September 4, 2002 Police arrest five in Net credit card fraud probe Sussex police have arrested five people suspected of involvement in a scam in which goods were bought online using information harvested from purloined credit card receipts. Detectives believe the gang obtained the victims' credit card information from till roll receipts dumped in a rubbish bin by a garage in Eastbourne, Sussex. Investigations led to a raid on a house in Eastbourne where property worth PS8,500 (including TVs, stereo equipment and even a bed) was recovered. http://www.theregister.co.uk/content/6/26953.html - - - - - - - - More cyber-attacks coming from Malaysia e-Cop.net Surveillance said that there has been a surge in cyber-attacks originating from Malaysia over the last quarter. According to data compiled by its regional Global Command Centers (GCCs), which monitor and protect client networks from cyber-attacks, Malaysia was among the top three countries of origination of intrusion attacks. http://asia.cnet.com/newstech/security/0,39001150,39078835,00.htm - - - - - - - - Resources drained by e-mail hoaxes The old adage that 'a fool and their money are easily parted' is still tempting more and more would-be fraudsters to run e-mail con tricks, such as the notorious Nigerian money scam. Increasingly we are seeing more and more e-mails--offering us everything from natural Viagra to a share of Bill Gates' fortunes--and those sending them clearly still see a market for their ludicrous scams. http://zdnet.com.com/2100-1105-956504.html Warning: Top-ten e-mail hoaxes in August http://zdnet.com.com/2100-1105-956507.html - - - - - - - - FBI Says Hotmail Hard to Find The government said Wednesday that a vigorous investigation of Zacarias Moussaoui's computer activity turned up no sign of an e-mail account the accused Sept. 11 conspirator said he used. In response to a judge's questions, prosecutors and an FBI computer expert said "xdesertman@hotmail.com" was not found because Microsoft's free Hotmail service does not verify an account user's identity. The Hotmail service also is unable to provide the account of a particular user on a particular computer at a specific date and time, according to the government's written motion. http://www.wired.com/news/politics/0,1283,54935,00.html - - - - - - - - Taking cyber predators to task Whether it's soliciting sex from minors or distributing child pornography, crimes against children have risen as Internet usage has soared. To keep pace with the problem, the federal government, in conjunction with state and local law enforcement agencies, has established task forces geared toward investigating crimes, training personnel and reaching out to the community. That effort, coupled with advances in technology, such as a secure portal to exchange extremely sensitive information, may help stem the increasing tide of such incidents, officials said. Leading the high- tech crackdown are the Internet Crimes Against Children (ICAC) task forces, regional programs funded by the Justice Department. http://www.fcw.com/geb/articles/2002/0902/web-crime-09-04-02.asp - - - - - - - - When Text Messaging Turns Ugly "We are watching you ... we are going to kill you ... we are going to kill your mum." This message would make anyone uneasy, but British children regularly send messages like this to each other as systematic bullying enters the 21st century through SMS -- the short message service that comes with all mobile phones in Europe. The government and children's advocacy groups have stepped in to help harangued kids cope. But so far no one's come up with a way to put the bullies in their place. One in four children in the United Kingdom have been bullied or threatened through their mobile phone or PC, according to a survey commissioned by British children's charity NCH. http://www.wired.com/news/school/0,1383,54771,00.html - - - - - - - - 9/11 prompts more govt surveillance Government surveillance increased throughout the West in the year following the September 11 terrorist attacks. A joint study by watchdogs Electronic Privacy Information Center and Privacy International charts increased communications surveillance, weakening of data protection regimes, and increased profiling and identification of individuals post 9/11. http://www.theregister.co.uk/content/6/26955.html - - - - - - - - I'll see your domain name in (US) Court! Two little-noticed and otherwise unremarkable decisions from the US 4th Circuit Court of Appeals, decided on 23 August 2002, now affirm a principle that is perhaps worrying for those 20 million or so .com domain name registrants who live outside the USA. The cases deal with the question of the geographical location of a domain name and which court can exercise jurisdiction over it. http://www.theregister.co.uk/content/6/26957.html - - - - - - - - Hack attacks on the rise Critical infrastructure could be next target. August has been a record breaking month for malicious hackers with 2002 set to become the worst year for digital attacks on record, according to security firm mi2g. The number of hack attacks in August reached 5,830, it reported. The total for the first eight months of 2002 reaching over 31,000 - more than the total for the whole of 2001. http://news.bbc.co.uk/2/hi/technology/2231205.stm - - - - - - - - Lack of cybersecurity specialists sparks concern The United States is facing an alarming shortage in skilled