rivers, a new video would be posted with the latest in mayhem from Iraq's best-known insurgent group. http://www.washingtonpost.com/wp-dyn/content/article/2005/08/08/AR2005080801018.html The Iraq Insurgency's Online Strategy http://www.washingtonpost.com/wp-dyn/content/discussion/2005/08/08/DI2005080800466.html - - - - - - - - - - OS exploits are 'old hat' Security issues involving Cisco kit highlighted in Michael Lynns presentation at Black Hat are characteristic of networking vendors in general. Cisco is just the most visible of these vendors to target as hackers raise their sights from attacking operating systems towards attacking network infrastructure and database systems, security researchers warn. http://www.securityfocus.com/news/11272 - - - - - - - - - - Flies swarm around MS Honeymonkey Microsoft's experimental Honeymonkey project has found almost 750 web pages that attempt to load malicious code onto visitors' computers and detected an attack using a vulnerability that had not been publicly disclosed, the software giant said in a paper released this month. http://www.securityfocus.com/news/11273 - - - - - - - - - - Fraud - both a public and private sector problem It seems there are dozens of stories being written at the moment about schemes to protect gullible consumers from the dangers of various fraudsters and scammers. Much as we like to think the educated and net savvy are immune from the latest attempts - whether online or offline - to fleece those using banks, credit cards and so on, many fall prey to increasingly subtle phishing. http://software.silicon.com/security/0,39024655,39151201,00.htm - - - - - - - - - - Harmless hackers or criminals? The case of the Kutztown 13 They're being called the Kutztown 13 -- a group of high schoolers charged with felonies for bypassing security with school-issued laptops, downloading forbidden Internet goodies and using monitoring software to spy on district administrators. The students, their families and outraged supporters say authorities are overreacting, punishing the kids not for any heinous behavior -- no malicious acts are alleged -- but rather because they outsmarted the district's technology workers. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/12341128.htm http://www.msnbc.msn.com/id/8888506/ http://www.wired.com/news/technology/0,1282,68480,00.html - - - - - - - - - - Brit License Plates Get Chipped The British government is preparing to test new high-tech license plates containing microchips capable of transmitting unique vehicle identification numbers and other data to readers more than 300 feet away. Officials in the United States say they'll be closely watching the British trial as they contemplate initiating their own tests of the plates, which incorporate radio frequency identification, or RFID, tags to make vehicles electronically trackable. http://www.wired.com/news/privacy/0,1848,68429,00.html - - - - - - - - - - Singapore trials biometric payment system The next time a shopper pays for goods in Singapore, he or she might be able to do so by simply swiping a thumb on the cash register or payment system. The Network for Electronic Transfers (NETS), which operates a nationwide infrastructure to enable payment via ATM cards, has been testing new technologies for cashless payments. In its latest initiative in this area, the company held a competition to encourage students to explore future electronic payment concepts. http://software.silicon.com/applications/0,39024653,39151101,00.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.