June 26, 2002 U.S. finds clues to potential cyber-attack Dams, Utilities, 911 System Called Vulnerable Last fall, Mountain View police detective Chris Hsiung began investigating a pattern of surveillance against Silicon Valley computers. From the Middle East and South Asia, unknown browsers were exploring digital systems used to manage utilities and government offices. Hsiung, a high-tech crime specialist, alerted the FBI. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3554402.htm http://online.securityfocus.com/news/502 http://www.washingtonpost.com/wp-dyn/articles/A50765-2002Jun26.html - - - - - - - - Southern California men sentenced in counterfeit software scheme Two San Gabriel Valley men have been sentenced to federal prison terms after pleading guilty to conspiracy for trafficking high-quality counterfeit Microsoft products, officials said. Ted Chien, 30, of Rowland Heights, was sentenced to 33 months in federal prison and ordered to pay a $7,500 fine for his role in trafficking nearly $1 million worth of counterfeit software, said Thom Mrozek, a spokesman for the U.S. attorney's office. The bogus products included Windows 98, Windows Office 2000 and Windows Millennium Edition. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3548412.htm - - - - - - - - FBI raid sparks Akamai v. Speedera court battle Akamai Technologies Inc and Speedera Networks Inc took their increasingly bitter rivalry to court in San Francisco yesterday, with two lawsuits being filed after it emerged the FBI is investigating the alleged "hacking" of Akamai's confidential data by Speedera's CTO, Richard Day, Kevin Murphy. Speedera confirmed yesterday five FBI agents raided the company's offices in Santa Clara, California early Monday morning. Reports said Day's computers and data were seized, though Speedera would not confirm this. The FBI declined to confirm or deny the existence of an investigation. http://www.theregister.co.uk/content/6/25915.html http://zdnet.com.com/2100-1105-939728.html http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3549293.htm - - - - - - - - Yaha Worm Takes Out Pakistan Government's Site Virus uses victim computers as denial-of-service agents, and tries to recruit Indian hackers into a cross-border cyber war. The official Web site of the government of Pakistan is apparently the victim of a politically motivated attack launched by the latest version of an Internet worm. Virus experts said the Yaha.E worm, first identified on June 15, contains a payload designed in part to disrupt the home page of the Islamic Republic of Pakistan with a rudimentary denial of service attack. http://online.securityfocus.com/news/501 - - - - - - - - Philips: Crack down on CD smugglers Philips Electronics said Tuesday it had filed a complaint with the U.S. International Trade Commission (ITC) against 19 blank-CD makers and trading companies to prevent the import of unlicensed discs. Philips, Europe's biggest consumer electronics company, accuses the companies of infringing its patents covering CD-R (CD-recordable) and CD-RW (CD-rewritable) technologies by selling the discs in the United States without a license. http://zdnet.com.com/2100-1103-939420.html - - - - - - - - House bans "morphed" child pornography The U.S. House of Representatives voted overwhelmingly Tuesday to restrict computer- generated sex images of minors. The 413-to-8 vote aims to circumvent a recent Supreme Court decision that nixed an earlier ban on "morphed" child pornography. A similar proposal has been introduced in the Senate. With the enthusiastic backing of both Democrats and Republicans, final passage of a bill this year is all but certain. http://news.com.com/2100-1023-939407.html http://zdnet.com.com/2100-1104-939431.html Porn bill skirts Supreme Court http://www.washtimes.com/national/20020626-62122.htm - - - - - - - - House passes law enforcement information-sharing bill The House on Wednesday passed a bill that would permit federal law enforcement authorities to share information about potential terrorist attacks with state and local authorities. Passed by a vote of 422-2, the bill, H.R. 4598, would require the president to promulgate guidelines for sharing classified and sensitive intelligence information, as well as information obtained through wiretaps or grand-jury investigations. http://www.govexec.com/dailyfed/0602/062602td2.htm - - - - - - - - Lawmaker: Let studios hack P2P sites A California congressman is preparing a bill that would let copyright owners, such as record labels or movie studios, launch high-tech attacks against file-swapping networks where their wares are traded. Rep. Howard Berman, D-Calif., whose district includes Hollywood territory, said Tuesday that copyright owners needed new legal protections to combat online piracy. Some of the labels' and studios' high-tech techniques for stopping online file traders might be illegal under anti-hacking laws, Berman said. http://zdnet.com.com/2100-1105-939433.html http://news.zdnet.co.uk/story/0,,t269-s2117979,00.html Copyright vigilantes ride P2P shotgun http://www.theregister.co.uk/content/6/25903.html - - - - - - - - Internet gambling too accessible for children, FTC says Many gambling Web sites lack adequate safeguards and