October 3, 2002 Spanish police smash PS13m email scam Eight people have been arrested in Spain, suspected of defrauding more than 300 victims in a well-known scam. Spanish police have arrested eight people involved in a Nigerian-led email scam believed to have defrauded Internet users of up to 20m euros (PS13m), according to Spain's El Mundo newspaper. http://news.zdnet.co.uk/story/0,,t269-s2123295,00.html - - - - - - - - Busboy admits stealing personal data of rich and famous A 32-year-old restaurant busboy pleaded guilty Thursday to pilfering personal and financial data belonging to America's rich and famous including billionaire investor Warren Buffett in what authorities believe is the largest identity theft in Internet history. Abraham Abdallah, a high-school dropout, entered his guilty plea in response to a 12-count indictment charging him with wire, mail and credit card fraud, identity theft and conspiracy. http://www.usatoday.com/tech/news/2002-10-03-net-heist_x.htm - - - - - - - - Bugbear spreading--worse than Klez The Bugbear worm is shaping up into the most serious Internet threat in months, according to security researchers, as it surpassed the lingering Klez.H to become the fastest-spreading virus of the moment. Antivirus company Symantec on Wednesday upgraded the virus to a danger rating of "4" out of a possible "5". The rise of Bugbear to the top of the virus charts is partly due to the speed at which it is spreading, but also in part to an unexpected effect that it is having. http://zdnet.com.com/2100-1105-960696.html http://news.zdnet.co.uk/story/0,,t269-s2123313,00.html http://news.com.com/2100-1001-960722.html http://www.cnn.com/2002/TECH/internet/10/01/hln.wired.bugbear.virus/index.html Klez tops Sept.'s Top-10 virus threats http://zdnet.com.com/2100-1105-960637.html http://www.theregister.co.uk/content/54/27389.html - - - - - - - - Microsoft sinks Xbox-hacking chipmaker Microsoft appears to have shut down one of the world's largest distributors of "mod chips"-- gray-market add-ons that allow Microsoft's Xbox and other video game consoles to play pirated games. A representative in Microsoft's Australian subsidiary confirmed that the company has taken legal action against Hong Kong-based Lik Sang. Lik Sang's Web site has been offline for nearly two weeks, with a notice on the site blaming a server outage. http://zdnet.com.com/2100-1103-960594.html http://news.zdnet.co.uk/story/0,,t269-s2123307,00.html - - - - - - - - Readers of online HK newspaper redirected to Falun Gong site Mainland Chinese who went online Thursday to read a Hong Kong newspaper were redirected by hackers to a Web site full of Falun Gong messages, a newspaper spokesman said. Several mainland readers of Ming Pao online complained about being sent to the Web site run by Falun Gong, which is outlawed in mainland China as an ``evil cult.'' http://www.siliconvalley.com/mld/siliconvalley/news/editorial/4204073.htm http://abcnews.go.com/sections/scitech/TechTV/techtv_securityholes021003.html - - - - - - - - Vice squads troll online alleyways Web escort services, sites that advertise prostitution, even Web personals are scrutinized and pursued. In July, Florida officials arrested the operators of an international Web site that brazenly advertised the escort services of sex workers across the U.S. and six other countries. A judge promptly ordered the site closed. Florida law enforcement officers hailed the arrests as a huge victory and a significant step toward successful prosecution of sex crimes that have moved from Main Street to Cyberville. http://www.msnbc.com/news/809825.asp - - - - - - - - Senate cybersecurity bill hits snag An effort to quickly move through the Senate a bipartisan bill authorizing $903 million over five years for cybersecurity research has snagged on an anonymous Republican "hold," sources said. GOP aides on Thursday said the issue of concern has been resolved and the hold will be lifted, but at press time, the Senate Democratic cloakroom said it is still active. http://www.govexec.com/dailyfed/1002/100302td1.htm - - - - - - - - Doolittle bill would ease copying of CDs, DVDs for personal use Touching off a certain battle with the music and movie industries, Rep. John Doolittle introduced legislation Thursday that would legalize the manufacture and use of technology for copying of copy-protected CDs and DVDs for personal use. The Rocklin Republican was joined by Rep. Rick Boucher, D-Va., in the bill relaxing portions of a 1998 digital copyright law that made it a crime to circumvent copy-protection technology now increasingly embedded into compact discs. http://www.nandotimes.com/technology/story/560892p-4416283c.html Digital copyright bill sparks debate http://zdnet.com.com/2100-1106-960531.html http://news.zdnet.co.uk/story/0,,t269-s2123285,00.html http://www.theregister.co.uk/content/4/27404.html Bill fights foreign Net censors http://zdnet.com.com/2100-1106-960679.html - - - - - - - - Scientists claim encryption breakthrough A team of scientists said on Wednesday they had made a major leap toward developing secure global communications. Researchers from QinetiQ, the commercial arm of Britain's defense research agency, and their colleagues at Ludwig-Maximilian University in Munich have sent a key for deciphering coded information over a record 14.5 miles of open space between two mountains in Germany. Keys