NewsBits for November 20, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ 125 Nabbed in U.S. Cybercrime Crackdown A federal crackdown on a wide range of Internet fraud schemes costing victims an estimated $100 million has resulted in the arrest or conviction of 125 individuals, law enforcement officials said Thursday. The investigation, dubbed "Operation Cyber Sweep," targets such crimes as stolen credit card numbers, software piracy and the sale of stolen goods over the Internet, said Attorney General John Ashcroft. http://www.washingtonpost.com/wp-dyn/articles/A34-2003Nov20.html http://www.sfgate.com/cgi-bin/article.cgi?file=/news/archive/2003/11/20/national1117EST0566.DTL http://news.com.com/2100-1009_3-5110180.html?tag=nefd_top http://www.washingtonpost.com/wp-dyn/articles/A33-2003Nov20.html http://www.wired.com/news/business/0,1367,61317,00.html http://www.theregister.co.uk/content/55/34113.html http://computerworld.com/securitytopics/security/cybercrime/story/0,10801,87395,00.html - - - - - - - - - - Credit Card Scammers Attack East End It may be the worlds second oldest profession: Fraud. Yet, while scam artists have always been a nuisance, it seems that in the Internet age they have become more pervasive, successful, and costly. Enter The Elegant John, a bed and bath shop in East Hampton. Along with their storefront, they have an online store. Two and a half weeks ago they received an email from "Mr. Steve, An international businessman." Mr. Steve wanted some goods shipped to his client in Lagos, Nigeria. The total came to $7,500. As the final arrangements were being made, Mr. Steve had one more request. http://www.indyeastend.com/detail.asp?cat=news&article=1561 - - - - - - - - - - Court limits in-car FBI spying An appeals court this week put the brakes on an FBI surveillance technique that turns an automobile driver's on-board vehicle navigation system into a covert eavesdropping device, after finding that the spying effectively disables the system's emergency and assistance features. http://www.securityfocus.com/news/7491roadside http://news.zdnet.co.uk/business/legal/0,39020651,39118019,00.htm http://www.theregister.co.uk/content/55/34100.html http://www.usatoday.com/tech/news/techpolicy/2003-11-19-on-board_x.htm - - - - - - - - - - Liability for intercepting e-communications depends upon intent Companies and individuals rightfully are worried about their potential Internet-related liabilities. As information technology is advancing at warp speed, and as the law is struggling to keep up with such advances, it is impossible to know for sure when and how liability can be triggered. http://www.usatoday.com/tech/columnist/ericjsinrod/2003-11-20-sinrod_x.htm - - - - - - - - - - EU Sets Up Internet Security Agency The European Union governments agreed Thursday to launch an agency to protect the Internet by alerting the public about computer viruses, identity theft and other crimes committed online. The European Network and Information Security Agency is to be operational in early 2004. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7309661.htm http://www.guardian.co.uk/online/story/0,3605,1088437,00.html http://computerworld.com/securitytopics/security/cybercrime/story/0,10801,87394,00.html Telecoms ministers combat cyber crime http://www.eupolitix.com/EN/News/fc6e5078-09d2-4129-ac46-49a4c90a66b4.htm - - - - - - - - - - US cybercrime push 'imperils personal security' of Americans White House plans to ratify a Council of Europe Cybercrime treaty will be a disaster for the privacy and security of Americans, Privacy International (PI), the human rights watchdog, claims. http://www.theregister.co.uk/content/55/34105.html http://www.silicon.com/management/government/0,39024677,39116980,00.htm - - - - - - - - - - Civil liberties groups demand halt to RFID A global alliance of opponents to the rollout of radio frequency identification tagging systems have demanded that companies stop deploying them until crucial issues are addressed. Over 30 civil liberties and privacy groups have demanded a suspension to the deployment of radio frequency identification (RFID) tagging systems until a number of issues surrounding the controversial technology have been addressed. http://news.zdnet.co.uk/hardware/emergingtech/0,39020357,39118035,00.htm Moratorium on RFID chips urged http://www.theregister.co.uk/content/55/34109.html - - - - - - - - - - Tool up for tomorrow's