April 2, 2002 U.S., Canadian Law Enforcement Target Fraudulent Spam U.S. and Canadian law enforcement agencies today announced a crackdown against dozens of Internet based businesses selling bogus products such as fake diplomas and unproven cancer cures. The Federal Trade Commission joined officials from Alaska, British Columbia, Idaho, Montana, Oregon, Washington state and Wyoming in bringing 63 law enforcement investigations into Internet fraud and bogus commercial e-mail, or "spam." http://www.newsbytes.com/news/02/175607.html http://www.wired.com/news/politics/0,1283,51486,00.html - - - - - - - - Year-old hole exposes credit cards Whos responsible when a year-old software bug hasnt been fixed, and as a result, customer credit card numbers are spit out onto the Internet; and when the company involved doesnt answer e-mails or phone calls, but all the while, keeps handing credit card numbers to hackers? MSNBC.com tried to reach the site, Waxboxes.com, but with no luck. Meanwhile, the source who found the customer records tried to contact the credit card association fraud departments, and that didnt help. As the process unfolded, victims credit cards were still being revealed, and most likely stolen. http://www.msnbc.com/news/732515.asp - - - - - - - - Security Flaw Opens Ebay Accounts To Hijack Officials at Ebay today said they had no immediate plans to repair a security flaw in the password system at the online auction site that could give criminals the ability to steal users' accounts. The vulnerability enables attackers to easily change the password of nearly any Ebay user, as long as the attacker knows the victim's user ID, according to a Canadian security expert who discovered the flaw and reported it to the company last week. http://www.newsbytes.com/news/02/175608.html - - - - - - - - Judge Weighs Dismissal of Charges in Digital Copyright Case A federal judge heard arguments today on a request to dismiss the prosecution of a Russian software company charged with violating a digital copyright law. The case is one of the first legal challenges to the Digital Millennium Copyright Act of 1998, which prohibits the sale of tools that can help people circumvent the electronic locks that protect copyrighted digital works like music or books. http://www.nytimes.com/2002/04/02/technology/02DIGI.html http://news.zdnet.co.uk/story/0,,t269-s2107591,00.html http://www.newsbytes.com/news/02/175581.html http://www.theregister.co.uk/content/55/24672.html http://www.usatoday.com/life/cyber/tech/2002/04/02/russian-programmer.htm http://www.cnn.com/2002/TECH/industry/04/02/russian.programmer.ap/index.html - - - - - - - - Court: Internet ban 'unfair' to criminal A federal appeals court panel has ruled that banning a man convicted of child porn charges from using computers is an unfair restriction on his liberties. In this case, George Sofsky pleaded guilty to receiving child porn over the Internet. He was sentenced to 10 years in prison and was banned from using a computer and surfing the Internet without permission during the probationary period following his jail term. However, a panel of the 2nd U.S. Circuit Court of Appeals ruled that the ban "inflicts a greater deprivation on Sofsky's liberty than is reasonably necessary." http://zdnet.com.com/2100-1106-874046.html http://news.com.com/2100-1023-874027.html - - - - - - - - Privacy advocates sue over national IDs A privacy group said Tuesday that it has filed a lawsuit against the federal Office of Homeland Security in an attempt to gain access to information about a proposed national identification system. The Electronic Privacy Information Center (EPIC) said it filed its suit with the U.S. District Court for the District of Columbia, seeking the expedited processing and the release of records by the Office of Homeland Security. Headed by former Pennsylvania Gov. Tom Ridge, the federal office was created as a part of the executive branch in response to the Sept. 11 attacks. It seeks to develop a national strategy for protecting the United States against terrorist threats or attacks. http://news.com.com/2100-1023-874044.html http://www.newsbytes.com/news/02/175603.html http://www.washtech.com/news/regulation/15945-1.html - - - - - - - - P2P network hidden in Kazaa downloads A California company has quietly attached its software to millions of downloads of the popular Kazaa file-trading program and plans to remotely "turn on" people's PCs, welding them into a new network of its own. Brilliant Digital Entertainment, a California-based digital advertising technology company, has been distributing its 3D ad technology along with the Kazaa software since late last fall. But in a federal securities filing Monday, the company revealed it also has been installing more ambitious technology that could turn every computer running Kazaa into a node in a new network controlled by Brilliant