NewsBits for July 10, 2003 sponsored by,
Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu
************************************************************
London police quiz suspected US DoE cracker
An 18 year-old Londoner suspected of commandering
US Department of Energy computers to store illicitly
obtained music and video files was arrested and
questioned by police yesterday. Officers from the
Metropolitan Police's Computer Crimes Unit were asked
to investigate unauthorised access to 17 unclassified
computers at a US Department of Energy research
laboratory in Botavia, Illinois during June 2002
when the trail of the attacker led back to the UK.
http://www.theregister.co.uk/content/6/31674.html
- - - - - - - - - -
Teenage French hacker suspected of violating 2,000 sites
A French high school student is being investigated
on suspicion of breaking into and defacing some
2,000 Web sites -- including that of the U.S. Navy,
police said Thursday. The 17-year-old boy, who
went by the pseudonym ``DKD,'' hacked into sites
and often replaced their welcome pages with
political slogans, said Eric Voulleminot of the
Regional Service of Judicial Police in Lille.
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6273889.htm
http://www.usatoday.com/tech/news/computersecurity/2003-07-10-script-kiddie_x.htm
- - - - - - - - - -
Identity theft lands cop in confinement
An airman was discharged from the Air Force, given
14 months confinement and reduced to airman basic
after being convicted of several identity-fraud-related
crimes during a recent general court-martial here.
Senior Airman David A. Daniel, from the 377th
Security Forces Squadron, was charged with larceny,
forgery and intercepting mail from another airman.
Charges were based on incidents dating back to
September 2001, according to Capt. Tiffany Dawson,
from the staff judge advocate office here.
http://www.af.mil/stories/story.asp?storyID=123005238
- - - - - - - - - -
PS2 gaming service browser hacked
A PlayStation 2 owner has figured out how to
access non-Sony web pages using the browser software
provided with the console's online gaming service.
The PS2 typically points to a Sony server, and
displays pages minus the web navigation tools computer
owners are accustomed to using to surf the Net. Brook's
self-confessed "hack" involves modifying the IP address
the PS2 connects to when seeking out web pages,
according to a BBC report.
http://www.theregister.co.uk/content/54/31675.html
- - - - - - - - - -
Porn Purveyors Getting Squeezed
Pay me, or I'll crash your porno website. That's
the threat Internet smut-slingers say they've been
receiving from a hacker with a vendetta against the
adult industry. And it appears to be more than just
tough talk. Several sites have been temporarily
taken offline in the last 10 days, battered by
massive denial-of-service attacks, according to
website operators.
http://www.wired.com/news/culture/0,1284,59574,00.html
- - - - - - - - - -
Putnam: Cybersecurity laws coming
Cybersecurity regulation that will affect the private
sector is on the way this year, Rep. Adam Putnam
(R-Fla.) said this morning at a Capitol Hill forum
sponsored by the Business Software Alliance and
the Center for Strategic and International Studies
of Washington. We will be moving some legislation
in the House Government Reform Subcommittee on
Technology, Information Policy, Intergovernmental
Relations and the Census, which he chairs, Putnam
said. It wont be on the order of Sarbanes-Oxley,"
a 2002 act regulating accountability of public
companies, but will be an effort to increase
attention to security before major problems occur.
http://www.gcn.com/vol1_no1/daily-updates/22714-1.html
http://www.govexec.com/dailyfed/0703/071003td1.htm
- - - - - - - - - -
Politics may spoil spam solutions
Once thoroughly bipartisan, the debate in Washington
over how to reduce the flow of bulk e-mail is pitting
Democrats against Republicans, a development that
threatens to complicate enactment of laws regulating
spam. Politicians on Capitol Hill have realized that
their constituents are fed up with the ever-increasing
deluge of unsolicited e-mail, and most legislators
appear to favor Congress taking some sort of action.
But disagreements about what action is wisest have
erupted along traditional political fault lines
that pit Republican values against those cherished
by Democrats.
http://zdnet.com.com/2100-1105_2-1024385.html
How to end spam in the future
In the escalating battle against spam, it may look like
the bad guys are winning right now. But the wars not
over. Antispam warriors are developing new weapons to
fight unwanted junk e-mail and legislators are debating
strict new laws that could send spammers to jail.
http://www.msnbc.com/news/936568.asp
Top spam subject lines exposed
http://www.vnunet.com/News/1142199
- - - - - - - - - -
Most businesses are hurt by cybercrime
A survey covering 3,623 companies in 50 countries
shows most businesses are being financially hurt
by cybercrime and other forms of economic crime.
