March 5, 2002 Clock's ticking on Klez worm time bomb A new version of an old worm is set to trigger its destructive payload on March 6. Klez.E (w32.Klez.E@mm) is sometimes called The Twin Virus because the worm is used to spread an upgraded version of the ElKern virus (w32.elkern.b). The new version can now infect Windows 98, Me, 2000, and XP, attempting to corrupt files on these systems without changing their sizes. Klez.E is currently one of the fastest spreading worms on the Internet. http://zdnet.com.com/2100-1105-852111.html http://news.com.com/2100-1001-852306.html http://www.newsbytes.com/news/02/174977.html - - - - - - - - Teen 'Sharpei' author combats sexism A hacker claiming to be a 17-year-old girl says she wrote a new worm targeting Microsoft's .NET Web services platform to prove women are capable of creating computer viruses and make a statement against sexism, a computer security company said Monday. Dubbed the "Sharpei" worm, it is believed to be the first virus written in C-sharp, the programming language which runs on .NET platforms, said UK-based Sophos, which received a copy of the virus from the programmer. http://zdnet.com.com/2100-1105-851522.html http://www.techtv.com/news/security/story/0,24195,3374763,00.html http://www.msnbc.com/news/719605.asp http://www.cnn.com/2002/TECH/internet/03/05/feminist.reut/index.html http://www.usatoday.com/life/cyber/tech/2002/03/05/female-hacker.htm - - - - - - - - Stop Him Before He Hacks Again Adrian Lamo has made quite a name for himself by breaking into corporate networks. He has done no harm -- but that's not the issue. Readers of The New York Times's "op-ed" page regularly find columns written by a host of world leaders and celebrities, from Palestinian leader Yassir Arafat and former U.S. President Jimmy Carter to hip-hop star and talk-show host Queen Latifah. The contact information for these luminaries is a closely guarded Times secret, as is the contents of the op-ed section's Rolodex. http://online.securityfocus.com/news/345 - - - - - - - - CIA details found on Google Security firm proves ease of gaining sensitive info. Security experts demonstrated today just how effectively determined attackers can use freely and openly available information on the internet to gather intelligence about a target organisation. Security firm Matta this week released a white paper on internet-based counter intelligence using the CIA as the target. According to the firm, the results were "surprising". Without using port scans or direct probes of the CIA network, and employing methodologies entirely within the boundaries of UK and US law, Matta was able to "build a clear network map" of the CIA's infrastructure. http://www.vnunet.com/News/1129730 - - - - - - - - Philippines: Anti-Piracy Group Intensifies Campaign Anti-piracy watchdog Business Software Alliance (BSA) last week said it is courting various Philippine government agencies seeking support in BSA's continuing bid to clamp down on illegal software users, particularly in the corporate sector. Tarun Sawney, a former member of the Royal London and Hong Kong Police who now is the Asia Pacific Enforcement Manager for BSA, said during a press briefing he is set to meet public officials in anticipation a major anti- piracy operation's launch by mid-March. http://www.newsbytes.com/news/02/174969.html - - - - - - - - Malicious code infection soars Over one million attacks in the past 20 months. Despite increased spending, the rate of malicious code infection continues to climb. A staggering 1.2 million incidents took place over a period of just 20 months, according to a new study. The number works out to roughly 113 attacks per 1,000 machines per month, said ICSA Labs, a division of web security specialist TruSecure. In addition, 28 per cent of companies were hit with a virus 'disaster', defined as an attack which affects 25 or more servers or PCs. http://www.vnunet.com/News/1129690 - - - - - - - - Just Say Nyet to U.S. Net Laws? Is the Internet a physical space bound by the laws of its various locales, or does it transcend the mere physical, putting it beyond the reach of any one country's regulations? That's essentially the question U.S. District Court Judge Ronald Whyte will answer when he decides on a defense motion to dismiss U.S. v. Elcomsoft, the case that began last July with the arrest of the Russian programmer Dmitri Sklyarov. http://www.wired.com/news/politics/0,1283,50832,00.html - - - - - - - - Net sex predators defy easy labels Online criminals prey on kids in 'astounding' numbers. They come for sex with girls and boys, and sometimes to kill. They travel to Colorado from as far away as London. These online predators are aggressive. Police say at least one child a day in Colorado Springs gets a sexual solicitation from them. "The population of people that is actually hunting kids is astounding to me," Colorado Springs police detective Rick Hunt said. http://www.gazette.com/stories/0304top1.php - - - - - - - - Net lures predators with anonymous thrills The Internet has opened the world to sexual predators. They find child pornography. They find victims. They find others who think like them. "If you're at a dinner party and talk about wanting to have aggressive sex with an 8-year-old girl, you're likely going to get kicked out," Colorado Springs police detective Rick Hunt said. "You won't online." The major draw of the Internet is anonymity and the fantasy and excitement that follows, said Paul Isenstadt, a clinical social worker who evaluates sexual predators. http://www.gazette.com/stories/0304top1a.php - - - - - - - - Ford offers amnesty on Internet porn Workers