Digital. http://zdnet.com.com/2100-1105-873416.html http://news.zdnet.co.uk/story/0,,t269-s2107584,00.html http://news.com.com/2100-1023-873181.html http://www.msnbc.com/news/732958.asp The Kazaa Ruling: What It Means http://www.wired.com/news/politics/0,1283,51457,00.html - - - - - - - - EFA: anti-terror laws weaken e-mail privacy Australian police will be able to exploit legal ambiguities in Federal anti-terror legislation that could weaken e-mail privacy protection, according to Electronic Frontiers Australia. Civil liberties group Electronic Frontiers Australia (EFA) said that "confusing" wording in proposed changes to telecommunications interception laws, which are included in the Security Legislation Amendment (Terrorism) Bill 2002, leaves the legal status of e-mails stored at ISPs in doubt. http://www.zdnet.com.au/newstech/security/story/0,2000024985,20264357,00.htm - - - - - - - - Army official warns that hackers could infiltrate battlefield Noting that a cyberterrorist attack could have grave consequences on the battlefield, the Army's top information security officer said Tuesday that the military must take a more proactive approach to defending its critical information systems. "It is conceivable, in theory, for a hacker sitting in his easy chair to get inside a tank," Col. Thaddeus Dmuchowski, director of the Army's Information Operations Assurance Office, said during a conference sponsored by the National High Performance Computing & Communications Council. http://www.govexec.com/dailyfed/0402/040202td1.htm - - - - - - - - Colleges train cybercorps recruits U.S. to get security experts in exchange for scholarships. Long before Sept. 11 and last years virus-like attacks over the Internet, the U.S. government announced plans to train an elite corps of computer security experts. Officials warned it wouldnt be long before terrorists learned to exploit vulnerabilities, from air traffic and banking to spacecraft navigation and defense. Three years later, the first students have scholarships to study computer security in return for working at least two years at a federal agency. But is it too little, too late? http://www.msnbc.com/news/731318.asp - - - - - - - - Predators prowl Internet, seeking youngsters Law enforcement's war on sex crimes moves into cyberspace. The National Center for Missing and Exploited Children has a hotline for Internet- related child exploitation and child pornography, and a variety of safety information. http://www.sunherald.com/mld/thesunherald/2941581.htm - - - - - - - - MyLife worm mutating into new forms Four mutations of the destructive MyLife virus were released over the weekend, according to anti-virus companies. Of the four, only one appears to be spreading widely. Email outsourcing company MessageLabs said it had stopped over 140 copies of MyLife.f on Tuesday morning--about half of these appeared to originate from Australia, and many of the rest were from the UK. A small number were from Hong Kong, the company said. http://zdnet.com.com/2100-1105-873533.html http://news.zdnet.co.uk/story/0,,t269-s2107612,00.html http://news.zdnet.co.uk/story/0,,t269-s2107598,00.html - - - - - - - - Klez retains number one virus spot Most common malicious programme in March Internet worm Klez remained the most common malicious program to infect users during March. The virus topped Kaspersky Labs' poll with 59.2 per cent of incidents last month, and came top of Central Command's 'Dirty Dozen' with 39.7 per cent. It beat off competition from BadTransII and Sircam. The Klez worm deletes files on local and network drives and overwrites files with random data, making them impossible to restore. http://www.vnunet.com/News/1130555 Undead virus infects the dim-witted http://www.theregister.co.uk/content/56/24666.html - - - - - - - - Antivirus software plugs worm holes Security company Network Associates unveiled on Monday new antivirus software designed around the principle "an ounce of prevention is worth a pound of cure." The new program, called ThreatScan, is intended to add a proactive tool to the defensive technology now used by system administrators to protect their networks. Current antivirus software scans for malicious code on potentially infected computers or in e-mail attachments, waiting until a virus or worm has already attacked a system to react to its presence. ThreatScan instead looks for the holes worms use to squirm past security and then alerts the network administrator of any that it finds. http://zdnet.com.com/2100-1105-873411.html http://news.zdnet.co.uk/story/0,,t269-s2107622,00.html http://www.msnbc.com/news/732955.asp http://www.theregister.co.uk/content/56/24669.html - - - - - - - - Yahoo's 'Opt-Out' Angers Users Internet portal Yahoo may want to think about changing its advertising slogan from "Do You Yahoo?" to"You DO Yahoo." In e-mail messages that began going out last