NewsBits for June 1, 2004 ************************************************************ Boy Uses Internet Spy Plot to Arrange His Own Murder A British boy was convicted of an Internet chatroom plot to arrange his own murder. The 14 year-old schoolboy posed as a spy in an Internet chatroom, and duped an older teen into attempting to murder him. A 14 year-old British boy used an Internet chatroom to pose as a spy and plot his own murder. Known only as 'John,' the boy invented a host of fictional characters to induce another teen, Mark, to kill him. http://www.newsfactor.com/story.xhtml?story_title=Boy-Uses-Internet-Spy-Plot-to-Arrange-His-Own-Murder&story_id=24286 - - - - - - - - - - Two arrested in Softbank data leak probe Two men have been arrested amid allegations that they were involved in a bid to extort billions of Yen from Japanese outfit Softbank Corp. Yutaka Tomiyasu (24) and Takuya Mori (35) were arrested at the weekend in connection with the leak of confidential information concerning Internet users earlier this year. http://www.theregister.co.uk/2004/06/01/softbank_dat_leak/ - - - - - - - - - - Missing: A Laptop of DEA Informants Federal investigators are frantically trying to determine what happened to a missing laptop computer that contains sensitive data on as many as 100 Drug Enforcement Administration investigations around the country, including a wealth of information about many of the agency's confidential informants, NEWSWEEK has learned. http://www.msnbc.msn.com/id/5092991/site/newsweek/ - - - - - - - - - - Outsourced IT staff fingered porn stash banker Porn-surfing bank supremo Michael Soden was caught with his browser down last week by the very same staff he outsourced to HP at the start of his reign at the Bank of Ireland. Soden hit the headlines last year in Ireland when staff took industrial action in protest of the department's shift http://www.theregister.co.uk/2004/06/01/outsourcing_porn/ http://www.theregister.co.uk/2004/06/01/bank_porn/ - - - - - - - - - - Court dismisses DirecTV whistleblower case A California judge has dismissed a lawsuit brought against satellite TV giant DirecTV by a former worker. The case revolves around DirecTV's controversial anti-piracy tactics. DirecTV is targeting consumers who used smart card programmers and other equipment to get free or expanded satellite TV service. Passive reception of DirecTV's satellite TV signals is difficult (if not impossible) to monitor. So DirecTV attempts to find 'cable pirates' by raiding suppliers of equipment that can be used in piracy and sending out threatening letters to everyone on their customer lists. http://www.theregister.co.uk/2004/06/01/directv_lawsuit_dismissed/ - - - - - - - - - - Computex press room hit by Microsoft worm THE COMPUTEX press office is filled with hacks from all over the world and they're all gnawing their knuckles because their news editors are shouting at them to file their stories. But the problem is they can't, because the rather nice looking Shuttle boxes and Shuttle monitors don't give no satisfaction. It's not the fault of the hardware though. A worm has obviously struck the network, as we found out when we plugged an Ethernet cable into our notebook to see our firewall shouting "help, help". http://www.theinquirer.net/?article=16258 http://www.theregister.co.uk/2004/06/01/sasser_cripples_computex/ - - - - - - - - - - Sasser tops virus infections The Sasser worm dominated virus charts for May, accounting for more than half the inbox infections reported during the month. According to figures from antivirus firm Sophos, the worm made up 51 per cent of all reported infections. However, six variants of the Netsky worm also broke into the top ten, reminding network administrators to still be on the lookout for versions of the troublesome virus. http://news.zdnet.co.uk/internet/security/0,39020375,39156343,00.htm http://www.vnunet.com/news/1155524 Viruses up - or down http://www.theregister.co.uk/2004/06/01/virus_stats/ - - - - - - - - - - Coding error thwarts Paralympic phishing scam A new phishing email aimed at diverting donations to the Australian Paralympic Team has emerged -- complete with a coding error which means that the cold-hearted scam is unlikely to work. The email, which falsely claims to be from Westpac, is a replica of a page from the bank's Web site which provides information on making donations to the Australian Paralympians, who need to raise AU$2m to fund their visit to Athens this year. http://news.zdnet.co.uk/internet/security/0,39020375,39156339,00.htm - - - - - - - - - - Police closing in on net phishers Police believe they may be on to the gang responsible for online banking scams which ripped off New Zealand