are random strings of numbers needed to encode and decode sensitive data. The distribution of keys is essential for secure global communications. http://zdnet.com.com/2100-1104-960620.html http://news.zdnet.co.uk/story/0,,t269-s2123292,00.html - - - - - - - - Security patch award due soon Government agencies soon should be able to tap a free service that will ensure that they get the right security patches to plug holes in their software. The General Services Administration's Federal Computer Incident Response Center this week expects to award its patch dissemination service, said Sallie McDonald, assistant commissioner for information assurance and critical infrastructure protection at GSA's Federal 'Technology Service. http://www.fcw.com/fcw/articles/2002/0930/web-patch-10-03-02.asp - - - - - - - - Help! MS issues another critical security fix Microsoft has released a patch to fix critical flaws within Windows Help Facility which could enable attackers to execute arbitrary code on a victim's PC. The HTML Help facility in Windows includes an ActiveX control which provides much of its functionality. One of the functions exposed via the control contains an unchecked buffer, Microsoft says, warning that the flaw poses a critical risk for all Windows users. http://online.securityfocus.com/news/941 Microsoft adds four more security alerts http://zdnet.com.com/2100-1105-960639.html - - - - - - - - What Spies Beneath Have you checked your PC for spyware lately? National security could be at stake. Your privacy too. Chances are you haven't read the Bush Administration's "National Strategy to Secure Cyberspace." Since it weighs in at a hefty 65 pages, who can blame you? Still, a surprising amount of the draft report is aimed at home- computer owners. Here's the gist: the more dependent we become on the Internet, the more damage can be done by taking down large portions of it. And it doesn't take a criminal genius to realize that PC users, with their increasingly high-speed connections and low-grade security setups, are the easiest on-ramp for any kind of attack. http://www.time.com/time/magazine/article/0,9171,1101021007-356107,00.html - - - - - - - - Kevin Mitnick on corporate security Kevin Mitnick may have been the greatest computer hacker the world has ever known. At least, the FBI treated him that way. In the 1980s, Mitnick allegedly broke into computer systems belonging to Pacific Bell, Digital Equipment and the North American Air Defense Command. In the 1990s, Mitnick became the subject of a nationwide manhunt by the FBI. The New York Times ran a front-page story about his alleged attempts to steal cellular telephone software on July 4, 1994. He was finally apprehended by computer expert Tsutomu Shimomura on Feb. 15, 1995. http://www.nandotimes.com/technology/story/560811p-4415678c.html http://www.siliconvalley.com/mld/siliconvalley/news/editorial/4199534.htm http://online.securityfocus.com/news/926 http://www.wired.com/news/culture/0,1284,55516,00.html - - - - - - - - Assessing Internet Security Risk, Part Four: Custom Web Applications This article is the fourth in a series that is designed to help readers to assess the risk that their Internet-connected systems are exposed to. In the first installment, we established the reasons for doing a technical risk assessment. In the second article, we started to discuss the methodology that we follow in performing this kind of assessment. The third part discussed methodology in more detail, focussing on visibility and vulnerability scanning. This installment will discuss a relatively unexplored aspect of Internet security, custom Web applications. http://online.securityfocus.com/infocus/1631 Assessing Internet Security Risk, Part One http://online.securityfocus.com/infocus/1591 Assessing Internet Security Risk, Part Two http://online.securityfocus.com/infocus/1607 Assessing Internet Security Risk, Part Three http://online.securityfocus.com/infocus/1612 - - - - - - - - Plastic tag makes foolproof ID Shine a flashlight through a shattered window and you'll project a unique pattern onto any surface beyond the window. Move the flashlight to a new angle and you'll get another unique pattern, but one that looks more like the first than one produced by shining the light through a different shattered window. A scheme that leverages this principle could make counterfeiting and forgery much harder to pull off. http://www.trnmag.com/Stories/2002/100202/Plastic_tag_makes_foolproof_ID_100202.html - - - - - - - - Customs will learn law enforcement via satellite Customs Service employees will receive law enforcement training via a private satellite TV network under a one-year, $1.1 million contract awarded to Primedia Workplace Learning. Customs will receive programming from Primedias Law Enforcement Television Network at 350 locations. The training includes techniques in critical emergency response, homeland security, safety and health. Installing the equipment for satellite reception has been completed, according to a spokesman for Primedia Inc. of New York, the parent company of Primedia Workplace Learning. The contract includes programming from the law enforcement network, as well as Primedias Fire and Emergency Training, and Health and Sciences Television networks. http://www.gcn.com/vol1_no1/daily-updates/20179-1.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.