April 29, 2002 Vivendi hacker charge doesn't compute Allegations by French media group Vivendi Universal that an embarrassing flop in a shareholder vote last week was down to hacker sabotage make little sense, security experts said on Monday. Vivendi, whose controversial chief executive Jean-Marie Messier has come under fire from investors in recent weeks, issued a statement on Sunday alleging hackers may have tampered with a vote last week that would have granted a new stock option plan for company executives. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3161813.htm http://zdnet.com.com/2100-1105-894400.html http://www.newsbytes.com/news/02/176188.html http://www.msnbc.com/news/744886.asp http://www.wired.com/news/business/0,1367,52162,00.html http://www.vnunet.com/News/1131345 http://www.nandotimes.com/technology/story/383785p-3058515c.html - - - - - - - - Washington state cracks down on e-mail porn At least six Washington state employees who used their e-mail to send raunchy jokes, sexual overtures and even make plans for an orgy will be fired, the state Department of Labor and Industries said on Friday, adding that it is investigating 14 more of its workers to find out if they too abused their e-mail. An agency of 2,700 overseeing worker compensation plans, L&I says it has uncovered hundreds of off-color e-mails, that, while not illegal, violated department rules on misusing state resources. http://zdnet.com.com/2110-1106-893790.html - - - - - - - - Australian registrar linked to NZ domain "scam" Internet Name Group has been implicated in a mass mail-out marketing scheme that has come under the scrutiny of domain registry authorities in New Zealand. Internet Name Group (ING) has been linked to another domain registry company, Internet Name Protection, which has been accused by CEO of .nz domain register, Domainz, Derek Locke of running a scam. http://www.zdnet.com.au/newstech/ebusiness/story/0,2000024981,20264888,00.htm - - - - - - - - Chinese cyberthreat increasing, experts say The Chinese government may not have the ability to cripple U.S. Defense Department computer networks yet, but more sophisticated cyberattacks emanating from that country are possible even probable in the near future, according to DOD and intelligence officials. U.S. intelligence officials say there is evidence that the Chinese military is working to launch wide-scale cyberattacks on American and Taiwanese computer networks, according to a classified CIA report, as first reported by the Los Angeles Times last week. http://www.fcw.com/fcw/articles/2002/0429/news-hack-04-29-02.asp - - - - - - - - New Stealth Attack Found Against Personal Firewalls A new technique for defeating personal firewall software has been discovered. But at least one firewall vendor said the trick poses little risk to computer users. Backstealth, a demonstration program that bypasses the outbound data filters in firewalls from Symantec, McAfee, and other firms, was posted last week to Packetstorm, a popular security tools site. According to Backstealth's author, Paolo Iorio, the program is designed to access a remote Web site and download a harmless text file without detection by the user's firewall. http://online.securityfocus.com/news/382 http://www.newsbytes.com/news/02/176213.html - - - - - - - - 'Blended' attacks pose serious security threat Attacks that target different areas of your network are a major danger, and a strong defence is essential. Though the term is new -- "blended" security threats aren't. These types of threats target several areas of network vulnerability simultaneously. What is new and unique, however, is what the malicious code within them is doing. In a blended threat, malicious code can take many forms and can attack your enterprise in a number of different ways. It can also do more than one kind of damage while it's in your system. http://news.zdnet.co.uk/story/0,,t269-s2109279,00.html - - - - - - - - E-Mail Opens New Door For Familiar Scam Tactic He is a suburban Washington entrepreneur, middle- aged, prosperous -- and too humiliated to discuss how a businessman as smart as he could fall for such an obvious scam. But later this year, the local entrepreneur, who spoke on condition of anonymity, may be in a Canadian courtroom to recount a disquieting tale of being duped out of $750,000 via an unsolicited fax. The get-rich- quick con, dubbed the "Nigerian Letter Scam" by authorities, was operated out of Toronto and Nigeria from 1994 to 2000 and swindled more than 300 people, including about 20 in the Washington area, out of approximately $20 million, according to law enforcement officials. http://www.washingtonpost.com/wp-dyn/articles/A64335-2002Apr28.html http://www.newsbytes.com/news/02/176181.html - - - - - - - - Training the cyberwar troops The US Department of Defense has been running a cybersecurity exercise so students can get hands-on