NewsBits for February 7, 2006 ************************************************************ Stealth keylogger used in bank heist Russians have reportedly used a keylogging virus to steal more than 1m from French bank accounts. A gang of Russians and Ukrainians have been arrested for allegedly stealing more than 1m (PS700,000), The Guardian reported on Tuesday. The gang is accused of stealing from French bank accounts by installing a stealth keylogging program on users' PCs. The Trojan would infect machines through email attachments or when users visited certain Web sites. http://news.zdnet.co.uk/internet/security/0,39020375,39251059,00.htm - - - - - - - - - - Hollywood PI in wiretap charge rap A former sleuth to the stars has been charged with masterminding an illegal wiretapping operation targeted against actors, reporters and agents. Anthony Pellicano is charged with running unlawful wiretaps or unlawfully obtaining background checks against actors Sylvester Stallone and Keith Carradine and an entertainment reporter at The Los Angeles Times. He's also accused impersonating staff at the Creative Artists talent agency. http://www.theregister.co.uk/2006/02/07/hollywood_wiretap/ Three charged with wiretapping, racketeering A federal grand jury indicted private investigator Anthony Pellicano and two associates for the alleged illegal use of law enforcement data and wiretapping using a custom software program, prosecutors announced on Monday. http://www.securityfocus.com/brief/129 - - - - - - - - - - Azeri hackers attack Danish web sites It seems that the new information-communication technologies are going to be used for taking revenge on the case of cartoons of the holy Muslim Prophet Mohammed. As reports the web site Vlasti.Net, Azerbaijani hackers have attacked several Denmark based web sites as a revenge for publication of Mohammeds offensive cartoons. The hackers themselves explain this attack as the light one and dont touch the databases of the hacked web sites. Hackers expressed their protest by simple defacing of the first pages of the Danish web sites. http://www.cascfen.org/news.php?nid=1479&cid=6 Muslim Cartoon Protests Hit the Internet http://www.eweek.com/article2/0,1759,1921048,00.asp - - - - - - - - - - Hacker cripples government website in Chengdu The official website of the Chengdu Agricultural Committee, a government body that oversees agricultural production in the southwestern Chinese city, was hacked on Monday and has been inaccessible up to now, a government official told Interfax Tuesday. http://www.interfax.cn/showfeature.asp?aid=9724 - - - - - - - - - - Parkview assisting FBI in probe of file hacking As part of an ongoing FBI investigation into Medical Informatics Engineering and alleged software tampering at Orthopaedics Northeast, Parkview Health confirmed it is cooperating with the investigation. http://www.fortwayne.com/mld/journalgazette/13782298.htm - - - - - - - - - - Ex-Principal Sentenced On Child Porn Charges A former elementary school principal who was fired after allegedly propositioning a young boy has pleaded guilty to 33 charges of sexual exploitation of a minor in connection with computer images found on his workplace computer. Michael Wayne Fox, former principal of Spaulding Drive Elementary Charter School in Sandy Springs, received a sentence of ten years yesterday. http://www.wsbtv.com/news/6734601/detail.html - - - - - - - - - - School Worker Accused of Molesting Boy He Met Online A school worker suspected of molesting a teenager he met online has been arrested in Modesto, police said Friday afternoon. Kurt Thomas Zoslocki, 31, is accused of molesting a 15-year-old boy he met on the Internet. He was booked on suspicion of using the Internet to molest a child and of oral copulation with a child under 16 years of age. http://www.news10.net/storyfull2.aspx?storyid=15469 - - - - - - - - - - Sex Sting Via Internet Upheld By High Court The state Supreme Court on Wednesday upheld the conviction of a man snared in a New Britain police Internet sting operation, in the court's first ruling ever on Internet sexual predator cases. The court ruled, among other things, that there need not be a "real" minor victim at a rendezvous arranged by the predator for a conviction of attempted sexual assault and attempted risk of injury to a minor. Just showing up, the court said, is sufficient evidence of intent and taking a "substantial step" toward sexually assaulting a minor. http://www.courant.com/news/local/hc-ctsorabella0202.artfeb02,0,5089013.story - - - - - - - - - - Phishing e-mail purports to be from IRS E-mail declares 'Refund notice!'