High Tech "NewsBits" for 11/12/03

NewsBits for November 12, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Silicon Valley Espionage Case Heading to Trial An economic espionage case that could have profound implications for technology companies from Silicon Valley to Shanghai will go forward with a jury trial starting in June, according to a federal judge's order. San Jose-area businessmen Fei Ye and Ming Zhong were arrested in November 2001 at San Francisco International Airport with suitcases allegedly crammed with trade secrets and at least $10,000 in equipment stolen from U.S. tech companies. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7229838.htm - - - - - - - - - - 3 arrested in S. Korea on charges of receiving bribes from IBM joint venture Three military and company officials have been arrested on charges of taking bribes from a South Korean affiliate of U.S. computer giant IBM Corp., a senior prosecutor said Wednesday. Those arrested are a procurement official at the South Korean navy and executives at state-run broadcaster KBS and KT Corp., the country's largest telecommunications company, said Kim Tae-hee, a Seoul district prosecutor leading the investigation. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7244259.htm http://www.wired.com/news/business/0,1367,61208,00.html - - - - - - - - - - Canadian '419er' released without charge Prosecutors dropped all charges against a Canadian man implicated in a '419' advanced fraud fee racket this week, much to the annoyance of a Conneticut woman who helped police arrest him. Nicholas Horvath-Howard, 24, was released without charge after both federal authorities and the State of Connecticut decided not to prosecute, following his arrest in a reverse-sting operation last week. http://www.theregister.co.uk/content/6/33935.html - - - - - - - - - - Man Impregnated Teen He Met On Internet Authorities have arrested a Barling man suspected of impregnating a 14-year-old girl he met on the Internet. Michael Johnathan Johnson, 20, was arrested Friday night at his father's residence in Fort Smith and booked into the Sebastian County Adult Detention Center on a warrant for sexual indecency with a child. He was released Saturday on a $5,000 bond, a jailer said. According to an Arkansas State Police report, a Fort Smith girl told an investigator she had sex with Johnson about eight months ago. She first met Johnson on the Internet, and they later met in person in Fort Smith, she reported. http://www.swtimes.com/archive/2003/November/11/news/man_arrested.html - - - - - - - - - - More porn charges for principal Suspended Rivercrest Junior High School Assistant Principal Roger Brooks, 52, of Wilson, was arraigned Nov. 3 on charges of possession of computer child pornography, which is in addition to the Aug. 20 charges of computer child pornography imposed by the North Little Rock Police Department Special Investigations Unit. Due to a conflict of interest in the deputy prosecutor's office in Osceola, the arraignment was assigned to Deputy Prosecutor Bruce Harlan of Blytheville. Brooks was arrested in August after soliciting sex on the Internet from what he thought was a child, who in actuality was an undercover police officer in Little Rock, according to reports. http://www.blythevillecn.com/articles/2003/11/11/news/news01.txt - - - - - - - - - - UNH Study Says Internet Sex Stings Work A new study by University of New Hampshire researchers concludes that police investigators are successfully combating Internet-related sex crimes. The researchers point to more than 2,500 yearly arrests and say that many of the arrests lead to convictions. The study found that more than 40 percent of arrested offenders were involved in criminal relationships with children. One-fourth of the arrests came from undercover operations where agents posed as minors on the Internet. Another third of the arrests were of offenders who had not solicited victims but had used the Internet to download and trade child pornography. The research was conducted by UNH's Crimes against Children Research Center. http://www.thewmurchannel.com/technology/2624451/detail.html - - - - - - - - - - Web sites claim N-Gage game phone hacked Hackers claimed Tuesday to have cracked the security code on Nokia's new N-Gage, saying they could play its games on other multimedia-capable cell phones. The company said it was investigating the claims. Several Web sites and online bulletin boards said the code that protects Nokia's proprietary software was broken. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7236963.htm http://www.wired.com/news/games/0,2101,61183,00.html http://www.pcworld.com/news/article/0,aid,113380,00.asp http://zdnet.com.com/2100-1103_2-5105986.html http://money.cnn.com/2003/11/12/technology/nokia_ngage.reut/index.htm http://www.theregister.co.uk/content/68/33932.html - - - - - - - - - - Email from 'Citibank' conceals Trojan An email supposedly from Citibank carries a virus that could allow hackers to take control of a user's PC. An email purporting to be from Citibank carries a Trojan virus that plants a back door on an infected computer, allowing a hacker to use the machine as a channel for other activities on the Internet. http://news.zdnet.co.uk/internet/security/0,39020375,39117827,00.htm - - - - - - - - - - WorldPay recovers from massive attack WorldPay's systems are back running normally this week following the most serious and sustained Internet attack on a UK business to date. Operations at the Royal Bank of Scotland's Internet payment transaction outfit were blighted for three days last week as the result of a malicious DDoS attack by unidentified computer criminals. Although customer information was not disclosed by the attack, WorldPay's online payment and administration system were reduced to a crawl due to a flood of malicious traffic directed at its Web-based systems that began a week ago. http://www.theregister.co.uk/content/55/33925.html - - - - - - - - - - Zombie machines fuel cybercrime wave The rapid growth of broadband home computer connections may be inadvertently fueling what police suspect could be the start of a new crime wave--cyberblackmail. As more homes connect to faster delivery systems, their computers are becoming vulnerable to hackers and virus writers who can turn them into "zombie" machines, ready to carry out any malevolent command. http://rss.com.com/2100-7348_3-5106171.html http://zdnet.com.com/2100-1105_2-5106171.html http://www.usatoday.com/tech/news/computersecurity/2003-11-12-zombie-blackmail_x.htm http://computerworld.com/securitytopics/security/story/0,10801,87075,00.html - - - - - - - - - - Backdoor trojans make their presence felt A virus never sleeps. And it seems they don't stop mutating and breeding, too, as there are two new threats to computer users: BDSinit-A and Webber-C. Strictly speaking, they are back-door trojans rather than 'viruses', but they both allow a remote attacker to control your system. The anti-virus specialist Sophos has already received several reports from the wild for both the threats. http://www.pcpro.co.uk/?http://www.pcpro.co.uk/news/news_story.php?id=49919 Twenty years of malware--and counting http://zdnet.com.com/2100-1105_2-5106221.html - - - - - - - - - - Who Wants To Be A Millionaire? The Universal Lottery Co. wants to give you $2,000. Mohamed Abacha wants you to share his father's $45 million fortune. And Svetlana (or Boris) from Russia simply loves your smile. The catch is, none of them want you. They want your money - and your identity. Egypt Today investigates three of the most common Internet scams Egyptians are falling for. http://www.egypttoday.com/issues/0311/706F/0311706F.asp - - - - - - - - - - 'Grand Theft Auto' makers fight $246M lawsuit The creators of the video game series "Grand Theft Auto" want a federal judge to dismiss a $246 million lawsuit filed by the families of two people shot by teenagers. Rockstar Games and its New York City- based parent, Take-Two Interactive Software, said the victims' families are trying to hold them liable "based on the expressive content of the video game." http://www.usatoday.com/tech/news/2003-11-11-gta-lawsuit_x.htm - - - - - - - - - - Share 'True Crime,' do the time A forthcoming copyright bill backed by key U.S. senators would place file swappers in prison for up to three years if they have a copy of even one prerelease movie in their shared folders. In addition to the prison term, the Artists' Rights and Theft Prevention Act would punish making such movies available on a public "computer network" as a federal felony with a fine of up to $250,000. It would not require that any copyright infringement actually take place. http://zdnet.com.com/2100-1105_2-5106684.html - - - - - - - - - - Singapore government given sweeping powers to monitor computer activity Singapore's Parliament has approved plans to give the government sweeping powers to monitor all computer activity in the city-state and act against anyone it believes could use computers to threaten national security. The government will use pre-emptive scanning of electronic networks to detect possible threats, Senior Minister