workers to protect the nation's critical infrastructures from cyberterrorism and other threats, several homeland security and high-tech experts said Wednesday. "There is going to be more demand ... for people with [information technology] skills," Harris Miller, president of the Information Technology Association of America, said during a cybersecurity conference in Washington sponsored by the MIS Training Institute. "It is a huge problem we have in this countrynot having enough people with adequate skills and training." http://www.govexec.com/dailyfed/0902/090402td2.htm - - - - - - - - VeriSign adopts anti-fraud system in bid to boost sales Online payment processor VeriSign Inc. has embraced an anti-fraud system that promises to decrease merchants' losses from stolen credit cards but could increase the checkout time for Internet shoppers. Mountain View-based VeriSign believes its adoption Wednesday of the credit card identification system developed by MasterCard will boost e-commerce by strengthening the protections against credit card fraud. The proliferation of bogus credit card transactions has dampened the growth of e-commerce by exposing merchants to substantial losses and unnerving security-conscious shoppers. Credit card fraud accounted for $1.2 billion, or just under 2 percent, of total online sales of $65 billion last year, according to Gartner Research. Merchants pay for most of those losses. (NandoTimes article, free registration required) http://www.nandotimes.com/technology/story/523622p-4151777c.html - - - - - - - - Cheap thrills on the cyber-terror beat Did you hear of the computer virus that could "attack the Pentagon's ability to mobilize or communicate with its forces" and cripple all government services in a city? I read about it in the Center for Defense Information's July Defense Monitor newsletter. It would be part of an "electronic Waterloo," readers were informed. These days "electronic Pearl Harbor" and "digital Armageddon" are fit only for the nitwit's book of cliches, but "e-Waterloo" is grossly underused. As such, I recommend gnomic cyber-security gurus massage it into worldwide circulation posthaste. http://www.theregister.co.uk/content/6/26949.html - - - - - - - - Glitch embarrasses anti-spam Web site A consumer group lobbying to outlaw unwanted spam e-mails sent by companies opened its campaign Wednesday with a new Web site but quickly had to fix a technical glitch that suggested visitors might unwittingly be added to the group's own e-mail list. The Telecommunications Research and Action Center said it never intended to send visitors unwanted e-mails and blamed the problem on an erroneous message created by the Web designer. "The guy that put it up didn't understand it real well," TRAC chairman Sam Simon said. (NandoTimes article, free registration required) http://www.nandotimes.com/technology/story/523645p-4151827c.html http://www.wired.com/news/politics/0,1283,54936,00.html - - - - - - - - Groups implore FTC to outlaw spam Spam has become such a menace to the Internet that the Federal Trade Commission should take swift steps to stanch the flow of bulk e-mail, three consumer groups said Wednesday. In a 14-page set of proposed rules that already has drawn fire as overly regulatory, the groups suggest that the FTC outlaw commercial e-mail that misrepresents the content of the message or fails to provide a way to unsubscribe from the mailing list. http://zdnet.com.com/2100-1106-956502.html http://news.com.com/2100-1023-956502.html http://www.msnbc.com/news/803389.asp http://www.cnn.com/2002/TECH/ptech/09/04/spam.site.ap/index.html Anti-spam group off to rocky start http://www.siliconvalley.com/mld/siliconvalley/news/editorial/4001107.htm Setting the rules for spam and Net privacy http://news.com.com/2008-1082-956523.html - - - - - - - - Airwave camouflage to stop drive-by hacking Software that generates a blizzard of bogus wireless network access points could bamboozle hackers trying to access corporate and home computer networks. This would stop them stealing wireless surfing time and exploring corporate wireless networks, say the two US computer programmers behind the scheme. It would certainly complicate matters for most wireless assailants, says one security expert. But the extra challenge may well spur some on to improve their attack methods, he adds. http://www.newscientist.com/news/news.jsp?id=ns99992760 - - - - - - - - Alert: Windows May Deny Users Microsoft has issued an unusual warning to Windows users: watch out for a hack attack that could lock you out of your computer and turn it into a launching pad for other attacks. But some security experts said Microsoft's breathless warning provided administrators with little help in sizing up -- or even fending off -- the potential attack. According to a "hacking alert" posted on its website, Microsoft's Product Support Services (PSS) Security Team has detected a "significant spike" in Windows systems compromised by a mysterious attack. http://www.wired.com/news/technology/0,1282,54942,00.html - - - - - - - - Another Microsoft security flaw threatens Internet users' trust On Aug. 12, 2002, independent industry observers reported a serious security flaw in Microsoft's Internet Explorer Web browser. The alleged flaw affects the way Internet Explorer handles the digital certificates that validate the identity of a Web server using a Secure Sockets Layer (SSL) connection. The