November 5, 2002 PS40m software piracy ring smashed in Italy Police have smashed a counterfeit software ring in Italy worth almost PS40m in what is described as one of the largest and most organised cases of software piracy in Europe. One person has been charged and a further 10 suspects fingered as the Italian finance police (Guardia di Finanza) and the Business Software Alliance (BSA) seized 100,000 software titles ready to be copied onto CDs and DVDs. The haul also included thousands of other illegally produced media including the latest film releases and video games. http://online.securityfocus.com/news/1576 http://www.theregister.co.uk/content/4/27942.html - - - - - - - - Sonera security staff held on snooping charges Two senior security staff at Finish telco Sonera have been remanded in custody, charged with breaching customer privacy by allegedly riffling through private telephone records in an attempt to identify an internal mole. http://www.theregister.co.uk/content/55/27945.html - - - - - - - - AOL loses court ruling on Internet privacy issue A Virginia Supreme Court ruled against America Online in its efforts to protect the identity of one of its 35 million subscribers by asking the court to quash a subpoena calling for the member's name in an issue that goes to the heart of the anonymity of the Internet. The ruling against the world's largest Internet service provider, based in Dulles, Virginia, was the latest in the evolution of privacy laws as they pertain to the Internet and identities of Web surfers, privacy experts said. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/4444112.htm http://zdnet.com.com/2100-1106-964522.html http://www.wired.com/news/business/0,1367,56209,00.html http://www.cnn.com/2002/TECH/internet/11/05/aol.privacy.reut/index.html http://www.usatoday.com/tech/news/techpolicy/2002-11-05-aol-privacy_x.htm - - - - - - - - Braid virus shows Klez similiarities A new mass-mailing computer virus known as W32.Braid has slowly spread among PCs over the weekend, said U.K. e-mail service provider MessageLabs. Although the company has seen only 43 copies of the virus--indicating an extremely slow start--W32.Braid shares some attributes of the widely spread Klez family of viruses and could have similar success. Among the similarities, both viruses forge a fake sender address in the e-mails they use to propagate themselves, which makes finding infected PCs more difficult. http://zdnet.com.com/2100-1105-964476.html http://news.zdnet.co.uk/story/0,,t269-s2125335,00.html http://www.idg.net/ic_961844_5055_1-2793.html - - - - - - - - Bank error exposes e-mail addresses Bank of the West exposed the e-mail addresses of thousands of its online banking customers Monday, in a mistake it blamed on "human error." In an e-mail message sent Monday to alert customers that its banking system would be out of service for maintenance this weekend, Bank of the West included the e-mail addresses of more than 3,300 of its customers in the "To" field, company spokesman John Stafford confirmed Tuesday. Stafford said the company mistakenly placed the e-mail addresses in the "To" field instead of masking them by placing them in the blind carbon copy (BCC) field. http://news.com.com/2100-1017-964611.html - - - - - - - - Online job listing an ID theft scam It was just the job lead Jim needed: a marketing manager position with Arthur Gallagher, a leading international insurance broker. And only days after Jim responded to the job posting on Monster.com, a human resources director sent along a promising e-mail. Were interested in you, the note said. The salary is negotiable, the clients big. In fact, the clients are so valuable and sensitive that youll have to submit to a background check as part of the interview process. http://www.msnbc.com/news/830411.asp - - - - - - - - Hacking syndicates threaten banking The number of organized hacking syndicates targeting financial institutions around the world is growing at a disturbingly fast rate. And so is the number of banks willing to pay these high-tech extortionists hush money to protect their reputations, according to a security expert at The World Bank. http://www.computerworld.com/securitytopics/security/cybercrime/story/0,10801,75584,00.html - - - - - - - - New center reaches out to private firms to protect infrastructure A new center dedicated to assessing terrorist threats to critical U.S. infrastructures is reaching out to other institutions to help mitigate the risk of attacks against strategic U.S. industries and government services, according to U.S. officials. http://207.27.3.29/dailyfed/1102/110502gsn1.htm - - - - - - - - Information-sharing partnerships seen as anti-terror model Information-sharing partnerships that helped the federal government and the private sector combat cyber attacks such as the "Code Red" and "Nimda" viruses have served as a valuable model for protecting other critical infrastructures from potential terrorist attacks, a top cyber-security official said Tuesday. http://207.27.3.29/dailyfed/1102/110502td1.htm - - - - - - - - Homeland Security staff studies data analysis tools The Homeland Security Office is evaluating applications to let agencies analyze links and relationships among information sets without breaching privacy laws or sparking interagency turf battles. Steve Cooper, the offices CIO, said yesterday the goal of the current tests is to validate a data- sharing concept. The premise is that to better track information on possible security threats, agencies must at