July 1, 2002 *************** NOTICE TO SUBSCRIBERS *************** Due to the upcoming U.S. holiday, we will not be delivering newsletters on July 4 and 5. NewsBits will be back to its normal schedule the following work week. Take care and stay safe! RJL ***************************************************** Mafia boss jailed in FBI keyboard bugging case A New Jersey federal court has sentenced Nicodemo Scarfo to 33 months in prison at the end of a case that tested the legality of law enforcement surveillance techniques. Government agents placed a keystroke-logging device on Scarfo's computer and a key point in the case was reached when US District Court Judge Joel Pisano ruled in December that evidence from the device was admissible. Two months later Scarfo, the son of the jailed former boss of the Philadelphia mob, changed his plea and admitted his role in an illegal gambling operation. http://www.theregister.co.uk/content/55/25971.html - - - - - - - - Bank accounts hit by online hack A Singapore bank has confirmed that money has been taken from customer accounts, and that a suspect is being investigated. Singapore's DBS Bank, the banking unit of DBS Group Holdings, says a computer hacker has siphoned money from 21 online bank accounts in amounts ranging from S$200 (PS73) to S$4,999 (PS1,800). The bank declined to comment on the total amount pilfered but said that all 21 cases happened on 19 June, when one of its customers raised the alarm. http://news.zdnet.co.uk/story/0,,t269-s2118223,00.html - - - - - - - - FBI to valley: Tell us about attacks Businesses have remained tight-lipped when it comes to reporting cyberattacks or other breaches of their security for fear that the bad publicity would also bombard their bottom lines. But the FBI has begun offering them anonymity and critical information in exchange for their much-needed cooperation in battling hackers and other terrorists. http://www.msnbc.com/news/774803.asp - - - - - - - - FBI computers are still far from wired When Harold Hendershot joined the FBI two decades ago, agents used three-by-five index cards to organize their case information. The U.S. crime fighting agency has since bought computers, Hendershot reassured a crowd of tech enthusiasts at a trade show in New York recently, but it's still far from wired. "The system is broken," said Hendershot, chief of the counterintelligence computer intrusion unit at the National Infrastructure Protection Center, a division of the FBI charged with protecting U.S. infrastructure. http://zdnet.com.com/2100-1105-940801.html http://www.theregister.co.uk/content/4/25956.html http://news.zdnet.co.uk/story/0,,t269-s2118252,00.html FBI gets records management act together http://www.gcn.com/vol1_no1/daily-updates/19202-1.html - - - - - - - - Report: Brace for new wave of attacks The Web is currently more vulnerable to attack than ever before, as a result of several serious security flaws for different server applications being published within a few days of one another, according to a survey from British network security firm Netcraft. Microsoft published a trio of security advisories on June 12 related to its Internet Information Server (IIS), and this was followed on June 17 by the publication of a bug in the Apache Web server application that leaves the software open to a buffer overflow attack. Together, Apache and IIS make up nearly 90 percent of active Web servers, according to Netcraft, although it has not yet been conclusively proven that the Apache flaw affects versions running on the Linux and Solaris operating systems. http://zdnet.com.com/2100-1105-940797.html Web ripe for massive worm attack http://news.zdnet.co.uk/story/0,,t269-s2118228,00.html - - - - - - - - Kowbot worm targets Kazaa network Virus masquarades as appealing media files. Users of the Kazaa file-sharing network were today warned about the second virus in as many months to infect users. The virus, known as the Kowbot worm, is able to take control of the victim's computer as well as update itself automatically and send information out from the host machine. It can also be used as a remote control internet relay chat (IRC) bot and to attack IRC chat servers. http://www.vnunet.com/News/1133129 - - - - - - - - Worm exploits Apache vulnerability on FreeBSD A worm that can compromise systems running the Apache Web server on the FreeBSD operating system is crawling the Internet, but its spread and impact are limited, experts said today. The worm takes advantage of a known security hole in Apache Web servers by scanning the Internet and installing a backdoor application when it finds a vulnerable Web server. This backdoor allows the attacker to remotely control the system and use it in attacks on other Web servers, according to antivirus software vendor F-Secure Corp. in Helsinki. http://www.computerworld.com/securitytopics/security/virus/story/0,10801,72373,00.html http://www.vnunet.com/News/1133123 http://zdnet.com.com/2100-1105-941047.html http://news.com.com/2100-1001-940989.html - - - - - - - - Klez tops virus charts - again Variants of the Klez worm were by far the most common viruses circulating on the Internet this month. Again. That's according to monthly statistics from managed services firm MessageLabs, which stopped 788,137 copies of the virus in June, compared to 524, 507 in May. http://www.theregister.co.uk/content/56/25976.html - - - - - - - - Decision on Net gambling unlikely bet A congressional attempt to ban Internet gambling faces long odds of passage, handicappers say, as the clock winds down on the legislative year and interest groups continue to register their opposition. Online casinos have proliferated in recent years, raking in billions of dollars from Internet users across the globe and raising fears that they could encourage compulsive gambling and undermine local regulations. http://news.com.com/2100-1023-940999.html - - - - - - - - Copyright piracy thrives in Russia Their lips are moving, but the words are out of sync. The video picture seems the wrong size for the screen, and surely the skin tones of the characters aren't supposed to have that greenish hue. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3576923.htm - - - - - - - - Who's Protecting Cyberspace? Feds consider new organizations, policy to guard against cyberterrorist threat. Protecting the nation's cybersecurity is becoming a federal priority, as experts warn that cyberterrorists could target not only networks, but also many services and infrastructure operations controlled by computers. The Homeland Security Act is President Bush's solution, but as the plan makes its way through Congress, government officials are raising concerns and suggesting additional precautions. http://www.pcworld.com/news/article/0,aid,102356,00.asp - - - - - - - - Commonwealth Games in porn row Organisers for the high-jump after kids access adult icons. Organisers of the Manchester Commonwealth Games have apologised after allowing kids to access pornographic material from its official website. A spokesperson told the BBC that a search engine function had been left on, giving kids access to Jippii's whole range of downloadable mobile phone logos and ring tones, some of which are of an adult nature. http://www.vnunet.com/News/1133121 - - - - - - - - Computer bugs 'mirror human viruses' Computer viruses mirror their human equivalents in the way they behave, are structured and even in the threat they pose, according to a new study. Following a year-long investigation, experts in medicine and technology believe they have discovered parallels between the two viruses which could help in the fight against them. http://www.ananova.com/news/story/sm_618959.html - - - - - - - - Real-life hacker writing unreal account Barred by the terms of his probation from messing with computers, ex-convict hacker Kevin Mitnick has turned to writing about them, baring the tricks of his former trade in a forthcoming book. An advance copy of the book, The Art of Deception, describes more than a dozen scenarios where tricksters dupe computer network administrators into divulging passwords, encryption keys and other coveted security details. http://usatoday.com/life/cyber/tech/2002/07/01/hacking-manual.htm http://www.msnbc.com/news/774429.asp?0si=- http://www.cnn.com/2002/TECH/internet/07/01/hacking.manual.ap/index.html http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3576919.htm - - - - - - - - Royalties requirements may threaten college stations' Webcasts Student disc jockey Meredith A. Neville played everything from jazz to Sonic Youth to Malaysian dance music last Wednesday morning on WXYC-FM. During her three-hour shift, she sent out more than 40 songs over the airwaves. And over the World Wide Web. WXYC, UNC-Chapel Hill's low- wattage student station, is billed as the first radio station anywhere to put its broadcast online, around the clock, starting in 1994. http://www.nandotimes.com/technology/story/452669p-3624694c.html - - - - - - - - MS security patch EULA gives Billg admin privileges on your box If you caught our recent coverage of the Windows Media Player trio of security holes you may have followed a link to the TechNet download site for a patch, or you might have activated Windows Update. http://www.theregister.co.uk/content/4/25956.html - - - - - - - - Boom time's over for security pros Despite the ongoing focus on security since the Sept. 11 attacks, computer security administrators are not immune to the current economic malaise, according to a study released Monday. Though they remain among the most highly paid tech workers, security professionals have seen their average raises drop more than 40 percent since December 2000--from increases of 11.6 percent to bumps of 7 percent. And trading up to better-paying jobs in the same field is a thing of the past, said Alan Paller, director of research and development for the System Administration Networking and Security (SANS) Institute, which produced the survey. http://zdnet.com.com/2100-1105-940916.html - - - - - - - - Is Drkoop taking care of privacy? More than six months after filing for bankruptcy protection, Drkoop.com is selling its assets, including its members' e-mail addresses, to Vitacost.com. The sale of the popular health information site, co-founded by former U.S. Surgeon General C. Everett Koop, will be final by Friday. Drkoop members have until Sunday to opt-out of having their e-mail addresses added to the mailing lists of Vitacost.com, an online vitamin discount shop based in Boynton Beach, Fla., and its affiliate HeartCenterOnline, a Web site for cardiovascular patients. http://zdnet.com.com/2100-1106-941028.html http://news.com.com/2100-1017-940968.html - - - - - - - - Warchalking: London Wi-Fi guerrillas take tips from hobos A new fad in London is taking the Internet community by storm: chalking runes on pavements and walls to indicate the presence of a wireless networking node. Seventy years ago, during the Depression in the US, hobos drew signs to indicate to each other where they could get a meal. Now, across the Atlantic in London, geeks are talking about using a similar system of chalk symbols to signal where they can get a decent wireless Internet connection. http://news.zdnet.co.uk/story/0,,t269-s2118000,00.html - - - - - - - - Wireless attacks: Wave a white flag? The major Internet backbone networks for the Pacific Northwest converge at a single location: the Westin building in Seattle, a 32-story structure that houses dozens of major and minor Internet service providers. It is also home to more than 50 wireless networks, most of which apparently have no security. http://zdnet.com.com/2100-1105-940820.html - - - - - - - - Cyberlaw: Cybersmart or cybersilly? Sketpics cast doubt on hot new legal field. Is there really a cyberspace full of cybercitizens who need only be accountable to their own cyberlaws? A loose-knit group of law professors is bucking one of the big fads in the legal field by calling that whole idea cybersilly. http://www.msnbc.com/news/774871.asp - - - - - - - - Cyberwar is Hell The campaign against cyber terrorism has at least one thing in common with genuine conflicts... wartime profiteers. Cyberwar is Hell! But it's never too hellish for feverish salesmanship. Take, for example, McAfee's recent botched attempt to sell the public on the merits of the fiendish "JPEG virus" said to be hanging over beloved digital stockpiles of family photos and Swedish pornography like the sword of Damocles. http://online.securityfocus.com/columnists/92 *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.