with networks that are under attack. Systems administrator David Riebrandt's first hint that intruders had hacked the military network came from telltale electronic footprints. From the logs -- electronic records of the information passed on the network -- it quickly became evident that a server with gate-keeping control over different parts of the system was getting downright chatty with a foreign computer via the Internet. http://news.zdnet.co.uk/story/0,,t269-s2109297,00.html http://zdnet.com.com/2100-1105-893418.html - - - - - - - - EU to harmonise cybercrime laws he Commission of the European Union has adopted a proposal for a Council framework decision that seeks to harmonize the EU's legal response to so-called cybercrimes, including hacking, denial of service attacks and virus dissemination. The proposal, aid EU Justice and Home Affairs Commissioner Antonio Vitorino, "aims to ensure a common minimum level of criminal law in all Member States" and calls for the mandatory introduction of 24-hour ontact points in member states to facilitate the exchange of cybercrime information. http://www.theregister.co.uk/content/55/25057.html - - - - - - - - Porn-Password Net Ordered To Police Copyrights A federal court judge has ordered the operator of a members-only network for access to adult Web sites to crack down on copyright infringement on Web sites run by many of its nearly 300,000 affiliates. A massive policing effort ordered by U.S. District Court Judge Lourdes Baird in Los Angeles last week means that Cybernet Ventures must eventually examine the content of thousands of sites linked to its popular Adult Check system in a hunt for the names and photographs of celebrities and models represented by the tony nude magazine "Perfect 10." http://www.newsbytes.com/news/02/176209.html - - - - - - - - Online music service BurnItFirst debuts EMI Recorded Music today introduced the first subscription service backed by a major label to give consumers what they want -- the ability to download music and take it with them. EMI and technology partner Liquid Audio of Redwood City launched BurnItFirst, a Christian music service that allows consumers to keep the music they download, create custom CD compilations and transfer their favorite tunes to portable devices. http://www.siliconvalley.com/mld/siliconvalley/3159290.htm Liquid Audio to let subscribers burn music http://news.com.com/2100-1023-893707.html http://news.zdnet.co.uk/story/0,,t269-s2109273,00.html http://www.msnbc.com/news/745145.asp Gateway--behind the music? http://zdnet.com.com/2100-1105-893485.html File-swapping sites multiply http://www.msnbc.com/news/745266.asp http://www.cnn.com/2002/TECH/internet/04/29/file.swapping.reut/index.html Future of secure digital music initiative grim http://www.usatoday.com/life/cyber/tech/2002/04/29/sdmi.htm - - - - - - - - IRS sets the standard for protecting privacy With a special tool designed to ensure that information is protected when new information systems are built, the IRS is setting the standard for federal agencies and other governments in protecting privacy in the age of electronic information. http://www.govexec.com/dailyfed/0402/042902j1.htm - - - - - - - - MS top security cop stuck in traffic Meet Microsoft's new tough cop: a security czar who says he will draw heavily on his government background to shore up the holes in Microsoft's software that make it a popular target for hackers one of the company's top missions for the year. "I'm going to spend a lot of time commuting between the two Washingtons," Scott Charney told Reuters in an interview. Charney assumed his new role as chief security strategist at Redmond, Washington-based Microsoft on April 1. http://zdnet.com.com/2100-1105-893803.html http://news.zdnet.co.uk/story/0,,t269-s2109318,00.html http://www.cnn.com/2002/TECH/internet/04/29/microsoft.security.reut/index.html http://www.usatoday.com/life/cyber/2002/04/29/microsoft-security.htm - - - - - - - - Dmitry employer on copyright crusade Russian programmer Alexander Katalov landed in Moscow a week ago just in time to celebrate his wife's birthday. The flight came at the end of what the ElcomSoft CEO hopes will be his last trip to the United States for a while. Katalov has spent many months away from his family since last July, when his company found itself on the wrong side of the law as a defendant in the first major test case of the criminal provisions of the Digital Millennium Copyright Act ( DMCA). http://zdnet.com.com/2100-1106-894287.html http://news.com.com/2100-1023-894171.html?tag=fd_lede http://www.newsbytes.com/news/02/176180.html - - - - - - - - Microsoft warns of Outlook attacks On April 26, Microsoft released a new security bulletin, MS02-021, for anyone running Microsoft Word as the default e-mail editor for Microsoft Outlook 2000 and 2002. (The Word option is enabled or disabled by clicking Tools > Options > Mail Format.) Users editing or creating e-mail in rich text or HTML formats with the Word option could be vulnerable to harmful scripts sent from malicious users. http://zdnet.com.com/2100-1104-893841.html http://news.zdnet.co.uk/story/0,,t269-s2109279,00.html http://www.vnunet.com/News/1131314 - - - - - - - - Microsoft Excels @ insecurity Microsoft has only partly fixed a flaw involving malicious script execution involving Office, according to veteran bug hunter Georgi Guninski. Last week Microsoft issued a patch which meant users who use Word as an email editor in Outlook 2000 or 2002 could fall victim to script execution when a malicious memo is replied to or forwarded. http://www.theregister.co.uk/content/6/25064.html - - - - - - - - Ballmer: Microsoft to launch security update tool Microsoft Corp. will launch a new tool this year called Microsoft Update that's designed to automate companies' process of publishing and distributing Microsoft security patches, Steve Ballmer, the company's CEO, said today. The product will be modeled after the company's Windows Update tool, which automates the updating of features for Windows operating systems, Ballmer told attendees at the Microsoft Enterprise Solutions Conference 2002 for Latin America, being held in Boca Raton, Fla., this week. http://www.computerworld.com/storyba/0,4125,NAV47_STO70529,00.html - - - - - - - - Cybersqatters claim victory in domain battle In a victory for cybersquatters and others who snatch up domain names containing personal monkers, a dispute-resolution board has refused to turn over Web addresses containing the words "Kathleen Kennedy Townsend." Townsend, Maryland's lieutenant governor and a potential candidate for governor this year, discovered that a Baltimore man had registered several Web addresses with her name, including kennedytownsend.org and kathleenkennedytownsend.com. http://zdnet.com.com/2100-1105-894403.html http://news.com.com/2100-1023-894311.html http://www.newsbytes.com/news/02/176189.html - - - - - - - - Veritas thriving on insecurity worries, data loss fears Veritas Software Corp., one of the world's top-selling software makers, always seemed to take a back seat to other high-tech heavyweights until Sept. 11. After that fateful day, Veritas had little trouble persuading businesses of the need to protect crucial data and guard against system crashes -- the work of its software storage and backup products. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3157881.htm - - - - - - - - Employees seen as computer saboteurs Digital cameras, MP3 players and handheld computers could be the tools that disgruntled UK employees use to sabotage computer systems or steal vital data, warn security experts. The removable memory cards inside the devices could be used to bring in software that looks for vulnerabilities on a company's internal network. http://news.bbc.co.uk/hi/english/sci/tech/newsid_1946000/1946368.stm WinAmp's 'malicious MP3' vuln http://www.theregister.co.uk/content/55/25075.html - - - - - - - - Security tightens on wireless e-mail Three telephone service providers are dressing up their wireless messaging services for introduction into the corporate world. The three--Sprint, its cellular division Sprint PCS and Cingular Wireless say they have created wireless messaging services that are secure enough for use by corporations and their mobile work forces. http://zdnet.com.com/2100-1105-893786.html http://news.com.com/2100-1033-893756.html - - - - - - - - Dollar Diddling and the Billion-Dollar Viruses How journalists tap "experts" to reach absurd conclusions about the cost of computer viruses. Let us now pause to praise the computer virus cost accountants. We pray they cease their counsel, which falls into our ears as profitless as water in a sieve. Yeah and verily, the computer virus econometrics gurus join a royal college of experts who live primarily to feed statistics and figures to the news media. Well before the invention of the computer virus, I encountered cost and figures "experts" continually as a writer for a daily newspaper. No story describing a problem or social phenomenon was complete without a few meaningless statistics passed off as hard fact or proof of some assertion. http://online.securityfocus.com/columnists/78 - - - - - - - - Why I trust Microsoft more than my bank A new Gartner study comes to the not-so-staggering conclusion that Mr. and Mrs. America don't like online authentication services such as Microsoft's Passport and AOL's Screen Name service. The reason: They don't trust the two companies to keep their personal information safe. Given how the two companies are forcing their respective user name and authentication schemes down people's throats, it doesn't surprise me that consumers are choking on them. http://zdnet.com.com/2100-1107-893801.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.