minimum share information about their data, he said at the Industry Advisory Councils Executive Leadership Conference. http://www.gcn.com/vol1_no1/daily-updates/20428-1.html - - - - - - - - Industry teams up to fight mobile theft Stolen handsets can now be banned from all five of the UK's mobile networks - could this reduce the number of mobiles nicked? Britain's mobile phone operators and the GSM Association have launched a database designed to prevent stolen handsets being used on any UK mobile network. The move is an attempt to reduce mobile phone crime in the UK, which is thought to be running at one phone theft every three minutes. http://news.zdnet.co.uk/story/0,,t269-s2125409,00.html - - - - - - - - SAN security under the spotlight Having got standards programmes underway for SAN interoperability and management, the Storage Networking Industry Association (SNIA) is turning its attention to the next key part of the puzzle: storage security. "Three things kicked it off," says Mike Alverado of Neoscale, who chairs SNIA's Storage Security Industry Forum, which held a technology demonstration at Storage Networking World in Orlando this week. http://www.theregister.co.uk/content/63/27947.html - - - - - - - - Teleworking hits security barriers The widespread uptake of working from home is being slowed down by concerns over security issues Over 80 percent of companies now have staff who work from home on a regular or occasional basis, according to the latest research, but security is still seen as a major barrier to more widespread uptake. http://news.zdnet.co.uk/story/0,,t269-s2125392,00.html - - - - - - - - Mozilla riddled with security holes Details of six flaws in Mozilla, the open source browser were posted on BugTraq at the weekend. Versions of Mozilla previous to version 1.0.1 contain multiple security vulnerabilities, so users need to update their browser software. The flaws could be used by an attacker to read data off of the local hard drive, gain information which should normally be kept private, and in some cases to execute arbitrary code, an advisory by Red Hat explains. http://www.theregister.co.uk/content/55/27934.html - - - - - - - - China's Cyberwall Nearly Concrete While the Great Wall no longer deters would-be invaders from entering China, experts meeting in Washington on Monday said the Chinese government continues to maintain a nearly rock-solid cyberwall. At a panel discussion held by the Congressional-Executive Commission on China, experts warned that China has recently improved its censorship technology -- much of which is provided by U.S. companies. The panel also claimed that China now employs some 30,000 "Internet police" to monitor its citizens, and that is has increased arrests of dissidents and journalists posting illegal content on the Internet. http://www.wired.com/news/politics/0,1283,56195,00.html http://www.usatoday.com/tech/news/2002-11-05-china-crackdown_x.htm http://www.theregister.co.uk/content/6/27939.html - - - - - - - - Microsoft Earns a Security Merit Badge No way, you say? Well, it's true: Though its code is far from rock-solid, the Colossus of Redmond is making recognized strides. When a perennial computer-security punching bag gets an exemplary grade for security, you have to scratch your head. But that's precisely what happened when Microsoft announced on Oct. 29 that its Windows 2000 Pro software line had received the so-called Common Criteria certification, an internationally recognized standard for secure design and implementation of info-tech products. http://online.securityfocus.com/news/1577 - - - - - - - - Polymorphic Macro Viruses, Part Two This article is the second of a two-part series that will offer a brief overview of polymorphic strategies in macro viruses. The first installment of this series looked at some early examples of polymorphism, along with some of the early polymorphic techniques. This installment will look at the first serious polymorphic macro viruses, as well as the evolution of viruses into true polymorphic and, ultimately, metamorphic viruses. http://online.securityfocus.com/infocus/1638 Polymorphic Macro Viruses, Part One http://online.securityfocus.com/infocus/1635 - - - - - - - - German police launch SMS crime watch German police have launched an SMS service which promises to speed up the process of catching suspected criminals. Descriptions of any felons at large will be texted to a network of mobile phones as soon as police begin investigating a report. An SMS description will be sent to taxi drivers and public transport workers in the area in an attempt to bring in suspects. The system will also be used for quickly spreading the number plates of stolen cars or descriptions of missing persons. http://zdnet.com.com/2110-1105-964586.html - - - - - - - - DISA at halfway point in rolling out wireless priority service Emergency response officials nationwide will get wireless priority phone service starting in May. "Wireless priority service is on the way," said Air Force Lt. Gen. Harry Raduege Jr., director of the Defense Information Systems Agency. DISA's National Communications System has been testing the service in Washington and New York since May, Raduege said yesterday at the Industry Advisory Councils Executive Leadership Conference. For the test, Phase 2 of a four-phase rollout, 3,000 special wireless phones were distributed to a variety of first-response organizations. http://www.gcn.com/vol1_no1/daily-updates/20426-1.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.