NewsBits for December 11, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Norwegian DVD piracy retrial ends The landmark retrial of a Norwegian who achieved fame when he was cleared of DVD piracy charges lodged by top Hollywood studios ended Thursday with prosecutors demanding a suspended 90-day jail term. http://news.com.com/2100-1025_3-5120669.html http://www.theregister.co.uk/content/54/34476.html - - - - - - - - - - Virginia charges two under new anti-spam law Two North Carolina men were indicted Thursday for flooding the Internet with e-mail pitches for investments, software and other products in what Virginia prosecutors billed as the nation's first felony charges under the state's new anti-spam law. Jeremy Jaynes, 29, of Raleigh and Richard Rutowski of Cary each face four counts under Virginia's new law barring the use of fraudulent means to transmit unsolicited bulk e-mail popularly referred to as spam, said Attorney General Jerry W. Kilgore. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7469455.htm http://zdnet.com.com/2100-1104_2-5120673.html http://www.washingtonpost.com/wp-dyn/articles/A57954-2003Dec11.html http://www.msnbc.com/news/1004078.asp Court considers banning ads for ad-blocker http://news.zdnet.co.uk/internet/security/0,39020375,39118473,00.htm http://www.wired.com/news/business/0,1367,61567,00.html http://www.usatoday.com/tech/news/2003-12-11-zuccarini-guilty_x.htm Tomorrow's Menu: Spam, Spam, Spam http://www.wired.com/news/politics/0,1283,61555,00.html Wanna complain about spam? You must be joking http://www.theregister.co.uk/content/6/34463.html Anti-spam law critics predict failure http://www.vnunet.com/News/1151477 - - - - - - - - - - Man admits misspelt domains exposed children to porn A US man has admitted registering misspellings of names like Disneyland and Britney Spears as Internet domains so that children would view pornographic sites. A Pennsylvania man pleaded guilty on Wednesday to 49 federal charges that he used misspellings of Internet domain names like Disneyland, Teletubbies, and Britney Spears to lure children to pornographic Web sites. http://news.zdnet.co.uk/internet/security/0,39020375,39118477,00.htm http://www.theregister.co.uk/content/6/34471.html http://www.usatoday.com/tech/news/2003-12-11-zuccarini-guilty_x.htm - - - - - - - - - - Attack on SCO's servers intensifies A day-old denial-of-service attack on the Web server of the controversial SCO Group has been expanded to assault the company's mail and file servers, SCO's top network administrator said. The attack, which first hit the company's Web and file servers on Wednesday around 3:20 a.m. PST, paused briefly last night before resuming against more SCO servers, said Jeff Carlon, director of worldwide information technology infrastructure for the Lindon, Utah, company. http://zdnet.com.com/2100-1105_2-5120706.html http://www.usatoday.com/tech/news/2003-12-11-picking-on-sco_x.htm Doubts cast on SCO claims of denial of service attack http://www.smh.com.au/articles/2003/12/11/1071086170827.html - - - - - - - - - - Phishmongers target Lloyds TSB customers Another day, another email scam with fraudsters trying to extract sensitive information so they can thieve from people's bank accounts. http://www.theregister.co.uk/content/55/34467.html - - - - - - - - - - European court upholds German ban on Internet pharmacies Europe's top court Thursday gave countries the right to ban sales of prescription drugs by Internet pharmacies because of safety concerns, but said the restrictions could not apply to sales of over-the-counter medications. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7468904.htm - - - - - - - - - - IE bug lets fake sites look real Microsoft on Tuesday said it was looking into reports of a potential bug in its Web browser that could help malicious hackers design convincing Web site spoofs. The bug, according to security alerts by a bug hunter and a Danish security company, Secunia, could let hackers use a technique to display a false Web address on a fake site. http://zdnet.com.com/2100-1105_2-5119440.html Mystery patch contradicts intentions http://news.zdnet.co.uk/internet/security/0,39020375,39118459,00.htm - - - - - - - - - - New email worm is Scold outside MessageLabs has warned of a new virus that has appeared yesterday, of which it has already detected several thousand copies in the wild. Scold-MM was first intercepted yesterday and appeared to originate from France. However, MessageLabs says it has since detected more than 2,000 copies as far afield as Egypt and Australia. http://www.pcpro.co.uk/news/news_story.php?id=51287 - - - - - - - - - - Critical Oracle flaw found Versions 8 and 9 of several software lines at risk Oracle has warned its customers of critical flaws in the security technology of some of its application and database server products. The flaws are in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) of Oracle 8i and 9i Database Server, Oracle 9i Application Server, and versions 8 and 9 of the Oracle HTTP Server. http://www.vnunet.com/News/1151481 - - - - - - - - - - UK spam ban comes into force Sending unsolicited e-mails, or spam, in Britain in now a criminal offense under new laws that came into force on Thursday. The ban is part of a European Union initiative to eradicate unwanted e-mails, with companies now needing to gain permission before sending junk e-mails or text messages. http://www.cnn.com/2003/TECH/12/11/uk.spam.ban/index.html http://news.bbc.co.uk/2/hi/technology/3308989.stm - - - - - - - - - - Report: Energy lab muffed classified computer control Officials at the Energy Departments Lawrence Livermore National Laboratory have tightened controls over classified desktop and notebook PCs and removable media following an investigation that found fault with its inventory methods. DOE has cramped up security oversight in recent months in the wake of controversies prompted by security lapses in 1999 and 2000, http://www.gcn.com/vol1_no1/daily-updates/24426-1.html Los Alamos praised for response to potential security threat http://www.govexec.com/dailyfed/1203/121103a1.htm - - - - - - - - - - Security bosses to get forum A proposed group