for Law and Home Affairs Ho Peng Kee told Parliament on Monday just before the bill was passed. http://www.securityfocus.com/news/7412 http://www.hindustantimes.com/news/181_454441,00030010.htm Singapore clamps down on hackers http://www.cnn.com/2003/TECH/internet/11/11/singapore.internet.reut/index.html Cyber-terror crackdown sparks civil rights fears http://www.guardian.co.uk/international/story/0,3604,1082839,00.html - - - - - - - - - - Marketers trying to influence Congress on spam Jerry Cerasale has a standard line at parties. "I tell them I'm the guy who calls you at dinner time and fills up your inbox," he jokes. But it's no laughing matter for the chief Capitol Hill lobbyist of the Direct Marketing Association, the trade group that counts telephone solicitors and e-marketers among its unpopular members. http://www.usatoday.com/tech/news/techpolicy/2003-11-11-spam-lobby_x.htm - - - - - - - - - - Security execs form advisory group Ten top security executives plan to announce a new group on Wednesday that is aimed at helping companies protect their information systems better, CNET News.com has learned. Called the Global Council of CSOs, the group will bring together chief security officers from nine companies and one government agency. The Council will offer advice, publish security recommendations, work with the U.S. Department of Homeland Security and help ensure that corporate America is ready to respond to Internet attacks, according to sources who asked not to be named. http://zdnet.com.com/2100-1105_2-5105962.html http://www.wired.com/news/infostructure/0,1377,61209,00.html http://www.washingtonpost.com/wp-dyn/articles/A32734-2003Nov12.html http://computerworld.com/securitytopics/security/story/0,10801,87066,00.html - - - - - - - - - - Liberty Alliance releases privacy best practices An industry standards body has released guidelines on how to ensure that online credentialing systems meet privacy laws. Agencies can use the Liberty Alliance Projects guide when developing authentication systems, said Christine Varney, a consultant for the San Francisco alliance whose members focus is identity management standards. The best practices released today accompany the release of the alliances second set of specifications for federated identity management. http://www.gcn.com/vol1_no1/daily-updates/24153-1.html http://computerworld.com/securitytopics/security/story/0,10801,87076,00.html Sun adopts security specifications http://zdnet.com.com/2100-1104_2-5105238.html http://zdnet.com.com/2100-1105_2-5106319.html - - - - - - - - - - Consumers warned over growing Internet card fraud In the run-up to Christmas, experts have warned of a growing number of fraudulent 'card not present' e-commerce transactions. Careless shoppers are contributing to an annual PS110m fraud bill from criminals who use stolen credit card details to purchase high-value goods over the Internet and phone. http://news.zdnet.co.uk/internet/ecommerce/0,39020372,39117797,00.htm - - - - - - - - - - Report warns job seekers to guard privacy People who look for work on the Internet may be giving away personal information that could compromise their privacy, according to a report released Tuesday. Employment Web sites often gather reams of personal information, from Social Security numbers and demographic data to Web browsing statistics, said Pam Dixon, who started the World Privacy Forum and wrote the report. Sharing that information could expose it to identity thieves or put it into the hands of third-party marketers, she said. http://www.siliconvalley.com/mld/siliconvalley/7241971.htm http://computerworld.com/securitytopics/security/privacy/story/0,10801,87072,00.html - - - - - - - - - - Missing kids e-mail may have a catch Helping to protect our children, the Web site says. And, indeed, its full of Amber Alert notices, photographs and stories about missing children. Nearly 2,000 children go missing every day, the site indicates, just below a notice that reads How You Can Help. Internet users are encouraged to sign up for an e-mail service that instantly transmits Amber Alerts about missing kids. But those who dont read the fine print may not realize theyve also given the Web site the right to send them e-mail advertisements, and to sell their personal information to third-party firms. http://www.msnbc.com/news/992284.asp - - - - - - - - - - DHS plans cybersecurity summit Officials in the Information Analysis and Infrastructure Protection Directorate of the Homeland Security Department plan to announce details of the upcoming Cyber Security Summit soon, a