PricewaterhouseCoopers said its Global Economic
Crime Survey 2003 shows 47 percent of telecommunications
and 46 percent of IT companies are suffering from
economic crimes, figures only exceeded by banking
and insurance industries.
http://washingtontimes.com/upi-breaking/20030709-035538-2800r.htm
- - - - - - - - - -
E-termination Employees are getting fired for e-mail infractions
Twenty-two percent of companies have fired an
employee over improper e-mail use, up from 17
percent in 2001, according to a survey of 1,100
companies conducted by The ePolicy Institute,
the American Management Association and
Clearswift, maker of software to manage and
secure electronic communications.
http://www.marketwatch.com/news/story.asp?guid={F36CEE09-853D-41E5-9460-AE693D277493}&siteid=aolpf&dist=special
- - - - - - - - - -
Pirate CDs spin past one-billion mark
More than one billion illegally-copied compact
discs were sold last year, the latest sign that
the beleaguered music industry is failing in its
bid to wipe out piracy, a new industry study said
on Thursday. In 2002 the sale of pirated CD copies
rose 14 percent to 1.1 billion units from the
previous year and has more than doubled in the
past three years, turning a street-corner trade
into an estimated $4.6 billion business, the
International Federation of the Phonographic
Industry (IFPI) said in its annual piracy report.
At $4.6 billion, the global market for pirated
music now ranks as the third biggest in the
industry behind the United States and Japan.
http://zdnet.com.com/2110-1105_2-1024514.html
http://news.bbc.co.uk/2/hi/entertainment/3053523.stm
http://www.usatoday.com/tech/news/2003-07-10-piracy-increase_x.htm
http://computerworld.com/securitytopics/security/story/0,10801,82925,00.html?SKC=security-82925
Illegal music downloads boosting album sales
http://www.news.scotsman.com/scitech.cfm?id=748832003
- - - - - - - - - -
Bill Gates tops email hoax list
Bill Gates isn't only the richest man in the world -
he's also the subject of more email chain letters,
virus hoaxes and scams than any other person or
subject on the planet. The Bill Gates fortune
email chain letter tops a list of hoaxes compiled
by AV vendor Sophos. Despite the frankly ludicrous
claim that the Microsoft's chairman is prepared to
share his wealth with anyone who forwards the email
to a friend, the hoax is still in active circulation
after first appearing on the Net more than a year ago.
http://www.theregister.co.uk/content/6/31668.html
- - - - - - - - - -
Librarians take filtering problem into own hands
With its members required to block pornography at
Internet terminals in public libraries, the American
Library Association is convening software developers
next month to push for greater control over what
gets filtered out.
http://www.usatoday.com/tech/news/techpolicy/2003-07-10-library-filters_x.htm
- - - - - - - - - -
E-authentication policy due Friday
The General Services Administration will publish a
draft policy July 11 outlining how federal agencies
should validate the identities of users conducting
business through e-government applications.
http://www.fcw.com/fcw/articles/2003/0707/web-auth-07-10-03.asp
- - - - - - - - - -
Liberty Alliance offers advice on external ID federation
The guidelines explain how companies should
work together on the ID effort. Having already
set forth the technical requirements needed to
create a federated identity architecture, the
Liberty Alliance Project released guidelines
this week for how companies should include
business partners and customers in their
networks, saying its crucial for the
advancement of Web services.
http://computerworld.com/developmenttopics/development/webservices/story/0,10801,82945,00.html
- - - - - - - - - -
Microsoft says there's security problems with Windows
SOFTWARE FIRM Microsoft issued a series of bulletins
to its customers using Windows yesterday. One problem
affects Windows 2000 and might allow the malicious to
start messing with your machine. Another problem affects
the flavours of Windows NT 4.0, the three flavours of
Windows 2000, and Windows XP Professional. This could
allow a malicious person to mess with your machine if
you're not careful.
http://www.theinquirer.net/?article=10416
http://www.vnunet.com/News/1142200
http://www.theregister.co.uk/content/55/31656.html
- - - - - - - - - -
IBM, Adobe secure digital signatures
IBM is expected to announce a partnership with
software maker Adobe Systems on Thursday to boost
security in documents created with Adobe's Acrobat
software. Forms and other documents created in the
portable document format (PDF) used by Acrobat will
be able to tap into the security chip included on
all recent IBM desktop and notebook PCs. Among other
purposes, IBM's "embedded security subsystem" can be
used to store the electronic signature data, providing
an extra level of security over more typical systems
that store signatures on a PC's hard drive.
http://zdnet.com.com/2100-1104_2-1024363.html
http://www.nwfusion.com/news/2003/0710ibmpcsa.html
http://computerworld.com/securitytopics/security/story/0,10801,82926,00.html
- - - - - - - - - -
Can hack any computer anywhere, claims techie
A few reporters here were shocked to listen to
a young CEO of a city-based Internet company
claiming that he could `enter' any computer in
any network throughout the world and retrieve
data from it. ``What about George Bush's system?''
a reporter asked. ``Give me 48 hours and if the
President's computer is online for that long,
I can get into it,'' was the reply from
M Jayashankar, CEO, Caliber Plus - an Internet
firm in Kodambakkam.