for information security officers will take the form of a forum, and the CIO Council supports the idea, according to the federal e-government chief. Karen Evans, the Office of Management and Budget's administrator for e-government and information technology, said a forum rather than a council will allow security officers to come together in a less formal setting to discuss issues surrounding information security. http://www.fcw.com/fcw/articles/2003/1208/web-evans-12-11-03.asp - - - - - - - - - - Your New Weapon vs. ID Theft While hardly perfect, the Fair & Accurate Credit Transaction Act goes a long way toward helping consumers protect themselves. Consider it an early Christmas present. On Dec. 4, President George W. Bush signed into law the Fair & Accurate Credit Transaction (FACT) Act of 2003, an updated and improved version of the 1970 Fair Credit Reporting Act, which regulates the ugly world of credit reports, credit scores, and sensitive personal data. http://www.businessweek.com/technology/content/dec2003/tc20031211_2562_tc073.htm - - - - - - - - - - My sysadmin is a special constable Parliamentary lobby group EURIM is working with MPs and industry groups to draw a blueprint for the fight against cyber-crime. EURIM and think tank The Institute for Public Policy Research (IPPR) today published a discussion paper which aims to set the agenda for debate on e-crime. This outlines a number of easily- introduced fairly cheap measures that can be taken to stem cybercrime, along with a number of longer- term plans. http://www.theregister.co.uk/content/55/34473.html UK Calls for Civilian Deputies to Fight Cybercrime A contingent of British MPs, police and technology industry executives will propose on Thursday that civilian specialists be deputised and local UK laws strengthened to fight cyber crime. "E-crime has become a huge problem, hitting e-commerce, hitting business. It's one of the obstacles in the way of creating a true information society," said Philip Virgo, Secretary General of EURIM, a ten-year-old trade group for Europe's technology sector. http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=3970465 - - - - - - - - - - Microsoft gets Windows XP update ready Microsoft is set to release a test version of the next update to Windows XP, which adds security features as well as improved support for Bluetooth and Wi-Fi networks. The beta version of Windows XP Service Pack 2 is expected to be made available to testers soon via Microsoft's developer Web site. The final version is expected to be released in the first half of next year, Microsoft said. http://zdnet.com.com/2100-1104_2-5120138.html - - - - - - - - - - Security threats damage more than infrastructure THE previous article concluded the series on ISMS framework and best practices implementation as outlined in the BS7799 standards. Taking a break from the extensive BS7799 discussion, this months installment explores the critical implications of todays security threats to enterprises. Most local organisations do not consider enterprise security as part of their business priorities. http://star-techcentral.com/exclusives/ecopnet/story.asp?file=/2003/12/10/Securitythreatsdamagemorethaninfrastructure&sec=exclusives - - - - - - - - - - Weapons of Mass Disruption The terrorists have been going "virtual" for a long time now. A new, but largely unnoticed, front in the war on terrorism is being played out on the Internet, where terrorist recruitment and planning is gaining momentum. Over the last two years, the United States has been fighting a losing battle against al-Qaida on the World Wide Web. Once identified, al-Qaida- affiliated Web sites are quickly hacked or shut down, only to reappear at another Web address or on another server. http://www.insightmag.com/news/576014.html - - - - - - - - - - Social engineering holds clue to security leaks The Maritimes are behind the times when is comes to information security governance, according to an expert, but many also fall prey to trickery of social engineering. Mark Bernard, CEO of Hartland, N.B. headquartered Apollo Computer Consultants, said this is especially true when it comes to the Personal Information Protection and Electronic Documents Act, which comes into full effect next month. http://www.itbusiness.ca/index.asp?theaction=61&lid=1&sid=54350 There's no silver bullet for security http://zdnet.com.com/2100-1107_2-5120096.html Education, not legislation will reduce e-crimes http://news.zdnet.co.uk/internet/0,39020369,39118483,00.htm - - - - - - - - - - Holiday privacy: You'd better watch out Signs of consumer concern about privacy are everywhere as the holiday shopping season has moved into high gear. Congress is working overtime on legislation that would give consumers new weapons to fight identity theft--including access to free credit reports and tools to prevent thieves from opening accounts in their names. Meanwhile other privacy legislation, such the California Financial Information Privacy Act, targets industries as diverse as healthcare and finance, and the trend for privacy regulation looks set to continue. http://zdnet.com.com/2100-1107_2-5119836.html - - - - - - - - - - VOIP lets 911 callers down, communications officials say Voice over IP technology has not been integrated with the nations emergency telephone system, the Association of Public Safety Communications Officials said. APCO is deeply concerned that the rapid deployment of VOIP service will have a serious and negative impact on the provisioning of 911 emergency communications, the organization said in a statement released Thursday. http://www.gcn.com/vol1_no1/daily-updates/24425-1.html - - - - - - - - - - Web school teaches porn site how-to There's money to be made in the online porn business, and Michael Hayes of AdultWebmasterSchool.com says he can help you cash in. Launched by laid- off dot-com workers in July 2000, the school's $140 course has graduated about 2,200 students, Hayes says. http://www.cnn.com/2003/TECH/internet/12/11/porn.school/index.html Patenting Air or Protecting Property? http://www.washingtonpost.com/wp-dyn/articles/A54548-2003Dec10.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.