<![CDATA[
NewsBits for April 28, 2004 sponsored by,
Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu
************************************************************
U.S. charges four under new law against 'spam' e-mails
U.S. authorities charged four people in Detroit on
Wednesday with e-mailing fraudulent sales pitches
for weight-loss products, the first criminal
prosecutions under the government's new "can spam"
legislation. Court papers identified the four as
Daniel J. Lin, James J. Lin, Mark M. Sadek and
Christopher Chung, all believed living in suburban
Detroit. They were accused of disguising their
identities in hundreds of thousands of e-mail sales
pitches and delivering e-mails by bouncing messages
through unprotected relay computers on the Internet.
http://www.securityfocus.com/news/8552
http://www.washingtonpost.com/wp-dyn/articles/A50999-2004Apr28.html
http://www.cnn.com/2004/LAW/04/28/internet.spam.ap/index.html
- - - - - - - - - -
Music industry sues 477 more computer users
The recording industry sued 477 more computer
users Wednesday, including dozens of college
students at schools in 11 states, accusing them
of illegally sharing music across the Internet.
The Recording Industry Association of America,
the trade group for the largest labels, praised
efforts by colleges and universities to use
technology and school policies to crack down
on music piracy on their own computer networks.
But it said the most egregious offenders on
scampus deserved to be sued.
http://www.cnn.com/2004/TECH/internet/04/28/downloading.music.ap/index.html
http://zdnet.com.com/2100-1104_2-5201637.html
http://msnbc.msn.com/id/4854956/
http://www.cnn.com/2004/TECH/internet/04/28/downloading.music.ap/index.html
Apple disables iTunes song-swapping tool
http://zdnet.com.com/2100-1104_2-5201781.html
- - - - - - - - - -
ACLU challenges FBI use of secret letters to obtain records
The American Civil Liberties Union is challenging
the FBI's use of expanded powers to compel Internet
service providers to turn over information about
their customers or subscribers. A lawsuit challenging
secret FBI national security letters was filed April
6 in U.S. District Court in New York but not made
public until Wednesday because of its extraordinary
sensitivity.
http://www.securityfocus.com/news/8551
http://www.washingtonpost.com/wp-dyn/articles/A50956-2004Apr28.html
- - - - - - - - - -
Microsoft hole spawns false alarm, real attacks
Antivirus company Symantec Corp. backtracked
today after claiming that it captured an example
of a new Internet worm that takes advantage
of a recently disclosed hole in Windows machines
running Secure Sockets Layer. The company yesterday
trapped an example of the malicious code called
backdoor.mipsiv and warned customers that it was
either a new worm or a small automated program
called a "bot" that exploits a new Windows Private
Communications Transport Protocol (PCT) vulnerability,
part of the Windows implementation of SSL. However,
Symantec today said further analysis of the code
showed that it was neither a worm nor a bot and
that it didn't use the PCT vulnerability.
http://computerworld.com/securitytopics/security/story/0,10801,92732,00.html
Worm worries grow with release of Windows hacks
http://news.com.com/2100-1002_3-5201807.html
- - - - - - - - - -
Beware the domain slammers - UK gov
The UK's Office of Fair Trading (OFT) is warning
small businesses to look out for dodgy domain
name registration services, after receiving several
complaints from companies. The dotcom cowboys contact
a business saying that a third party is just about
to buy a domain name that would suit them, but that
if they get in quickly, they can buy it for themselves.
Trouble is, the OFT says, that the third party
is often a figment of the salesman's imagination,
conjured up to pressure the target company into
making a quick purchase.
http://www.theregister.co.uk/2004/04/28/domain_name_cowboys/
- - - - - - - - - -
Federal program funds network security testbed
A technology research company has been awarded
a contract to build out a large-scale network testbed
that will support a national Internet security research
program. McAfee Research, the technology research
division of Network Associates Inc. of Santa Clara,
Calif., was awarded subcontracts by the University
of California at Berkeley and Pennsylvania State
University. The work is part of a $10.8 million
program funded by the National Science Foundation
and the Homeland Security Department.
http://www.gcn.com/vol1_no1/daily-updates/25762-1.html
Leader: Sorry, but security's expensive
http://comment.silicon.com/0,39024711,39120313,00.htm
- - - - - - - - - -
Microsoft to create pop-up safety lessons
Microsoft plans to use more dialog boxes and other
messages in future software releases to educate people
on 'safe' computing. At the InfoSecurity trade show
in London, Microsoft said Tuesday that new versions
of its Windows and Office products will educate
customers about security via dialog boxes, warning
messages and offers to automatically configure
security settings.
