NewsBits for February 6, 2006 ************************************************************ Russian stock exchange hit by computer virus The Russian Stock Exchange was suspended for nearly an hour on Thursday after trading systems were hit by a computer virus. Moscow's Russian Trading System (RTS) admitted on Friday that a computer was infected by a virus, which then carried out a denial of service attack on trading systems. - - - - - - - - - - Albania: embassy worker pleads guilty to sex with minors, child porn Steward Moss, ex employee of the US State Department and technical employee at the US Embassy in Albania, was sentenced to three years in jail after pleading guilty on charges pressed against him that he had sex with minor boys in Albania and that possessed a collection of porn pictures on his personal computer in his apartment in Tirana. - - - - - - - - - - $1 million bail for child-porn suspect A Berkeley firefighter charged with 57 counts of misdemeanor possession of child pornography must remain jailed unless he can post $1 million bail, a judge ruled Friday. Authorities arrested Luis Ponce, 49, at his home in Grass Valley (Nevada County) on Jan. 26 on three misdemeanor counts after Berkeley police found child pornography in his locker at the fire station and on a fire station computer disk that he used, authorities said. - - - - - - - - - - Warez pirates caught by Operation Jolly Roger Nineteen participants in the so-called 'warez' scene were indicted on federal charges last Tuesday for pirating more than $6.5m worth of copyrighted computer software, games, and movies and distributing it online. - - - - - - - - - - Kama Sutra a wet blanket - Damp squib The much anticipated Kama Sutra worm turned out to be rather flaccid. The worm was programmed to overwrite files on infected Windows PCs on Friday (February 3), but in the event only a few people got hit - even though many machines were infected at one time or another. Kama Sutra worm: How was it for you?,39024655,39156201,00.htm Kama Sutra virus to hit India hardest - - - - - - - - - - Judges given more latitude in sentencing offenders Since the U.S. Supreme Court threw out the sentencing guidelines federal judges once had to follow, courts are handing out different penalties for similar crimes. Three men convicted of similar child pornography crimes in Kentucky last month received sentences ranging from six to 15 years _ even though federal sentencing guidelines called for a 17-year minimum prison term. All three men were convicted of receiving and distributing child pornography on the Internet. - - - - - - - - - - Lords restrict terror website censorship plans The House of Lords has restricted Government plans to allow the police to order the take down of suspected terrorism-related web content by requiring that the authorities obtain the permission of a judge first. - - - - - - - - - - The e-Crime Congress 2006 The e-Crime Congress 2006 will seek to challenge conventional attitudes on e-Crime and examine how business, government and law enforcement can continue to work together in order to tackle a threat that undermines public confidence in the Internet as a viable and secure commercial medium for the future. - - - - - - - - - - WMF Exploits Sold By Russian Hackers The biggest reason the Windows Metafile (WMF) bug caused so much havoc, security researchers are saying, is that Russian hackers sold the exploit to anyone with the money. The Windows Metafile (WMF) bug that caused users -- and Microsoft -- so much grief in December and January spread like it did because Russian hackers sold an exploit to anyone who had the cash, a security researcher said Friday. Hackers writing zero-day malware to order 2005 was watershed year for zero-day exploits, warns security firm. Russian security company Kaspersky Lab has discovered a worrying phenomenon in the wake of Microsoft's security gaffe over the .wmf exploit at the end of last year, claiming that hackers are tailoring and selling zero-day malware for specific markets. - - - - - - - - - - Spyware remains rampant as Winamp exploited A new study by the University of Washington finds that one in twenty executables on the Internet contain spyware. The study, which sampled more than 20 million Internet addresses, also found other disturbing trends. Among them: one in 62 Internet domains contains "drive-by download attacks," which try to force spyware onto the user's computer simply by visiting the website. Study Notes Decline in Internet Spyware - - - - - - - - - - Teens putting themselves at risk online On websites such as, teenagers can find people around the world who share their love of sports, their passion for photography or their crush on the latest Hollywood star. But authorities say teens are increasingly finding trouble in an online environment where millions of people can, in seconds, find