security threats, says Symantec chief Today's practice of applying security updates after a software vulnerability becomes known or after a virus has been reported will be ineffective in a world of super-fast spreading worms and viruses, warned Symantec chief executive officer John Thompson. A fresh approach and an armoury of security software and services are needed to combat "Warhol" threats, which spread across the internet and infect systems worldwide within 15 minutes, Thompson said in his keynote at Comdex in Las Vegas. http://www.computerweekly.com/articles/article.asp?liArticleID=126663 http://news.zdnet.co.uk/business/0,39020645,39118017,00.htm - - - - - - - - - - Gates Sets Schedule For Security Improvements Businesses should see a 180-degree improvement in the security of their Windows software environments within eight months, according to Microsoft's chairman and chief software architect, Bill Gates. Although Microsoft's Trustworthy Computing initiative is a multiyear effort, Gates says bug-weary customers will get relief in months, not years. http://www.crn.com/sections/BreakingNews/dailyarchives.asp?ArticleID=46181 http://www.silicon.com/software/webservices/0,39024657,39116984,00.htm No gimmicks Microsoft--just take security seriously http://zdnet.com.com/2100-1107_2-5109803.html Bill Gates: At the crossroads http://zdnet.com.com/2100-1104_2-5109620.html - - - - - - - - - - A Patented Way To Preempt The Spammers Odd or surprising new solutions to the e-mail spam problem are always floating around the cyber-realm. But nothing quite prepared us for a jaw-dropper from AT&T Corp.: a patent that the company received this month on a system for defeating spam filters, those computer programs that help weed out spam before it gets to our e-mail boxes. http://www.washingtonpost.com/wp-dyn/articles/A62776-2003Nov19.html - - - - - - - - - - Standard Bank falls in with SMS security Standard Bank has become the last major commercial bank to introduce SMS security for its Internet banking clients, although it was the first to upgrade security following the Absa hacker scare four months ago. All the other major commercial banks have introduced SMS security, in one form or another, over the past 18 months. Nedcor was the first, followed by First National Bank and then Absa, which introduced it as part of its Internet banking security upgrade after a Bellville man allegedly defrauded a number of its Internet banking clients. http://www.itweb.co.za/sections/internet/2003/0311201154.asp - - - - - - - - - - Sybari blocks IM viruses Addressing the inevitable threat of viruses that piggyback on instant messages, Sybari Software Inc. has announced Antigen 7.5 for IM at Comdex in Las Vegas. A two-license version of the program will cost about $28 per user, with no limitation on server installations. Antigen 7.5 for IM works with Microsoft Corp.'s Office Live Communications Server 2003, released this fall. http://computerworld.com/securitytopics/security/story/0,10801,87383,00.html - - - - - - - - - - BMC adds to ID management tools BMC Software plans to extend its identity management software with better management tools. BMC on Thursday said that it will incorporate technology developed by Business Layers, a Rochelle Park, N.J.-based company, into its existing Control-SA identity management software. Business Layers specializes in provisioning software, which is used to manage user accounts on computer networks. http://zdnet.com.com/2100-1104_2-5109917.html - - - - - - - - - - Firewall, security software giveaway vexes competitors Shares of Digital River Inc. fell as much as 7.4 percent Wednesday, amid concerns that a security- software giveaway by Computer Associates International Inc. will hurt Digital's largest customer, Symantec Corp. Eden Prairie-based Digital River manages Internet security provider Symantec's online store. In 2002, 23 percent of Digital River's revenue stemmed from Symantec, according to a filing with the Securities and Exchange Commission. http://www.startribune.com/stories/789/4222973.html http://www.newsfactor.com/perl/story/22730.html - - - - - - - - - - Senior management 'slow to understand wireless risks' The proliferation of wireless networks throughout the enterprise means IT managers must implement proper security plans. But persuading the boss that it's worth the money could be a struggle. IT staff who want to invest to secure their Wi-Fi