http://zdnet.com.com/2100-1105_2-5201585.html
MS rethinks security patch test scheme
http://www.theregister.co.uk/2004/04/28/ms_testing_u-turn1/
- - - - - - - - - -
Phoenix extends Bios to enhance network security
Phoenix Technologies, the company behind the Phoenix
Bios firmware that is installed in about 80 percent
of all PCs, launched a utility at the InfoSecurity
show in London on Wednesday that can allow users'
hardware to be used in conjunction with a traditional
login system to ensure that only authorised users
with a "trusted device" can gain access to the
corporate network.
http://news.zdnet.co.uk/internet/security/0,39020375,39153285,00.htm
- - - - - - - - - -
Common Access Card traveled a long, rocky road to success
A team of officials from the Defense Manpower
Data Center this morning gave a behind-the-scenes
glimpse of the challenges in managing the Defense
Department's Common Access Card. "Many said we
were on the bleeding edge of technology when
we started this roll-out," said Lynda A. Cole,
a management and program analyst in the DMDC's
Access Card Office. It soon became clear how
true that was, Cole said.
http://www.gcn.com/vol1_no1/daily-updates/25767-1.html
- - - - - - - - - -
IT security to go offshore. Maybe
Infosecurity Europe 2004 IT security - once the
most closely-guarded IT function - could become
the next candidate for offshoring. As the security
market has evolved, more companies have outsourced
functions like security monitoring and response.
Tight corporate budgets and a skills shortage
of suitably qualified security professionals
have accelerated this trend.
http://www.theregister.co.uk/2004/04/28/offshore_security/
- - - - - - - - - -
Stop Being a Victim
An influential newspaper columnist blames
"contemptuous techies" for allowing users to fall
prey to viruses and spyware. But don't some users
deserve a little contempt? Writing these columns
gets tough sometimes. It can be quite a challenge
to keep content current while trying to add value
by driving home the basic concepts of security
without sounding like a broken record.
http://www.securityfocus.com/columnists/236
Clueless user: ditch the victim mentality
http://www.theregister.co.uk/2004/04/28/clueless_security_user/
- - - - - - - - - -
Tales from the crypto world
Paul Kocher, president and chief scientist
of Cryptography Research, came to prominence
in the industry by breaking things. In 1998,
the company cracked security on smart cards
by monitoring how much power their internal
microprocessors used. Kocher also came
up with the software inside Deep Crack,
a machine tailored to crack encrypted
documents.
http://zdnet.com.com/2100-1105_2-5201619.html
- - - - - - - - - -
Hack + Activism = Hacktivism
A term "hacktivism" originated from the
combination of two words "hack" and "activism"
and is used to mean a new phenomenon of social
protest that is a peculiar synthesis of social
activity pursuing purpose of protest against
anything, and hacking (using Internet technologies
with the purpose to bring damage to computer
networks and their users).
http://www.crime-research.org/news/28.04.2004/235
- - - - - - - - - -
Florida town to use blanket of surveillance cameras
One of the nation's wealthiest towns will soon
have cameras and computers running background
checks on every car and driver that passes through.
Police Chief Clay Walker said cameras will take
infrared photos recording a car's tag number,
then software will automatically run the numbers
through law enforcement databases. A 911 dispatcher
is alerted if the car is stolen or is the subject
of a "be on the lookout" warning.
http://www.usatoday.com/tech/news/2004-04-27-rich-people-shun-privacy_x.htm
***********************************************************
Computer Forensics Training - Online. An intense, 150 hour,
instructor lead program that teaches you computer forensics
and helps prepare you for the Certified Computer Examiner
exam. For more information see; www.cybercrime.kennesaw.edu
***********************************************************
Search the NewsBits.net Archive at:
http://www.newsbits.net/search.html
***********************************************************
The source material may be copyrighted and all rights are
retained by the original author/publisher. The information
is provided to you for non-profit research and educational
purposes. Reproduction of this text is encouraged; however
copies may not be sold, and NewsBits (www.newsbits.net)
should be cited as the source of the information.
Copyright 2000-2004, NewsBits.net, Campbell, CA.
]]>