banks to the tune of $100,000 earlier this year. Britain's Hi-Tech Crime Unit arrested 12 men and women in London this month on suspicion of defrauding bank customers and diverting money to a Russian crime gang. http://www.crime-research.org/news/31.05.2004/307 - - - - - - - - - - Chinese government censors online games The Chinese government is setting up a special committee to review and if necessary censor online games. Games which break the constitution, threaten national unity, sovereignty and territorial integrity will be banned. Anything which threatens "state security, damaging the nation's glory, disturbing social order and infringing on other's legitimate rights" will also be banned. http://www.theregister.co.uk/2004/06/01/china_bans_games/ - - - - - - - - - - Cyber-Cops Outgunned Bob Breeden isn't complaining, don't get him wrong. Special Agent Breeden, who heads the Computer Crime Division of the Florida Department of Law Enforcement, in Tallahassee, feels fortunate to work in one of the few state police departments running a full-time cyber- crime division. With four other officers under his command and another 10 FDLE employees at his disposal, Breeden oversees a division with an embarrassment of riches compared with its counter parts in most other states. http://www.eweek.com/article2/0,1759,1604308,00.asp - - - - - - - - - - Hackers 'recycling code' to spread worms Although less new malicious code appears to be being written, viruses and worms are continuing to cause problems around the world, says Trend Micro Despite worms such as Sasser, Bobax and Wallon wreaking havoc throughout May, security vendor Trend Micro says it detected fewer examples of new malicious coding last month than it did in April. http://news.zdnet.co.uk/internet/0,39020369,39156322,00.htm - - - - - - - - - - IT Integration Efforts Falter As DHS Plans for Election Security U.S. Department of Homeland Security officials for the past three weeks have been quietly preparing a 100-day plan to bolster cyber- and physical security around critical infrastructures in advance of a possible terrorist attack this summer. And they've been doing so without the benefit of a sufficiently integrated IT infrastructure. http://computerworld.com/securitytopics/security/story/0,10801,93523,00.html - - - - - - - - - - Hacking Sparks Need for Complex Passwords As more Web sites demand passwords, scammers are getting more clever about stealing them. Hence the need for such "passwords-plus" systems. To access her bank account online, Marie Jubran opens a Web browser and types in her Swedish national ID number along with a four-digit password. http://www.washingtonpost.com/wp-dyn/articles/A5693-2004Jun1.html http://www.wired.com/news/infostructure/0,1377,63670,00.html http://www.msnbc.msn.com/id/5112838/ Ensuring the Security of Passwords http://www.latimes.com/technology/la-fi-password1jun01,1,7191882.story - - - - - - - - - - MS support pledge boosts security Microsoft's guarantee that its business products will have a 10-year lifecycle will boost the company's Trustworthy Computing security initiative, according to industry analysts. Users who do not upgrade when product support ends are left with vulnerable PCs, with no means of patching, said Graham Titterington, principal analyst at Ovum. "Any insecure computer on a network is a risk to the whole network," he said. http://www.computerweekly.com/articles/article.asp?liArticleID=130954&liArticleTypeID=1&liCategoryID=2&liChannelID=22&liFlavourID=1&sSearch=&nPage=1 Microsoft, Sun Security Paths Diverge http://www.eweek.com/article2/0,1759,1604304,00.asp?kc=EWRSS03119TX1K0000594 AT&T beefs up cybersecurity tools http://zdnet.com.com/2100-1105-5223659.html http://news.com.com/AT%26%2338%3BT+beefs+up+cybersecurity+tools/2100-7347_3-5223659.html Technology strains to find menace in the crowd http://news.com.com/Technology+strains+to+find+menace+in+the+crowd/2100-7348_3-5223658.html - - - - - - - - - - Cyber blackmail or a terrorist act Only when some years passed we can review without bias events that happened in Ukraine in January 2002. In order to get one million of UAH (about $185-190 thousand) persons unknown phoned director of Odessa Airport, Ukraine and informed that they placed an explosive device on board of a plane bound for Vienna and also they blew up a bomb in the building opposite to airport building to confirm the severity of their intentions. http://www.crime-research.org/news/31.05.2004/301 - - - - - - - - - - When Software Fails to Stop Spam, It's Time to Bring In the Detectives Sterling McBride spends a lot of time waiting for spammers to make a mistake. They usually do. When he hunted down escaped prisoners for the