NewsBits for August 17, 2005 ************************************************************ Windows 2000 worm hits US firms More than 100 companies have been hit by computer viruses that exploit a recently found loophole in Windows. The New York Times, CNN, ABC News and heavy plant maker Caterpillar all had computer problems caused by a family of malicious worms. Virus writers have reacted very swiftly to abuse the vulnerability which Microsoft revealed barely a week ago. Despite the high-profile victims, security firms said they expected damage to be limited. CNN, ABC bugged by 2 Internet worms Fast-Moving Worms Slam Media, Enterprise Networks,1759,1849337,00.asp,1759,1849021,00.asp,1,4133281.story CERT: Zotob, esbot not major attacks The group of attacks that include the Zotob and esbot worms arent major cyberattacks, the U.S. Computer Emergency Response Team (CERT) said today. Were not in crisis mode at this time, said Jeff Havrilla, Internet security analyst at CERT. Were nowhere near the same scale of activity that occurred when the Blaster worm leveled computers worldwide in 2003, he said. Zotob Proves Patching "Window" Non-Existent Zotob worm highlights security failings,39020375,39213575,00.htm Latest worms remind tech managers to be vigilant about patches News Focus: Windows worm alert New worms prevention and cure Windows worm infection low, damage minor New Worm Multiplies, Divides,1282,68552,00.html Plug-and-play bots worming and warring among Windows systems Computer virus writers at war, security firm says 'We seem to have a botwar on our hands',10801,103981,00.html - - - - - - - - - - Ex-AOL employee sentenced to 15 months in spam case Stole 92 million e-mail screen names and sold them to a spammer. A former America Online employee was sentenced to 15 months in prison today for stealing 92 million e-mail screen names from the Internet company and selling them to a spammer.,10801,103991,00.html - - - - - - - - - - Teenager jailed for Web attacks The US is taking a tough line on those responsible for DoS attacks, sentencing one teenager to five years behind bars. A US teenager has been jailed for five years after launching attacks against online sportswear retailers. Jasmine Singh, who was sentenced last week, pleaded guilty earlier this year to two counts of computer theft after causing DDoS attacks against Web sites selling sports jerseys and other sporting goods.,39020375,39213703,00.htm - - - - - - - - - - 'Lineage 2' game hackers used robot program to steal online items Computer users who hacked into the popular online game "Lineage 2" used a special program that enabled them to automatically defeat the characters of other users and steal their game items, it has been learned. The users from China who illegally accessed the game obtained credits using the program. They are thought to have sold these credits over the Internet, exchanging them for Japanese yen. - - - - - - - - - - Credit Report Firm Settles FTC Charges Experian North America Inc., one of the three large companies that verify consumer credit, will pay $950,000 as part of a settlement with the federal government over charges that it deceived consumers who sought free credit reports. Under an agreement announced yesterday by the Federal Trade Commission, Experian also will change how it markets credit reports, and offer refunds to qualifying consumers who were misled. - - - - - - - - - - Orefield man who had child porn is eligible for parole Judge sentences him to up to 23 months. He's been in prison 7 months. A 56-year-old Orefield man who was charged in a state police investigation into child pornography was given a sentence Tuesday that will make him immediately eligible for parole. Nephatulli Stecker, of 3440 Cougar Circle, was sentenced to time served to 23 months in Lehigh County Prison, where he has been since January. He pleaded guilty in April to sexual abuse of children by possessing child pornography.,0,1106235.story - - - - - - - - - - Pirates caught, Ukraine Wednesday, August 10, the State department of intellectual property cessated activities of the "CD Master" enterprise involved in production pirated compact disks. According to the press service of the State department, it has sealed up the equipment and it is carrying a system check of observing license requirements and compliance of the current Ukrainian law in the sphere of intellectual property. At the beginning of the check, the enterprise had no contract on transfer of author's rights for the part of manufactured compact disks. - - - - - - - - - - Carder case, Byelorussia Byelorussian hacker has hit a peculiar record with a criminal scent. He caused more than 15 million USD damage to 37 banks of the world, specifically