warnings to prevent children and teenagers from placing illegal bets, federal regulators said Tuesday. In a survey of 100 popular Internet gambling sites, the Federal Trade Commission found that one in five had no warnings for minors and most had disclaimers that were hard to find. The sites also lacked screening mechanisms to keep children out or had blocks that kids could easily get around. http://www.nandotimes.com/technology/story/448190p-3586179c.html http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3550717.htm - - - - - - - - Bank crime data theft on the rise At state banking convention, frustration is obvious. Ski-mask wearing, gun-brandishing thieves dashing out of banks with cash-stuffed moneybags are good theater. But the truth is, bank robbers are a dying breed. Only 2 percent of mounting bank crime losses are now from physical robberies, according to the Oregon Bankers Association. Todays crooks now hide safely in another city, state, or halfway around the world while they commit their crimes. And often, its not even the banks money they want. http://www.msnbc.com/news/772723.asp - - - - - - - - Web site checks your credit card against stolen numbers An anti-fraud education group that tipped federal authorities to a major Internet credit card scheme has opened a Web site that will let Americans check to see if their card numbers are in the hands of thieves. The database of stolen credit card numbers, which became available on the Web late Tuesday, was created over the last seven weeks and has already identified nearly 100,000 credit card numbers, the group said. http://www.nandotimes.com/technology/story/447251p-3580050c.html http://www.usatoday.com/life/cyber/2002/06/26/identity-theft-site.htm http://www.newsfactor.com/perl/story/18405.html http://www.cnn.com/2002/TECH/internet/06/26/identity.theft.ap/index.html - - - - - - - - How the Secret Service became cybercops Trained in martial arts, sworn to secrecy, famous for high-tech earplugs and icy stares, the oldest law enforcement agency in the federal government --the U.S. Secret Service--is now protecting our national interests online. "Cybercrime today is the equivalent of counterfeiting in the 1860s," said special agent John Frazzini, speaking to security professionals at the NetSec 2002 conference in San Francisco last week. Frazzini related the simple rationale behind the decision to make the Secret Service, a law enforcement agency best known for protecting the U.S. president, our nation's elite cybercops: The country needed someone to protect the economy. http://zdnet.com.com/2100-1107-939425.html - - - - - - - - Researchers Say Software Innovation Thwarts Piracy "It's a new concept of helping programs to be able to self-heal and self-protect. We're inside the program watching for things that don't belong." A new method that uses a network of small programs to protect software from being cracked and distributed illegally over the Internet is under development at Purdue University. http://www.newsfactor.com/perl/story/18400.html http://online.securityfocus.com/news/499 - - - - - - - - Researcher discovers OpenSSH flaw An Australian security researcher has discovered a vulnerability in versions of OpenSSH, which companies are being warned could expose them to a hacker attack. An advisory issued on Wednesday by vendor Internet Security Systems (ISS) warns that versions OpenBSD 3.0, OpenBSD 3.1, FreeBSD-Current, and OpenSSH 3.0-3.2.3 are affected by the vulnerability. According to ISS, Open Secure Shell (OpenSSH) is included in many operating system distributions, networking equipment, and security appliances. http://news.zdnet.co.uk/story/0,,t269-s2118054,00.html - - - - - - - - Microsoft discloses security flaws Microsoft Corp. disclosed Wednesday that it has found three security flaws - one critical - in its popular Internet audio and video software. The flaws were found in Windows Media Player versions 6.4, 7.1 and in its newest Windows XP operating system. The most serious flaw can allow an attacker access to the user's system with the ability to add, change or delete data and perform other functions. The company has posted on its Web site a software "patch" for users to download. http://www.nandotimes.com/technology/story/448186p-3586117c.html - - - - - - - - Microsoft Wants Security Hard-Wired in Your Computer It's tough to plug holes in a ship's hull once it is at sea, or to reattach an airplane's wing in flight. Yet that's akin to what the computer industry has been trying to do with security: append layer after layer of protection onto the world's increasingly connected computer networks, all as one big afterthought after another. http://www.washingtonpost.com/wp-dyn/articles/A51780-2002Jun26.html - - - - - - - - Critics Take Aim at New Filtering Service New filtering software that relies on Web site operators to label their content has found favor with some of the Internet's most popular portals, but developers of commercial filtering products question the value of the system's voluntary approach. The nonprofit, industry-backed Internet Content Rating Association (ICRA) today released ICRAfilter, a free software product that works in conjunction with electronic "meta-tags" installed by