United States Marshals Service, Mr. McBride learned the value of lying low until fugitives trip up, leaving small clues on their whereabouts. Now, as an investigator for Microsoft, Mr. McBride watches carefully for tidbits of data that link some of the two billion pieces of junk e-mail that Microsoft's Hotmail service receives each day with the people who send them. http://www.nytimes.com/2004/05/31/technology/31spam.html The FBI is increasing its effort to investigate spammers http://www.crime-research.org/news/31.05.2004/305 Unsubscribe links: Spam killer or sucker list? http://www.gcn.com/vol1_no1/daily-updates/26069-1.html Spam's Assault Going Beyond Annoying E-Mail http://www.latimes.com/technology/la-fi-spam31may31,1,6939886.story Spyware following spam into the enterprise http://techupdate.zdnet.com/techupdate/stories/main/Spyware_following_spam_into_the_enterprise.html - - - - - - - - - - Many Wireless Networks Lack Security With a laptop perched in the passenger seat of his Toyota 4Runner and a special antenna on the roof, Mike Outmesguine ventured off to sniff out wireless networks between Los Angeles and San Francisco. He got a big whiff of insecurity. While his 800-mile drive confirmed that the number of wireless networks is growing explosively, he also found that only a third used basic encryption - a key security measure. In fact, in nearly 40 percent of the networks not a single change had been made to the gear's wide-open default settings. http://www.washingtonpost.com/wp-dyn/articles/A5711-2004Jun1.html http://afr.com/articles/2004/05/31/1085855471324.html http://www.usatoday.com/tech/wireless/data/2004-05-30-wi-fi-security-holes_x.htm http://www.wired.com/news/wireless/0,1382,63667,00.html California protects wireless users http://www.cnn.com/2004/TECH/05/31/ca.cell.ap/index.html H.323 Mediated Voice over IP: Protocols, Vulnerabilities & Remediation http://www.securityfocus.com/infocus/1782 SonicWall zones in secure Wi-Fi access http://news.zdnet.co.uk/communications/wireless/0,39020348,39156405,00.htm - - - - - - - - - - When encryption can be misleading The trust that encryption generates can be deceptive, one researcher, a regular poster to the full-disclosure vulnerability mailing list, has discovered. Gadi Evron, an information security researcher based in Israel, generally signs his posts to the list with his PGP signature, due to the fact that his email address is constantly used by spammers. Anyone who wants to verify an signed email is actually from the person claiming to send it, can do so. http://www.smh.com.au/articles/2004/06/01/1086058836957.html - - - - - - - - - - Information Highway Patrol It's 11 a.m. -- do you know what your employees are doing? Well, you do if you're like the increasing number of employers that are concerned about the security of their computing environments as well as the productivity of their employees. In fact, nine out of 10 companies check up on their employees' online activities while they're at work, according to a recent survey of nearly 200 businesses conducted by the Center for Business Ethics at Bentley College in Waltham, Mass. That's because more and more liability risks and security threats are originating from inside organizations rather than outside. http://computerworld.com/securitytopics/security/story/0,10801,93471,00.html Vendors of products that monitor network and Internet use http://computerworld.com/securitytopics/security/story/0,10801,93446,00.html - - - - - - - - - - Messing with the hackers' heads For centuries, military organizations have relied on scouts to gather intelligence about the enemy. In the field of information security, few scouts have ever existed. Very few organizations today know who their enemies are, how they might attack, when they might attack, and, perhaps most important, why they attack. The Honeynet Project is changing this. http://www.theregister.co.uk/2004/06/01/messing_with_hackers_heads/ - - - - - - - - - - EU hands airline data to US European Community officials signed off a deal to transfer airline passenger data (passenger name records, PNR) to the US authorities last Friday. The controversial agreement goes into effect despite a vote by the European Parliament last month to refer the deal - which quite clearly breaches EU privacy legislation - to the European Court of Justice. By getting European foreign ministers to back the deal the Commission has pushed through the contentious proposals despite data privacy concerns. http://www.theregister.co.uk/2004/06/01/passenger_data_exchange/ Education systems unite on privacy http://www.fcw.com/fcw/articles/2004/0531/web-educ-06-01-04.asp *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.