NewsBits for July 19, 2004 ************************************************************ 'Deceptive Duo' hacker charged by U.S. government A 20-year-old man from Pleasant Hill, Calif., suspected of being a hacker and calling himself "the Deceptive Duo" was expected to face a U.S. magistrate judge today on charges that he hacked into government computers and defaced government Web sites. Robert Lyttle was indicted by a federal grand jury on Thursday, according to the U.S. attorney's office in Northern California. Lyttle has been charged with breaking into various government Web sites in April 2002, including sites for the Department of Defense's Defense Logistic Information Service (DLIS), the Office of Health Affairs (OHA) and NASA's Ames Research Center (ARC). http://computerworld.com/securitytopics/security/hacking/story/0,10801,94629,00.html http://news.com.com/California+man+charged+in+government+hacking/2100-7349_3-5273644.html http://www.theregister.co.uk/2004/07/19/feds_charge_hacker/ http://security.itworld.com/4368/040719deceptiveduo/page_1.html - - - - - - - - - - Oxford hackers face suspension Two students who hacked into Oxford University's computer system to prove it was insecure are facing disciplinary action. Two Oxford University students are facing suspension and a fine after they hacked into the University computer system to show just how easy it was to access supposedly secure personal details. http://news.zdnet.co.uk/internet/security/0,39020375,39161008,00.htm - - - - - - - - - - New York settles spam suit against e-mail marketer New York authorities Monday settled a lawsuit filed against an electronic mail marketer for allegedly sending unsolicited and deceptive ``spam'' messages on behalf of clients. New York Attorney General Eliot Spitzer said the marketer, Scott Richter, and his company, OptInRealBig.com, paid $40,000 in penalties and $10,000 in investigative costs under the agreement. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9194143.htm - - - - - - - - - - Contractors upgrading IRS computers put taxpayer data at risk Private contractors revamping IRS computers committed security violations that significantly increased the possibility that private taxpayer information might be disclosed, Treasury Department inspectors say. An investigation by the department's inspector general for tax administration found that employees working for contractors, or an experienced hacker, could use the contractors' computers to gain access to taxpayer data. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9191551.htm http://www.msnbc.msn.com/id/5462297/ http://www.wired.com/news/business/0,1367,64272,00.html - - - - - - - - - - Antivirus companies warn about Bagle.AG threat Antivirus companies are warning of another virulent new version of the Bagle e-mail worm, dubbed Bagle.AG. The new Bagle version was first detected Saturday and is very similar to earlier versions of the worm, which spread through shared file folders and in e-mail messages carrying the worm file as an attachment, according to advisories from Sophos PLC and McAfee Inc. McAfee rated the virus a "medium" threat, citing reports from several customers. http://computerworld.com/securitytopics/security/virus/story/0,10801,94626,00.html http://zdnet.com.com/2100-1105_2-5275408.html - - - - - - - - - - First Windows CE virus emerges A virus designed to demonstrate security holes in Microsoft Corp.'s Windows CE operating system but not to cause damage was identified by security companies over the weekend. The WinCE4.Duts.A virus (sometimes known as Dust) affects only devices running ARM Ltd. processors and infects Pocket PC PE files in the root directory, according to Bucharest-based Softwin SRL, which first reported the virus on Saturday. http://computerworld.com/securitytopics/security/story/0,10801,94621,00.html http://news.bbc.co.uk/1/hi/technology/3906823.stm http://www.theregister.co.uk/2004/07/19/pocketpc_virus/ - - - - - - - - - - Trojan Horse Spreads via Mass Spam Mailing Antivirus and e-mail security companies last week sent out warnings about a new Trojan horse program that they claim is being mass distributed on the Internet by means of spam. The program, called Backdoor-CGT, is a new form of a Trojan horse that's installed when users of Microsoft's Outlook e-mail program follow a Web link embedded in an e-mail message. The Trojan horse was believed to have infected thousands of systems even though antivirus software and up-to-date versions of Outlook are immune to attack, said Maksym Schipka, senior antivirus researcher at MessageLabs Ltd. in Gloucester, England. http://computerworld.com/securitytopics/security/holes/story/0,10801,94592,00.html - - - - - - - - - - Phoney Net contest 'winner' sued by bank An American woman is being sued for fraud by her bank after falling victim to an online scam. Prize money from an Internet contest turned out to have been a bad cheque, and the Cooperative Credit Union wants its money back. Jaclyn Swenson, 26, from Racine, Wisconsin thought she had won $13,000 in the first phase of an Internet-based contest. http://www.theregister.co.uk/2004/07/19/bank_sues_contest_winner/ - - - - - - - - - - Exposing click fraud Internet marketers facing higher advertising fees on search networks are becoming increasingly concerned about a form of online fraud that was thought to have been contained years ago. The practice, known as "click fraud," began in the early days of the Internet's mainstream popularity with programs that automatically surfed Web sites to increase traffic figures. This led companies to develop policing technologies touted as antidotes to the problem. But some marketing executives estimate that up to 