bug would give attackers an opportunity to pose as legitimate Web site operators and potentially gain access to sensitive personal information. Microsoft reports it is studying the reports but has not yet determined that the flaw exists. http://www.techrepublic.com/article.jhtml?id=r00620020902jdt01.htm&fromtm=e101-3&_requestid=125715 Windows Flaw May Compromise Outlook Security http://www.pcworld.com/news/article/0,aid,104636,00.asp Server attacks stump Microsoft http://news.com.com/2100-1001-956647.html - - - - - - - - Bug Triad Whacks Microsoft Browser Researchers discover that three "low risk" bugs can combine to send a Windows system up in flames. To prove that no security bug is truly harmless, a security group has stitched together two minor flaws in Microsoft's Internet Explorer 6.0 browser with a small glitch in Windows Media Player to create one seriously powerful attack. By coaxing IE users to view a Web page containing the special code, an attacker can silently force Windows 98, Windows 2000, or Windows XP users to run a malicious program of the attacker's choice. http://online.securityfocus.com/news/606 - - - - - - - - Microsoft launches new online identification service Microsoft on Tuesday launched its "MSN Wallet" service, a new version of its online identity program designed to let consumers make purchases at Internet sites more easily. Under the program, users add their credit card information, billing address and other personal information to MSN Wallet's database. Then, they can have their information automatically entered for them while shopping at Web sites that are part of the MSN Wallet network. http://www.usatoday.com/tech/news/techinnovations/2002-09-04-msn-wallet_x.htm - - - - - - - - The crazy fight against copyright crooks What could have been one of the most important Internet intellectual property lawsuits ever came and went in less than a week, but someday another lawsuit like it could jeopardize the stability and freedom of cyberspace. The lawsuit was filed by 13 players in the music industry-- all large, well-known companies including Arista Records, Sony Music and Warner Bros. Records-- against four important Internet backbone providers--AT&T Broadband, Cable & Wireless, Sprint and UUNet. http://zdnet.com.com/2100-1107-956482.html University to challenge copyright laws http://news.com.com/2100-1023-956637.html - - - - - - - - Report: Easier than ever to be spied upon New laws pitch national security vs. personal privacy. Governments worldwide have made it easier for authorities to augment citizen databases and eavesdrop on telephone and online conversations in order to fight terror, according to a new survey of privacy regulations. The report, written by privacy activists Electronic Privacy Information Center and Privacy International, show the United States was not alone in passing new laws that value increased security over personal privacy. http://www.cnn.com/2002/TECH/ptech/09/04/privacy.worldwide.ap/index.html - - - - - - - - Using Terror as a Pretext Several Western democracies have become "predators of digital freedoms," using the fight against terrorism to increase surveillance on the Internet, an international media-rights group said Thursday. Reporters Without Borders criticized not only authoritarian states such as China that tightly police Internet use, but also Western governments including the United States, Britain, France, Germany, Spain, Italy and Denmark and the European Parliament. http://www.wired.com/news/politics/0,1283,54939,00.html - - - - - - - - Firewall Follies The complacency firewalls breed is ultimately more damaging than the computer pirates they keep out. Do you use the Internet at work? I see lots of hands. You may not realize it, but your access to the Net is most likely mediated by some kind of firewall. Companies are spending thousands, even hundreds of thousands, of dollars on these systemsand trust them to protect their networks from snoopers and intruders. http://www.technologyreview.com/articles/garfinkel0902.asp - - - - - - - - Members share varied methods for securing hardware TechRepublic members who responded to Bob Artners recent column on the theft of laptops here at TechRepublic offered a number of ideas for securing hardware, ranging from simple locks to more complicated psychological warfare. In a lively discussion and in e-mail messages, members also touched on issues such as personal responsibility and laptop alarms. Think like a thief. A computer training manager at a major university advised other members, When reviewing your security policies, think like a thief. Hes found that some thieves have the ingenuity to get around strong doors and good locks. (TechRepubic article, free registration required) http://www.techrepublic.com/article.jhtml?id=r00620020909thr01.htm - - - - - - - - Critics protest anti-drug tactics In drug-plagued neighborhoods of Wilmington, Del., it's become a nighttime routine: Police "jump out" squads descend on a street corner, round up a few suspected dealers and cart them off to jail. But then the cops go a step further: They detain others in the area for up to two hours, take digital photographs of them, get their names and other details, and then put the information in a database to use in future investigations. http://www.usatoday.com/tech/news/2002-09-04-wilmington_x.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.