at the car manufacturer have been given two weeks to remove Internet porn from their computers. Twenty thousand workers at Ford, including 5,500 at Dagenham have been told to clean up their computers and remove any offensive, including racist, material they have on their machines. They have been given a two week 'amnesty' to delete the offensive content and can get help from Ford's computer systems managers to remove the content during this period. http://news.zdnet.co.uk/story/0,,t269-s2105566,00.html http://www.vnunet.com/News/1129733 - - - - - - - - Federal e-gov efforts buttress homeland security, Lorentz says Can e-government help homeland security? At least four of the Office of Management and Budgets 24 Quicksilver projects will reinforce the Office of Homeland Securitys fight against terrorism, Norman E. Lorentz, OMBs chief technology officer said yesterday. The initiatives are the Interior Departments Geospatial Information One-Stop project, the Health and Human Services Departments eGrants project, the Treasury Departments Wireless Public Safety Interoperable Communications project, and the Federal Emergency Management Agencys Disaster Assistance and Crisis Response program. http://www.gcn.com/vol1_no1/daily-updates/18115-1.html - - - - - - - - No 'Betamax defense' for file swappers A federal judge on Monday ordered a trio of popular file-swapping services to stand trial on copyright infringement charges, ending a bid to bring a quick end to their legal troubles with the entertainment industry. Attorneys for defendants Kazaa, StreamCast Networks and Grokster had hoped to convince the judge that their products demonstrated sufficient legitimate uses to qualify for the "Betamax defense"--a copyright safe harbor set by the U.S. Supreme Court in the 1980s that cleared the way for home videotape recorders. http://zdnet.com.com/2100-1106-851506.html http://www.newsbytes.com/news/02/174951.html - - - - - - - - Microsoft finds, patches Java VM flaw A flaw in Microsoft's Java Virtual Machine could allow hackers to hijack a browser and redirect traffic, capturing sensitive data such as the person's passwords, Microsoft has revealed. The company disclosed the flaw Monday on its Web site and posted a patch intended to rectify the problem. http://zdnet.com.com/2100-1104-851753.html Browser Makers Hid Java Proxy Flaw For A Year A critical security flaw in Java that could allow browser traffic hijacking was hidden from the public for almost a year, a security researcher said today. Patches that protect users of Microsoft's Internet Explorer and Netscape's Navigator browsers against the bug were released yesterday, nearly eleven months after the software makers learned of the vulnerability in their implementation of Sun Microsystem's Java Virtual Machine (JVM). http://www.newsbytes.com/news/02/174975.html - - - - - - - - Board proposes annual privacy report, coordination Federal privacy policies are so inconsistent from agency to agency that they need to be systematically documented through an annual report and by creating stronger relationships among government privacy officers, according to the draft report of a government advisory board on computer security and privacy released Tuesday. The draft report, whose details are being ironed out at the quarterly meeting of an advisory board chartered by the Commerce Department's National Institute of Standards and Technology, recommends an array of changes to federal privacy practices. http://www.govexec.com/dailyfed/0302/030502td1.htm - - - - - - - - Privacy group awards Big Brothers A proposal by the National Criminal Intelligence Service to store all UK Internet traffic for seven years in a single data warehouse won the Big Brother Award for Most Appalling Project on Monday night. The Big Brother Awards are presented annually by Privacy International to the companies and individuals that have done most to erode the privacy of the citizen, and are accompanied by the "Winstons", which are awarded to those who have done most to protect privacy. http://zdnet.com.com/2110-1106-851629.html http://news.zdnet.co.uk/story/0,,t269-s2105551,00.html - - - - - - - - Software maker offers privacy testing Security software maker Zero-Knowledge Systems on Tuesday introduced a Web-based tool that lets online businesses evaluate their digital privacy policies. The Montreal-based company's P3P Analyzer, a free beta service, lets companies test whether their Web sites comply with a privacy standard known as Platform for Privacy Preferences (P3P) and its implementation in Microsoft's Internet Explorer 6. The company plans to offer the tool free for 90 days; after that, it expects to charge a yet-to- be-determined fee for the service. http://news.com.com/2100-1023-852247.html - - - - - - - - Riding the Disinformation Superhighway 'The Web's growth has certainly created a new opportunity for people to set up scams,' FTC spokesman Derick Rill said. Dubbed the information superhighway in its infancy, the Internet has in many ways fulfilled its early promise of providing unprecedented access to information and communication. But for all its shady characters and dangerous alleys, the Net might just as well have been called the disinformation superhighway. According to experts, today's users often can spot scams and outright lies by using the Web to find multiple sources of information and perspectives. However, the cons and creeps of the cyber world have mastered the same powerful tool, and they use it skillfully to propagate schemes and spread misinformation. http://www.newsfactor.com/perl/story/16607.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.