department spokesman said. The summit, which assistant secretary for IAIP Robert Liscouski first discussed in September, will be held in the San Francisco Bay area, directorate spokesman Donald Tighe said. http://www.gcn.com/vol1_no1/daily-updates/24151-1.html Keep your security chin up http://www.fcw.com/fcw/articles/2003/1110/web-secure-11-11-03.asp Former intelligence officer joins DHS http://www.fcw.com/fcw/articles/2003/1110/web-dhs-11-11-03.asp - - - - - - - - - - Spam spike signals more junk e-mail An e-mail security firm has warned that spammers may be increasing their assault on Web users, after detecting a rise in the amount of unsolicited junk messages sent across the Internet. FrontBridge, which provides outsourced e-mail filtering services for companies, said this week that it detected a 15 percent increase in spam between the 14th and 18th October--which it believes is a sign that organized spammers are ratcheting up their activities. http://zdnet.com.com/2100-1105_2-5105526.html Spam set to soar this Christmas http://news.bbc.co.uk/2/hi/technology/3258179.stm - - - - - - - - - - Microsoft gears up monthly patch release Microsoft is committed to rolling out security updates on a regular schedule, but some experts warn that this may create an attack timetable. Microsoft plans to make available a series of security patches on Tuesday in line with its new policy of releasing patches on a monthly schedule. http://news.zdnet.co.uk/internet/security/0,39020375,39117798,00.htm Microsoft releases critical patches http://www.msnbc.com/news/992084.asp http://computerworld.com/securitytopics/security/story/0,10801,87058,00.html http://computerworld.com/securitytopics/security/story/0,10801,87043,00.html http://news.zdnet.co.uk/internet/security/0,39020375,39117840,00.htm http://news.zdnet.co.uk/internet/security/0,39020375,39117819,00.htm One, two, three, four MS patches at our door http://www.theregister.co.uk/content/55/33940.html Microsoft Frontpage, Word, Excel subject to security threats http://www.theinquirer.net/?article=12633 Microsoft prepares security assault on Linux http://www.infoworld.com/article/03/11/11/HNmsassault_1.html Internet Explorer to shut down pop-ups http://news.zdnet.co.uk/internet/security/0,39020375,39117783,00.htm Belkin disables router spamming feature http://www.theregister.co.uk/content/6/33918.html Is Your Enterprise Software Full of Security Holes? http://www.newsfactor.com/perl/story/22670.html - - - - - - - - - - Britain to introduce compulsory ID cards with biometric data The British government said Tuesday it wants to introduce compulsory identity cards to protect against illegal immigration, welfare fraud and terrorism -- though implementation is years away. Home Secretary David Blunkett said the government would introduce the scheme after building a national database of biometric information using fingerprints, iris scans and facial recognition technology. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7235920.htm Government ignores Web opposition over ID cards http://news.zdnet.co.uk/business/legal/0,39020651,39117844,00.htm Mission impossible? Blunkett's big biometric ID adventure http://www.theregister.co.uk/content/6/33919.html - - - - - - - - - - Is cyberterrorism a phantom menace? Gartner's information security and risk research director has dismissed cyberterrorism as a "theory." The comments came during a media roundtable session at the Gartner Symposium and IT Expo, which began today in Sydney, Australia. The director, Rich Mogull, told journalists that despite the incidence of high-profile digital attacks, cyberterrorism is a phenomenon that has never occurred. http://zdnet.com.com/2100-1105_2-5105732.html Is government ignoring the threat of cyberterrorism? http://www.gcn.com/vol1_no1/daily-updates/24156-1.html - - - - - - - - - - Wep gives 'false sense of security' Basic wireless encryption standards have lulled thousands of UK firms into a false sense of security, with many relying on the inadequate Wireless Encryption Privacy (Wep) standard rather than more proven technologies such as virtual private networks. http://www.vnunet.com/News/1148192 - - - - - - - - - - Security Worries Extend to Storage Networks Sounding the alarm for better data-storage security, Yankee Group report authors Jamie Gruener and Matthew Kovar say enterprises should begin exploring options right away -- but wait six months to make a purchase, giving vendors time to work out some glitches. http://www.newsfactor.com/perl/story/22671.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.