http://www.newindpress.com/Newsitems.asp?ID=IET20030709134322&Title=Southern+News+-+Tamil+Nadu&rLink=0
- - - - - - - - - -
The ABCs of Network Security
It requires constant vigilance, with regular applications
of available network patches. The ideal approach for most
companies is to have a day-to-day scanning program along
with patch managementdone either internally or outsourced
to a consultant. Its a jungle out there. Just ask any
chief technology officer who is constantly on the alert
for worms, viruses and other insidious pests attacking
and boring holes in the networks operated by enterprises.
http://www.newsfactor.com/perl/story/21892.html
- - - - - - - - - -
Trojan scanning without the pitfalls
Trojans, which are increasingly being used to steal
credit card data and passwords, or to launch attacks
against organisations, are not picked up adequately
by basic security software such as an anti-virus
engine, states a white paper issued by global
security and messaging company GFI. The paper
describes the seven main types of Trojan and
explains how a Trojan can infect a network
via an e-mail attachment or downloaded file.
http://196.30.226.221/sections/internet/2003/0307101203.asp
- - - - - - - - - -
Secrets to the best passwords
The use of good, hard-to-guess passwords can make it
difficult for a malicious hacker to break into your
computer account. Avoiding predictable keywords and
using different methods to introduce variety into your
passwords makes it easy for you to remember them but
virtually impossible for others to guess them.
http://computerworld.com/securitytopics/security/story/0,10801,82883,00.html
- - - - - - - - - -
Wi-Fi siren song can lead to rocky security
The siren song of all corporate technology is
productivity. The message is always the same, but
its power lies in the sweetness of the tune. Right
now a technology standard known as 802.11b --
better known as Wi-Fi and even better as wireless
networking -- is particularly appealing.
http://www.globetechnology.com/servlet/story/RTGAM.20030710.wxtwkapi/BNStory/Technology/
Setting Up a Secure Wireless Network
http://www.intranetjournal.com/articles/200307/ij_07_10_03a.html
- - - - - - - - - -
Social engineering: It's a matter of trust
Boiled down, social engineering is simply the
exploitation of the natural human tendency to trust.
It's sometimes used by hackers -- or others with
malevolent intent -- to gain unauthorized access to
a computer, with the goal of obtaining information
that resides therein.
http://computerworld.com/securitytopics/security/story/0,10801,82894,00.html
- - - - - - - - - -
Securing academic labs with OS X server, clients
In a series of articles written by Yuval Kossovsky,
manager of digital media systems at Hunter College's
Department of Film and Media Studies in New York,
Computerworld is following the school's integration
of new Apple Computer Inc. hardware and software.
This is the sixth of those articles, which offer
a hands-on view of integrating Macintosh computers
and Apple software in what's largely an Intel and
Windows world.
http://computerworld.com/securitytopics/security/story/0,10801,82918,00.html
- - - - - - - - - -
Posted PR documents prompt complaints on smart tags
A consortium developing radio-tagged chips to replace
bar codes in stores posted documents labeled confidential
on its Web site that detail strategies to counter
complaints the technology will be misused by retailers,
the government or criminals to snoop on consumers.
http://www.usatoday.com/tech/news/2003-07-10-smart-tags_x.htm
RFID spy-chippers leak confidential data on the Web
Public relations flacks eager to win the public over
to the benefits of mass RFID (Radio Frequency
Identification) chip proliferation have ironically
managed to leave their own confidential plans
unprotected on the Web. An outfit called CASPIAN
(Consumers Against Supermarket Privacy Invasion
and Numbering) discovered the trove of marketing
half-truths on the MIT Auto-ID Center Web site,
available for all to see.
http://www.securityfocus.com/news/6343
- - - - - - - - - -
Liability protection for anti-terror technologies
The Homeland Security Department Friday will publish
a proposed rule designed to accelerate the development
of anti-terrorism technologies. Mandated by the law
that created the department, the rule will protect
companies from massive lawsuits in the event such
technologies fail to prevent another terrorist attack.
http://www.govexec.com/dailyfed/0703/071003w1.htm
***********************************************************
Computer Forensics Training - Online. An intense, 150 hour,
instructor lead program that teaches you computer forensics
and helps prepare you for the Certified Computer Examiner
exam. For more information see; www.cybercrime.kennesaw.edu
***********************************************************
Search the NewsBits.net Archive at:
http://www.newsbits.net/search.html
***********************************************************
The source material may be copyrighted and all rights are
retained by the original author/publisher. The information
is provided to you for non-profit research and educational
purposes. Reproduction of this text is encouraged; however
copies may not be sold, and NewsBits (www.newsbits.net)
should be cited as the source of the information.
Copyright 2000-2003, NewsBits.net, Campbell, CA.