. The Internal Revenue Service today confirmed that an e-mail purporting to be from the IRS is part of a scam designed to trick users into revealing their personal information, including Social Security and credit card numbers. The subject line of the e-mail, which was received by a Computerworld reporter, reads "Refund Notice!" and claims to be from "refund@irs.gov." http://www.computerworld.com/securitytopics/security/story/0,10801,108430,00.html - - - - - - - - - - Microsoft and US state sue spyware company Microsoft and the Washington state attorney general have filed lawsuits against antispyware software vendor Secure Computer, alleging that the companys Spyware Cleaner software not only fails to remove spyware as advertised, but makes changes to users computers that make them less secure. The attorney generals lawsuit is the states first to be filed under Washingtons 2005 Computer Spyware Act. http://computerworld.co.nz/news.nsf/scrt/F03EF851B098CED6CC25710900776B50 - - - - - - - - - - Antispam group rejects e-mail payment plan A leading antispam agency has struck back at moves to charge companies a fixed fee to ensure e-mails are delivered, saying it will erode freedoms. On Monday, Richard Cox, chief information officer at antispam organization Spamhaus, said that "an e-mail charge will destroy the spirit of the Internet." http://news.zdnet.com/2100-1009_22-6036032.html - - - - - - - - - - Drive-by downloads on the wane Spyware programs that monitor users' surfing habits remain prevalent, but their frequency is on the decline, according to a recent academic study. Security researchers at the University of Washington used web crawler technology to discover that around one in 20 executable files (5.5 per cent) offered for download on the net during a five month period contained some type of malware, mostly less malign code that generated invasive pop-up ads rather than more dangerous key-logging software. http://www.theregister.co.uk/2006/02/07/spyware_survey/ - - - - - - - - - - In QDR, Defense focuses on combating cyberthreats As expected, the newly released Quadrennial Defense Review suggests an evolution in Pentagon thinking about the role of IT in countering cyberthreats. Among IT successes, the 113-page review cites the use of computer- guided drone aircraft in Iraq and Afghanistan. These in-country unmanned aerial vehicles, noted the QDR, are remotely controlled by operators in Nevada. http://www.gcn.com/vol1_no1/daily-updates/38207-1.html - - - - - - - - - - Undercover theft recovery software adds iSight support Mac package can phone home -- and send photos Orbicule Inc. on Tuesday released Undercover v1.5, an updated version of its theft recovery application for Mac OS X. The software helps users find and recover their Macs if they're stolen. A free update for Undercover users, Undercover 1.5 costs $29.99 for a single user license. http://www.computerworld.com/securitytopics/security/story/0,10801,108448,00.html - - - - - - - - - - CYBERINSURANCE OFFERS SOME PROTECTION FROM HACKERS When 21-year-old Web entrepreneur Alex Tew received a $50,000 ransom demand last month, he remembers thinking, "There's no way on earth I'm paying these guys." Hackers had kidnapped Tew's Million Dollar Homepage, an advertising website, crippling it with a flood of data. Thousands of dollars, six days and two security teams later, the site was back up. "I can understand why gambling sites that accept thousands of dollars a day could choose to pay and be done with it," Tew says, "but I made a point of standing firm." http://www.time.com/time/insidebiz/article/0,9171,1156596,00.html - - - - - - - - - - E-Discovery Firms Search Data for Evidence High-profile lawsuits and rules that demand corporate archiving fuel a growing market. Even just a few years ago, lawyers in corporate lawsuits sometimes agreed not to poke around in their opponents' e-mails. Instead they'd confine themselves to paper memos and other documents on file as they pursued evidence. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-discovery7feb07,1,7831163.story - - - - - - - - - - Researchers: Popular apps have mismanaged security Big-name companies like America Online (AOL) and Adobe could do a better job of writing secure software, according to a recent report by two Princeton University researchers. The researchers took a look at a number of popular applications, including AOL Instant Messenger and Photoshop, and determined that many of them made changes to the operating system that could allow attackers to bypass some Windows security mechanisms. http://www.networkworld.com/news/2006/020606-application-security.html http://www.computerworld.com/securitytopics/security/holes/story/0,10801,108428,00.html Is Application Security Training Worth the Money? Software security--sometimes called application security by the myopic--is catching on. That's good because we can certainly use less broken software in the world. But it's bad because there aren't enough knowledgeable people to build secure software. You see, the people who build software know next to nothing about security. It's no wonder they keep cranking out the security holes. One partial solution is to train your developers. http://www.it-observer.com/news/5686/is_application_security_training_worth_money/ - - - - - - - - - - Help! My box has been owned... A flaw in the Microsoft Windows help system could be exploited to run arbitrary code with the privileges of the target user, according to a security advisory released this week. The issue lies in the HTML Help Workshop, which helps developers compress content and graphics into a compiled help file. Organizations may use the Help Workshop to create custom help files for specific internal issues. A buffer overflow in the workshop can be caused by creation of a specially crafted .hhp file, allowing arbitrary code execution with target user privileges. http://www.securityfocus.com/brief/131 Microsoft security service to ship in June http://news.zdnet.com/2100-1009_22-6036290.html http://news.zdnet.com/2100-1009_22-6035712.html - - - - - - - - - - Locate almost anyone in the UK without their permission By using one of the many mobile phone location tracking services aimed at businesses or concerned parents, and some trickery it is possibly to get almost anyone's mobile phone position without their agreement. All that is required is their mobile phone number, and carrier. http://www.it-observer.com/news/5678/locate_almost_anyone_uk_without_their_permission/ - - - - - - - - - - Do we really care about storage security? How many stories about lost backup media will it take before we all finally get serious about storage security? Like clockwork, you can count on a new story appearing every couple of weeks. http://www.computerworld.com/securitytopics/security/story/0,10801,108447,00.html Lose your backup tapes? It could be worse http://news.zdnet.com/2100-1009_22-6036161.html - - - - - - - - - - Apple's in the eye of flaw finders At the recent ShmooCon hacking conference, one security researcher found out the hard way that such venues can be hostile, when an unknown hacker took control of the researcher's computer, disabling the firewall and starting up a file server. http://www.securityfocus.com/news/11375 - - - - - - - - - - How to survive a security IV&V Security professionals and football fans understand that the best defense is a good offense. While getting audited is never fun, being prepared for the audit is a good offensive strategy. http://www.computerworld.com/securitytopics/security/story/0,10801,108449,00.html - - - - - - - - - - Domain Contamination Attack This brief write-up describes an attack that exploits an inherent flaw of the client-side trust model in the context of cyber-squatting and domain hijacking, or in general, in the context of obtaining temporary ownership of a domain. Put simply, the idea explored is to force long term caching of malicious pages in order for them to still be in effect even when the domain returns to its rightful owner. http://www.it-observer.com/news/5683/domain_contamination_attack/ - - - - - - - - - - NSA eavesdropping: How it might work This is the second in a two-part series. Part one appeared Monday: A survey asking telecommunications and Internet companies if they cooperated with the National Security Agency. Even a panel of determined senators couldn't convince Attorney General Alberto Gonzales to divulge much about how the massive surveillance program conducted by the National Security Agency actually works. http://news.zdnet.com/2100-1009_22-6035910.html Gonzales: NSA may tap 'ordinary' Americans' e-mail http://news.zdnet.com/2100-1009_22-6035637.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2006, NewsBits.net, Campbell, CA.