networks from security breaches may struggle to persuade senior management that the money would be well spent, according to a wireless security vendor. http://news.zdnet.co.uk/communications/wireless/0,39020348,39118028,00.htm http://www.silicon.com/networks/wifi/0,39024669,39116993,00.htm - - - - - - - - - - CodeFellas Smart mobs? Fuhgeddaboutit. Not till they hired me. Now they're getting a secure P2P bet-processing system. A mafia hacker tells his story to Wired. On a traffic- clogged street in midtown Manhattan - sandwiched among the bars, massage parlors, and cheap diners - there's a small glass door that leads to my office. The building has no doorman, no front desk, and no video surveillance cameras. We don't go in for that type of security. http://www.wired.com/wired/archive/11.12/mafia.html - - - - - - - - - - Cyberterrorism: a new reality According to information security experts the most vulnerable to cyberattacks countries are 6 states of the Middle East: Iran, Kuwait, United Arab Emirates, the Saudi Arabia, Egypt and Israel. USA is a "black-list" also. Thus, for the first half- year 2003 the quantity of hacker attacks against United Arab Emirates has increased in 3 times in comparison with the second half-year 2002. The country has incurred multi-billion losses. Only one incident resulted in long time deactivating servers of ATM Company has caused up to $3 billion losses. http://www.crime-research.org/news/2003/11/Mess2003.html - - - - - - - - - - Honeypots: The sweet spot in network security The role of decoy-based intrusion-detection technology, or "honeypots," is evolving. Once used primarily by researchers as a way to attract hackers to a network system in order to study their movements and behavior, honeypots are now beginning to play an important part in enterprise security. Indeed, by providing early detection of unauthorized network activity, honeypots are proving more useful to IT security professionals than ever. http://computerworld.com/securitytopics/security/story/0,10801,87288,00.html - - - - - - - - - - I know! Let's have a hackers' union! A proposal to create an association to represent the interests of hackers and vulnerability researchers is gaining support, a security expert said yesterday. CNet reports that the group, which would be geared toward researchers and not software vendors, would provide guidelines on vulnerability disclosures and lobby against legislation that could stifle security researchers' ability to tinker with software. Around 36 people have pledged financial support to help get the group started, said Thor Larholm, senior security researcher for US-based PivX Solutions. http://www.itweb.co.za/sections/computing/2003/0311200938.asp http://zdnet.com.com/2100-1105_2-5109642.html - - - - - - - - - - Homeland Security network solicitation planned Homeland Security Department officials plan to release the department's solicitation for an enterprise data network by the end of the year. The Homeland Security Data Network (HSDN) will handle all data for the department. Given the many missions within the department -- including some that are not related to homeland security -- there will be subdomains, but the aim is to have everyone working on the same infrastructure as quickly as possible, Steve Cooper, chief information officer at the department, said today. http://www.fcw.com/fcw/articles/2003/1117/web-dhsnet-11-20-03.asp - - - - - - - - - - FBI to give basic computer training to some Trilogy users The FBI is preparing its work force to use the Virtual Case File system it plans to field as part of its Trilogy modernization project by conducting computer literacy training for thousands of employees. Special agent Larry DePew, the project manager for VCF, said at a meeting of the Association for Federal Information Resource Management today that "about 3,000" FBI employees need the training. http://www.gcn.com/vol1_no1/daily-updates/24242-1.html http://www.fcw.com/fcw/articles/2003/1117/web-mci-11-20-03.asp - - - - - - - - - - Police go high-tech in crackdown on stolen cars Mayor Francis Slay calls it merely coincidence: Wednesday's rollout of a beefed-up plan to address the rising number of car thefts comes just a week after someone stole his son's Jeep Cherokee from outside the politician's home. http://www.usatoday.com/tech/news/techinnovations/2003-11-19-car-theft_x.htm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.