Web site operators. http://online.securityfocus.com/news/500 - - - - - - - - Secure Computing waves next-gen firewall roadmap Secure Computing Corp yesterday unveiled how it plans to merge the Gauntlet business it bought from Network Associates Inc into its existing firewall business, with the goal of shipping the first of its "next generation" firewalls, codenamed NGF, at the end of the year, Kevin Murphy writes. According to product marketing manager Paul DeBernardi, the company is merging Gauntlet into its old Sidewinder family in a two-phase approach. In December or January, the company will release partly featured NGF products, which will be followed up by more advanced releases in mid-2003. http://www.theregister.co.uk/content/55/25901.html - - - - - - - - Nokia touts firewall certification Nokia Internet Communications Inc, the Nokia Corp internet appliance subsidiary, will today take the wraps off an interoperability certification program for security appliances it has been quietly operating for the last seven months, and will reveal the first batch of "hand-picked" partners. The aim of the program is to provide customers with a stamp of approval that third-party software works with Nokia's popular firewalls. Software developers taking part in the program will port their software to Nokia's IPSO operating system, and make it available either on standalone Nokia boxes or bundled with Nokia firewalls appliances. http://www.theregister.co.uk/content/55/25912.html - - - - - - - - Mitnick testimony burns Sprint in Vegas 'vice hack' case Since adult entertainment operator Eddie Munoz irst told state regulators in 1994 that mercenary hackers were crippling his business by diverting, monitoring and blocking his phone calls, officials at local telephone company Sprint of Nevada have maintained that, as far as they know, their systems have never suffered a single intrusion. The Sprint subsidiary lost that innocence Monday when convicted hacker Kevin Mitnick shook up a hearing on the call- tampering allegations by detailing years of his own illicit control of the company's Las Vegas switching systems, and the workings of a computerized testing system that he says allows silent monitoring of any phone line served by the incumbent telco. http://www.theregister.co.uk/content/55/25893.html - - - - - - - - Hackers play with the Xbox The Xbox - entertaining inside and out Microsoft's Xbox console may not be overpopular with computer game players but it is rapidly winning fans in the hardware hacking world. Computer scientists, smart amateur engineers and others are taking the console apart and creating modification chips and software for the machine to make it do things Microsoft never intended it to. http://news.bbc.co.uk/hi/english/sci/tech/newsid_2067000/2067045.stm - - - - - - - - How to Disappear Your inbox is awash in spam, your boss is chuckling over your credit report, and you've got a sneaking suspicion that Uncle Sam counts how many Lowenbrau you chug. Yes, your privacy's shot to hell, and you're tempted to shrug and settle for an open source life. But privacy isn't like virginity, forever lost after the first trespass. With some work, "reprivatization" is possible. Use this three-tiered guide to pick a level of solitude. But be warned: Going all the way off the grid is more Ted Kaczynski than Howard Hughes. http://www.wired.com/wired/archive/10.07/start.html?pg=14 - - - - - - - - Irresponsible Disclosure Internet Security Systems violated community standards and common sense with its surprise Apache bug announcement. The Apache security hole reported by ISS last week ends one of the most remarkable streaks in computer security. The last major Apache security holes were reported in January 1998. Four and a half years without a serious vulnerability in so widely used an application is an incredible record, one for which the Apache team should be commended. http://online.securityfocus.com/columnists/91 - - - - - - - - Defending the PC invasions Once a haven for anonymous surfers, the Internet is more like a nudist colony--thanks to marketing tools such as tracking devices and hidden software that takes over your PC. Do we need regulations, live with it or find a way to strike back? http://zdnet.com.com/2251-1110-939057.html - - - - - - - - Manager of FBI computer overhaul resigns The executive in charge of overhauling the FBI's antiquated computer system has resigned. The FBI said Robert Chiaradio is leaving to take a job at financial consulting giant KPMG. He was elevated in December to one of the bureau's top four administrative positions. http://www.usatoday.com/life/cyber/tech/2002/06/26/fbi-computers.htm - - - - - - - - Vietnam seeks to monitor customers at Internet cafes Communist Vietnam plans to monitor customers at Internet cafes to prevent them from accessing politically and morally objectionable Web sites, state-controlled media reported Wednesday. Vietnam's government has recently sought to toughen its control over access to information, including foreign television broadcasts, as the country opens up economically to the outside world. http://www.cnn.com/2002/TECH/internet/06/26/vietnam.internet.ap/index.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.