to the banks of the US, Switzerland and Luxemburg. The virtual thief was detained and a criminal case was instigated. Police proudly claimed that they put an end to the largest virtual criminal group. - - - - - - - - - - Adware Firm Accuses 7 Distributors of Using 'Botnets' A major online advertising company that has been accused by security experts of fueling the spyware problem says it is taking legal action against seven people in six countries who, it claims, used viruses to spread ad software to thousands of computers without their owners' consent. - - - - - - - - - - W32/IRCbot worm beats Sasser record Security experts today raised the risk assessment to high on the recently discovered W32/IRCbot.worm!MS05-039 worm, which is also known as IRCbot.worm!MS05-039. The worm, an Internet Relay Chat (IRC) Bot, includes the ability to spread by exploiting systems that are not yet patched for the MS05-039 vulnerability. - - - - - - - - - - Hacking fears spark power-plant security clampdown US power plants may have to tighten security against malicious hackers bent on wreaking havoc, according to a new federal law. Part of the 1,724- page energy bill that President Bush signed last week calls for federal bureaucrats to create an "electric reliability organisation" that would draft mandatory standards - including cyber- security guidelines - for electric power system operations.,39024655,39151444,00.htm - - - - - - - - - - Opposition Puts Domain for Net Porn on Hold A recent push by a Bush administration official, citing letters from foes of a .xxx address, leads to the delay of a launch proposed five years ago. The Bush administration is flashing a yellow light at plans to offer a red-light district on the Internet.,1,5037023.story - - - - - - - - - - NASSCOM meet on cyber crime, security Acting on instructions from Prime Minister Manmohan Singh to hasten the amendments to the countrys Information Technology Act of 2000 in lieu of the recent cases of pornographic MMS clips and data leakage, a high level meeting will take place in Delhi today. The meeting will discuss provisions relating to data security and privacy. Indian call centres sell off Australians' details Indian call centre hit by ID breach claims,39024655,39151443,00.htm Privacy laws may be tightened - - - - - - - - - - NIST launches new vulnerability database Contains information on 12,000 vulnerabilities The National Institute of Standards and Technology has launched a new vulnerability database to help security professionals learn about and correct vulnerabilities.,10801,103985,00.html - - - - - - - - - - IT infrastructures could be battlefields of future wars A professor from Auburn University has made the case that the United States may face a war in the future in which not a single shot is fired, but yet America loses. There could be pre-emptive achievement of military objectives strictly by information warfare techniques, said John Drew Hamilton, associate professor of engineering and director of the Information Assurance Laboratory at the university. - - - - - - - - - - Apple OS X update breaks 64-bit applications Missing library leaves 64-bit applications in the cold. An update that Apple released earlier this week has broken support for 64-bit applications in its OS X operating system. Mathematica 5.2 from Wolfram Research is one of the affected applications. The latest version was released last month and uses the 64-bit capabilities in OS X. The application offers technical computing for use in science, engineering, math and finance. - - - - - - - - - - Are worms actually good for security? You've probably heard by now that the Zotob worm is rampaging through business and organizations with computers running the Windows 2000 operating system, but could this actually be good for security? The way that I see it, any computer worm that doesn't actually delete or steal any data is the cyber equivalent of biological immunization. Worldwide worm attacks intensifying - - - - - - - - - - Google Has Your Data: Should You Be Afraid? - Part One Analysts readily admit that Google is not the only search player who needs to be held accountable on privacy issues. Some contend, however, that Google's "king of the hill" status makes it more of a threat to consumers. - - - - - - - - - - DHS to foreign visitors: Give me 10 Homeland Security Department secretary Michael Chertoffs new requirement that all first-time visitors to the United States provide 10 fingerprints rather than the current two required from most is getting high marks from security experts for its ability to provide more meticulous identification and improved security. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2005,, Campbell, CA.