out where they go to school, learn their interests, download their pictures and instantly send them messages. Teens Reveal Too Much Online,70163-0.html - - - - - - - - - - People cautious of Web crime Internet users believe they are more likely to be victims of a cybercrime than a physical one in the coming year, according to a recent survey. This growing fear of Internet vulnerability is well founded, computer security experts contend. Whereas most malevolent software was once a form of electronic vandalism, it has become a profit-making venture backed by organized crime. - - - - - - - - - - One in eight 'harassed by e-mail' One in eight people received an offensive e-mail in the last year, government figures have indicated. The Fraud and Technology Crimes survey by the Home Office also found one in 11 had received similar types of messages by text message or voicemail. Men aged 26 to 30 were most likely to be the victims of e-mail harassment, the study found. - - - - - - - - - - AOL to charge fee as way to cut spam America Online will begin charging businesses to send commercial e-mail to its users in the first wide-scale use of authenticated e-mail to reduce spam. But some marketers affected by the plan, set to start in several weeks, call it e-mail taxation designed to create a new stream of revenue for AOL.,70164-0.html Spam campaigners reject email payment plan,39020330,39250867,00.htm - - - - - - - - - - NIST issues guidelines for data removal Wonder no longer about how to remove sensitive data from the hard drives and optical disks you are about to toss. The National Institute of Standards and Technology has issued a set of draft guidelines on how to safely remove information from obsolete forms of storage. - - - - - - - - - - E-gov scores improve Eight agencies improved their e-government management scores, according to the Office of Management and Budget. But more than half of the 26 departments OMB evaluated showed mixed results in reaching e-government goals on the Presidents Management Agenda. - - - - - - - - - - SteelEye LifeKeeper Protection for IBM Director SteelEye announced that it has added monitoring and recovery capability for IBM Director 5.1 to the long list of application environments which it supports. - - - - - - - - - - Boogins to bring effective online fraud prevention booggins ( ) has recently introduced technology that identifies the geographic location, IP address, and ISP of it's web site visitors, deploying geolocation as part of it's online fraud prevention program. - - - - - - - - - - Creative Bungling The Boston Globe managed to expose as many as 240,000 subscribers to identity theft last week -- no hackers or viruses required. Here's how: The Globe shares a computer system with a sister newspaper in suburban Worcester, Mass., the Telegram & Gazette. On Jan. 29, the Telegram & Gazette sent 9,000 bundles of Sunday papers to retailers and delivery people wrapped in recycled office paper. But some of that recycled paper happened to be printouts that included subscribers' credit card numbers and checking account information.,10801,108402,00.html - - - - - - - - - - Windows Permission Identifier 1.0 This tool enables administrators and penetration testers to review and audit the permissions of users on a windows machine. Windows Permission Identifier checks for: File ACLs, Folder ACLs, Registry ACLs, Services Permissions, Shares, Installation rights and Internet Access. - - - - - - - - - - Keylogger basics The term keystroke logger, or keylogger for short, has come to be associated primarily with its use as an unauthorized or malicious tool installed to secretly capture all of the keystrokes typed on a compromised machine. The reality is that, like many malicious hacker tools, keystroke logging has its roots as an administrative and diagnostic tool. Unfortunately, some of the most helpful tools and utilities can end up being used for evil. - - - - - - - - - - French cops ditch IE The French police force plans to ditch Microsoft's Internet Explorer as its preferred browser software and replace it with Firefox by the end of the year. Up to 70,000 desktops will be switched over to a Firefox and Thunderbird email client set-up because of the combo's "reliability, security and inter-interoperability with other state services"," General Christian Brachet, IT director of the French police force said. - - - - - - - - - - Using cell phones to track employees Advances in mobile phone tracking technology are turning British firms into cybersleuths as they keep a virtual eye on their staff, vehicles and stock. In the past few years, companies that offer tracking services have seen an explosion in interest from businesses keen to take advantage of technological developments in the name of operational efficiency. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2006,, Campbell, CA.