week, Yahoo advised its users that their account preferences had been changed, by Yahoo, to indicate that they wanted to receive advertising solicitations through spam, snail mail and telephone. http://www.wired.com/news/privacy/0,1848,51461,00.html - - - - - - - - Cisco flaw enables DoS attack Network giant warns of CallManager vulnerability Cisco is warning customers that a flaw in one of its computer telephony products could be exploited to allow a denial of service (DoS) attack. The vulnerability in its CallManager software can result in a memory leak in the computer telephony framework causing the server to crash, which could be used by a hacker to start a DoS attack. The bug is thought only to affect versions 3.0 and 3.1. http://www.vnunet.com/News/1130562 - - - - - - - - MS security patch fails to work The MS patch intended to fix a data binding flaw in IE which enables a script to call executables on your Windows machine does not work. We had several anecdotal reports of trouble -- enough to cause alarm -- and went so far as to wipe a perfectly good Linux image off one of our machines and do a clean install of Windows-XP. We then installed the relevant Microsoft Critical Security Update, and then ran an example script which harmlessly calls calc.exe against the machine. http://www.theregister.co.uk/content/4/24667.html - - - - - - - - E-Insurance for the Digital Age Big insurers are now offering policies against hacks, viruses, and stolen data. They may also set security standards. The past six months have been tough on the insurance industry. Claims resulting from the September 11 terrorist attacks have totaled into the tens of billions of dollars. At the same time, insurers are struggling to recover from a decade of price wars that left reserves depleted. But one tiny part of this sector is going great guns -- the e-business insurance market. http://online.securityfocus.com/news/361 - - - - - - - - Hacker-proof server: Myth or reality? Embedded systems have invaded our lives for some time now. They're in everything from digital watches to the ABS brakes in our cars. They're also in our computers, performing dedicated tasks that, if left to the general-purpose side of our systems, would probably take more resources and add more overhead than warranted by the importance of their tasks. http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2859424,00.html - - - - - - - - The Feds can't protect kids from Net porn The ongoing battle over the Children's Internet Protection Act isn't about right vs. wrong as much as it's about deciding which side is more right. It's one of those cases that makes you glad you're not a judge. Signed into law two years ago, CIPA requires schools and libraries that receive federal funding to install technology (usually software) that would prevent children from accessing objectionable content--porn, bomb recipes, hate speech, and the like. Libraries that choose not to implement such filters would lose their federal dollars. http://zdnet.com.com/2100-1107-873443.html - - - - - - - - Managing passwords and PINs is the key to confidentiality Long before the widespread proliferation of computers, businesses risked fraud and error in almost every transactionbad checks, expired credit cards, forgeries, impostors, and corporate espionage. In electronic transactions, however, the risk is greater. Anyone who has shopped via the Internet knows that business transactions frequently take place remotely between people who dont know each other. How can each party in a transaction ensure that the other party is, indeed, who he or she claims to be? http://www.techrepublic.com/article_guest.jhtml?id=r00620020401ern01.htm - - - - - - - - Feds drop in on bin Laden prankster Mobile phone joke in 'bad taste'. A US joker found himself running foul of his friends and the FBI when he registered his mobile phone caller ID under the name Osama bin Laden. The man identified by the Feds as 'Bill', from Spokane in Washington, contacted his mobile phone operator which processed the paperwork without question. An FBI spokesman said that it received complaints from Bill's friends when the bin Laden name flashed up on their caller ID machines. http://www.vnunet.com/News/1130552 - - - - - - - - Tech revs up ambulance services More than 100 ambulance services in South Dakota most of them volunteer organizations have been outfitted by the state with new computers and software that government officials hope will significantly boost the services' ability to react during major disasters and emergencies. The new systems will bring all of the ambulance services on to the Internet, many of them for the first time, allowing state officials to quickly reach them via e-mail in the event of an emergency. http://www.fcw.com/geb/articles/2002/0401/web-dakota-04-02-02.asp *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.