NewsBits for April 24, 2006 ************************************************************ Breach at Univ. of Texas - Austin exposes data In another reminder of the vulnerability of university networks, the University of Texas at Austin (UT-Austin) over the weekend announced that someone had broken into a computer at its McCombs School of Business and gained access to a database containing confidential information on about 197,000 people. http://www.computerworld.com/securitytopics/security/hacking/story/0,10801,110813,00.html http://www.securityfocus.com/brief/193 - - - - - - - - - - After release, murder convict gets 10 years for child porn A Harrisburg man released from prison in 2004 after a murder conviction and arrested last year on child-pornography charges is going back behind bars for 10 years. http://159.54.226.83/apps/pbcs.dll/article?AID=/20060423/STATE/604230329/1042 - - - - - - - - - - Man Convicted On Child Porn Charges A 59-year-old Massachusetts man who worked as a photographer at a New Hampshire summer camp has been convicted on nine counts of child pornography. http://www.thebostonchannel.com/news/8905676/detail.html - - - - - - - - - - Congress readies broad new digital copyright bill update For the last few years, a coalition of technology companies, academics and computer programmers has been trying to persuade Congress to scale back the Digital Millennium Copyright Act. Now Congress is preparing to do precisely the opposite. http://news.com.com/2100-1028_3-6064016.html - - - - - - - - - - Judge: Worker can't be fired for Web surfing A New York City employee cannot be fired for surfing the Web from the work, an administrative law judge has ruled. In his decision, Judge John Spooner said that agencies should apply the same standard to personal Internet use as they do to other personal activities. http://news.com.com/Judge+Worker+cant+be+fired+for+Web+surfing/2100-1030_3-6064520.html - - - - - - - - - - Forensic felonies A new law in Georgia on private investigators now extends to computer forensics and computer incident response, meaning that forensics experts who testify in court without a PI license may be committing a felony. http://www.securityfocus.com/columnists/399 - - - - - - - - - - New unit targets net paedophiles Officers will pose as children in chatrooms to weed out paedophiles. A new agency to tackle child abuse and indecent images on the internet has been launched by the Home Office. Suspicious activity can be reported to the Child Exploitation and Online Protection Centre 24 hours a day. http://news.bbc.co.uk/2/hi/uk_news/4937264.stm - - - - - - - - - - Cyber blackmail increasing "The Malware Evolution: January to March 2006" report by anti-virus firm Kaspersky Lab said criminal gangs have moved away from the "stealth use" of infected computers - stealing personal data or using computers as part of zombie networks - to direct blackmailing of victims. http://www.scmagazine.com/uk/news/article/555248/cyber+blackmail+increasing/ Malicious-software spreaders get sneakier, more prevalent http://www.usatoday.com/tech/news/computersecurity/infotheft/2006-04-23-bot-herders_x.htm - - - - - - - - - - Mac exploit reveals seven new bugs A new exploit which attacks seven unpatched holes in the Mac OS X platform, could shake the Apple platforms reputation for security. http://www.techworld.com/security/news/index.cfm?RSS&NewsID=5851 Macs, long a safe haven, face growing security risk, experts say http://www.siliconvalley.com/mld/siliconvalley/news/editorial/14417423.htm - - - - - - - - - - Oracle releases patches, password tool Oracle Corp. last week released 14 software patches that address security vulnerabilities in its databases, application server software and other products. As part of the quarterly software update, it also released a tool designed to ferret out commonly used default passwords that could be misused by hackers. http://www.computerworld.com/securitytopics/security/story/0,10801,110772,00.html - - - - - - - - - - Government-Funded Startup Blasts Rootkits A startup funded by the U.S. government's Defense Advanced Research Projects Agency is ready to emerge from stealth mode with hardware- and software-based technologies to fight the rapid spread of malicious rootkits. http://www.eweek.com/article2/0,1759,1951941,00.asp - - - - - - - - - - Spyware and Small Business Guide Webroot Software has announced the release of Spyware & Small Business, an informative guide developed exclusively for small and medium-sized businesses to educate and inform them on the massive risks spyware poses to their companys networks and assets. http://www.it-observer.com/news/6165/spyware_small_business_guide/ *nix Malware Evolution http://www.it-observer.com/news/6163/nix_malware_evolution/ Perlbot Analysis http://www.it-observer.com/news/6164/perlbot_analysis/ - - - - - - - - - - Stepping Up the Effort to Beat Cyber-Crime Opinion: It's not enough to rely entirely on self-defense. Legislation and law enforcement must serve as weapons in the battle. Deep inside, we all realize that the battle for secure computing will never be over. Still, the price that must be paid to keep our data safe and our e-businesses operating can seem daunting. http://www.eweek.com/article2/0,1759,1950651,00.asp - - - - - - - - - - PHP Honeypot Project 5.0 PHP Honeypot Project is an open source project used to: Fool different kind of web attackers (audit tools, manual hackers), Create real statistics about the first top10 commands used by an intruder, Steal malware (PHP, C, Perl) that attackers wanted to upload, Identify evil behaviours and learn about current web threats. http://www.it-observer.com/tools/39/php_honeypot_project/ - - - - - - - - - - Cybercops and zero day vulns The start of the Infosec conference tomorrow will witness one of the first public appearances of the new Serious and Organised Crime Agency (SOCA). Dubbed the UK's FBI by Britain's tabloids, SOCA will tackle drug trafficking, immigration crime, money laundering and identity fraud by developing intelligence on organised crime and pursuing key suspects while disrupting criminal activity. http://www.theregister.co.uk/2006/04/24/infosec_blog_three/ - - - - - - - - - - Security Is Like a Box of Chocolates Opinion: You never know what you're going to get these days with security threats. Stupid is as stupid does." That's what my mama always said to me. http://www.eweek.com/article2/0,1759,1952043,00.asp Monitor Business Services in ... http://www.computerworld.com/securitytopics/security/story/0,10801,110758,00.html These Rules Will Keep Users in Their Place http://www.computerworld.com/securitytopics/security/story/0,10801,110721,00.html Factory Settings -- Insecure by Default http://www.computerworld.com/securitytopics/security/hacking/story/0,10801,110699,00.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2006, NewsBits.net, Campbell, CA.