20 percent of fees in certain advertising categories continue to be based on nonexistent consumers in today's search industry. http://zdnet.com.com/2100-1104_2-5273078.html - - - - - - - - - - E-voting rejected in Ohio Ohio Secretary of State J. Kenneth Blackwell on Friday barred officials in three counties from purchasing electronic voting machines after a second round of security testing showed that the systems still have an unacceptable level of security flaws. The decision blocks the deployment of e-voting systems from Diebold Election Systems in Hardin, Lorain and Trumbull counties. Thirty-one counties in Ohio have now postponed using e-voting systems until after the November presidential election. Seven counties, however, have already purchased paperless e-voting systems. http://computerworld.com/securitytopics/security/story/0,10801,94624,00.html - - - - - - - - - - Data tsar seeks anti-spam powers The information commissioner wants new powers to more rapidly halt UK-based spammers. Data watchdogs will get stronger powers to stop spammers this year if information commissioner Richard Thomas has his way. Thomas last week said he expects to be able to issue "stop now" orders against UK-based spammers from this autumn. http://www.vnunet.com/news/1156719 US junk fax war hots up http://www.theregister.co.uk/2004/07/19/us_junk_fax_wars/ - - - - - - - - - - Microsoft Patch Release Plugs Two Critical Holes Microsoft Corp. last week released seven security patches, two of which fix holes that the vendor deemed "critical" because they could allow remote attackers to take control of vulnerable Windows systems. The software updates include fixes for previously unknown holes in the Windows operating system, including critical holes in the Windows Task Scheduler and HTML help features. http://computerworld.com/securitytopics/security/holes/story/0,10801,94591,00.html - - - - - - - - - - Ukraine to protect children from porn Yesterday, the Ministry for Family, Children and Youth Affairs of Ukraine and the Ukrainian Union of Young People Deputies (UUYPD) in the frames of project for psychological protection of children introduced a new program "Cyber nanny" that will block entrance to porn websites. During a press conference devoted to this project presentation, First Deputy Chairman of UUYPD and project administrator Vadim Rudenko noted that the program is created to resolve problems of over saturation of amoral information on the Internet. http://www.crime-research.org/news/19.07.2004/498/ - - - - - - - - - - Big companies employing snoopers for staff email Large companies are now so concerned about the contents of the electronic communications leaving their offices that they're employing staff to read employees' outgoing emails. According to research from Forrester Consulting, 44 per cent of large corporations in the US now pay someone to monitor and snoop on what's in the company's outgoing mail, with 48 per cent actually regularly auditing email content. http://management.silicon.com/government/0,39024677,39122384,00.htm - - - - - - - - - - Intel joins Liberty Alliance Intel and Oracle are among six companies and organisations which have decided to join the Liberty Alliance - an open standards body with 157 active organisation members. The Alliance sets specifications and certifies standards to allow for secure and safe online identification to improve security and interoperability. It was launched in 2002 partly to counter Passport - the proprietary sign-on software from Microsoft. http://www.theregister.co.uk/2004/07/19/liberty_grows/ - - - - - - - - - - Secure move for handsets Chip designer ARM intends to build a safety zone for trusted handset software. Wireless devices are set to gain better security following chip maker ARM's new agreement to work with Trusted Logic on software support for TrustZone technology in mobile chips. TrustZone isolates security-critical code from other applications. Such partitioning stops malicious code from compromising security by overwriting encryption keys, for example. http://www.vnunet.com/news/1156721 - - - - - - - - - - iPass Orchestration enforces security policy Remote workers should have to adhere to security policies before being allowed access to corporate networks, says iPass. Remote access specialist iPass has launched a service to provide secure links between remote users and corporate networks and ensure only mobile devices that comply with company security policies can gain full access. http://news.zdnet.co.uk/internet/security/0,39020375,39161011,00.htm - - - - - - - - - - The Pied Piper Syndrome Making electronic voting terminals more like slot machines won't keep elections secure from tampering. There is a children's day care facility in my area called "The Pied Piper." Apparently, many people around here don't have a problem with that. Presumably they consider the fairy ale of a stranger saving a town by leading away rats via dance and melody, and think it worthy criterion by which to base the name of such an operation. http://www.securityfocus.com/columnists/255 E-voting verification pilot planned in fall http://www.gcn.com/vol1_no1/daily-updates/26640-1.html - - - - - - - - - - Deconstructing the spyware face-off Until very recently, technology firms have enjoyed the rare ability to get their way on Capitol Hill. Thanks to skillful lobbying and bipartisan political schmoozing, America's high-technology industry can point to a handsome number of legislative victories, like the R&D tax credit, more H-1B visas, restrictions on Internet access taxes, free trade with China, and curbs on lawsuits arising from the Year 2000 computer bug. http://news.com.com/2010-1028-5273059.html - - - - - - - - - - Protecting the Data Jewels: Valuable Customer Lists In the casino industry, one of the most valuable assets is the dossier that casinos keep on their affluent customers, the high rollers. But last year, casino operator Harrah's Entertainment Inc. filed a lawsuit in Placer County, Calif., Superior Court charging that a former employee had copied the records of up to 450 wealthy customers before leaving the company to work at competitor Thunder Valley Casino in Lincoln, Calif. The complaint said the employee was seen printing the list -- which included names, contact information and credit and account histories -- from a Harrah's database. It also alleged that he tried to lure those players to Thunder Valley. The employee denies the charge of stealing Harrah's trade secrets, and the case is still pending, but many similar cases have been filed in the past 20 years, legal experts say. http://computerworld.com/securitytopics/security/story/0,10801,94540,00.html - - - - - - - - - - The Real Risks We live in an age of terror and often indiscriminate fear. Policymakers and the media alike scream about weapons of mass destruction, lumping together nuclear weapons that can level cities, bioweapons that could exterminate the human race and chemical weapons that are little more than glorified World War I technology. Pronouncements about information security threats can be equally misleading. Some attacks could destroy your company, but others are no more than a nuisance. So let's step back, consider the classes of security threats and see what kinds of safeguards make sense. http://computerworld.com/securitytopics/security/story/0,10801,94550,00.html - - - - - - - - - - The End of E-mail Has it happened to you? Your phone rings, and a business contact asks whether you received his e-mail. You say no. You check your spam filter, and there it is. Or, you send an important document electronically to a colleague who calls you later and asks you to fax it because his network no longer accepts attachments. For many of us, these time-wasting events are now happening daily. http://computerworld.com/securitytopics/security/virus/story/0,10801,94556,00.html - - - - - - - - - - Packet Crafting for Firewall & IDS Audits (Part 2 of 2) This is the second of a two-part article series that discusses various methods of testing the integrity of your firewall and IDS, using low-level TCP/IP packet crafting tools and techniques. Part one showed several examples that tested a firewall (port 80 TCP, and port 53, UDP) using tools like hping and tcpdump. We will now continue the discussion with a third test of the firewall, using the same tools as noted above, and then move on to test your IDS signatures and detection ability. http://www.securityfocus.com/infocus/1791 - - - - - - - - - - Child-abduction alerts to extend to e-mail, mobile devices A new technology debuting in 12 states will significantly extend Amber alerts, reaching cell phones, e-mail and handheld computers, and could also be used to transmit weather and terrorism alerts. ``It might not be the all-alert system, but the backbone is going to be there,'' said Chris Warner, president of E2C in Scottsdale, Ariz., which led the system's development. ``Homeland Security could take it right over.'' http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9192088.htm http://www.usatoday.com/tech/news/surveillance/2004-07-19-amber-alert_x.htm - - - - - - - - - - L.A. police want to expand video camera 'virtual patrols' The Police Department wants to expand video camera ``virtual patrols,'' citing a 45 percent drop in crime at MacArthur Park near downtown where cameras were installed as part of a pilot project. ``Basically, what you can do is virtual policing,'' Assistant Chief George Gascon said. ``You can monitor a significant number of areas without having to have an officer at each scene.'' http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9192514.htm - - - - - - - - - - Half of credit card problems are Web related This week, the Investors Chronicle (IC) reports that problems are being reported with 50 per cent of Internet credit card transactions. Obviously interested, this Register reporter went digging for more details. A phone call or two later, it transpired that not only had the IC got the wrong end of the statistic - Visa actually found that 47 per cent of all problems being reported were Internet related, which is kinda different - but the financial reference mag was quoting data from a nine month old survey. http://www.theregister.co.uk/1999/07/19/half_of_credit_card_problems/ - - - - - - - - - - Microsoft developer hoax backfires A hoax perpetrated by senior Microsoft technical staff has backfired, after Microsoft Watch's Mary Jo Foley rumbled the prank. Staff led by middleware guru Don Box "invented" a new business process language called BML that was part of a project called Boa. Microsoft has unleashed over 1,400 bloggers, hoping that their emergent hive mind will speed the next version of Windows, Longhorn, to release. http://www.theregister.co.uk/2004/07/19/microsoft_blog_hoax_backfire/ - - - - - - - - - - 419ers morph into Murder Incorporated It's easy to dismiss Nigerian 419 advance fee fraudsters as a bunch of chancers who prey on the gullible and the greedy and occasionally get lucky. After all, a fool and his money are soon parted, and the victims of these scams have brought financial misfortune on themselves, isn't that right? However, reader BW has just received a particularly nasty piece of work with the Lads from Lagos written all over it. http://www.theregister.co.uk/2004/07/19/419ers_murder_incorporated/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.