NewsBits for August 3, 2004 ************************************************************ Ukraine: Hackers arrested Officers of the Dniepropetrovsk Department of the Security Service of Ukraine arrested two malefactors who allegedly attempted to steal big money, committed a series of illegal financial operations using the Internet, the Security Service press center informed. http://www.crime-research.org/news/03.08.2004/540/ - - - - - - - - - - Jewelry Designer Arraigned On Child Porn, Drug Charges A costume jewelry designer who has his own boutique at Bergdorf Goodman was arraigned Tuesday on child pornography and drug charges. Clive Kandel, 53, pleaded not guilty to a 14-count indictment that accused him of having pornographic images of pre- teen children on his home computer and of possessing cocaine and marijuana at his Upper East Side apartment. Kandel was arrested in November 2003 after he had shown another person several pictures of child pornography days earlier, Barbara Thompson, the Manhattan district attorney's spokeswoman, said. That person reported seeing the images, she said. http://www.wnbc.com/news/3610796/detail.html - - - - - - - - - - Hackarmy sinks to new low with kidnap hoax Trojan masquerades as 'evidence' that US beheading victim Nick Berg still alive. The people behind the recent Hackarmy Trojan attacks have sunk to a new low in their bid to hijack people's PCs, claims security firm Sophos. Hackarmy has been posting messages to newsgroups to entice users to click on files that will infect their PCs with a Trojan programme, thus allowing hackers to hijack the infected PC. Compromised PCs can be used to launch denial of service attacks or to steal personal information. http://www.vnunet.com/news/1157070 http://news.bbc.co.uk/2/hi/technology/3531252.stm http://www.theregister.co.uk/2004/08/03/trojan_poses_as_berg_video/ - - - - - - - - - - Kerry donors targeted by fake e-mail In a world awash in fake e-mails designed to steal personal information, it was probably inevitable. This weekend, researchers discovered a near perfect imitation of a recent solicitation sent by the Kerry- Edwards campaign. The notice was a hoax, sending users off to a Web site controlled by a computer hacker. The e-mail appears to come from John Kerry's brother, Cam. http://msnbc.msn.com/id/5581739/ - - - - - - - - - - Recording industry sues Iowa couple for illegal downloads A pair of teenagers downloading songs by artists ranging from OutKast to Billy Joel through an Internet file-sharing service could cost their bewildered parents up to $4,000. "I had no clue," Sandy Nauman, a registered nurse from Des Moines, said Monday. Nauman and her husband, Richard, have been sued in federal court by the Recording Industry Association of America even though Nauman said neither of them could retrieve a song from the Internetto save their lives http://www.usatoday.com/tech/news/2004-08-03-more-riaa-targets_x.htm - - - - - - - - - - ACLU sues to block Michigan's use of Matrix database The American Civil Liberties Union and a former Michigan governor are suing to halt the Michigan State Police's participation in a multistate crime and terrorism database, saying the agency is illegally sharing information about individuals. Thelawsuit against the federally funded Multistate Anti-Terrorism Information Exchange -- ``Matrix'' for short -- was filed late Monday in Wayne County Circuit Court on behalf of the ACLU and three individuals, including former Republican Gov. William Milliken. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9310994.htm - - - - - - - - - - Symantec sued for labeling product 'adware' A small San Diego software company is suing Symantec, claiming that the computer security giant is driving away business by unfairly lumping it in with spyware distributors. TrekEight (which variably refers to itself also as "Trek8," "TrekData" and "TrekBlue") makes a product called Spyware Nuker, which it advertises as a tool for identifying and removing spyware on computer hard drives. But Symantec's Web site and Norton AntiVirus software has for months been identifying TrekEight's software as a potentially damaging piece of "adware." http://zdnet.com.com/2100-1104_2-5293992.html - - - - - - - - - - Viagra maker cracks down on counterfeit Net sales Pfizer, the maker of Viagra, has launched a legal battle against dozens of online pharmacies that sell counterfeit or illegal generic versions of its drug. The company on Tuesday also announced an advertising campaign to educate consumers on how to avoid deceptive Web sites, safely purchase Viagra online, and minimize Viagra-related spam. http://news.com.com/Viagra+maker+cracks+down+on+counterfeit+Net+sales/2100-1038_3-5295030.html http://www.wired.com/news/business/0,1367,64448,00.html http://www.usatoday.com/tech/news/2004-08-03-pfizer-fake-viagra_x.htm - - - - - - - - - - Singapore holds computer hacking contest to find city-state's top code cracker Singapore said Tuesday it would organize a contest to find the tech-savvy city-state's best computer hacker. Six pairs will compete in the Aug. 20 "BlackOPS: HackAttack Challenge 2004," organized by the government-funded National Infocomm Competency Center, said its marketing manager Yvonne Choo. They will "penetrate, exploit, gain access and obtain privileged information from the other teams' servers, for the purpose of corporate espionage," the center said on its Web site. http://www.securityfocus.com/news/9253 http://www.usatoday.com/tech/news/2004-08-03-singapore-hackers_x.htm - - - - - - - - - - Oracle software 'riddled with security holes' Surrey-based Next Generation Security Software is reported to have discovered dozens of flaws in Oracle's flagship database software. A UK company has reportedly discovered over 30 vulnerabilities in current and previous versions of Oracle's database applications. The flaws will allow hackers to change or steal sensitive data, according to an article in the Wall Street Journal on Tuesday. http://news.zdnet.co.uk/internet/security/0,39020375,39162426,00.htm http://www.vnunet.com/news/1157053 http://computerworld.com/securitytopics/security/holes/story/0,10801,95013,00.html Oracle database flaws affect virtually all financial transactions http://news.zdnet.co.uk/internet/security/0,39020375,39162536,00.htm - - - - - - - - - - Year-old Bluetooth vulnerability invites mobile worm Mobile phone manufacturers are addressing a security vulnerability that could allow an MSBlast-type worm to spread between Bluetooth devices. For the past year, mobile phone vendors have been trying to fix several Bluetooth security vulnerabilities that could allow hackers to create an MSBlast-type worm that spreads from handset to handset without any user intervention. http://news.zdnet.co.uk/business/legal/0,39020651,39162400,00.htm - - - - - - - - - - Anti-identity theft freeze gaining momentum Little by little, a weapon against identity theft is gaining currency -- but few people know about it.It's called the security freeze, and it lets individuals block access to their credit reports until they personally unlock the files by contacting the credit bureaus and providing a PIN code. http://www.cnn.com/2004/TECH/biztech/08/03/security.freeze.ap/index.html - - - - - - - - - - Security spending to hit high in 2005 Next year will be the high mark in corporate IT security spending, after which spending will drop to around 5% of IT budgets, says Gartner analyst Rich Mogull. The reason for this will be because corporations would have to build more secure networks to protect the enterprise, Mogull said during his presentation at the Gartner Symposium/ ITxpo Africa being held in Cape Town this week. http://www.itweb.co.za/sections/business/2004/0408031150.asp - - - - - - - - - - Cyberterror impact, defense under scrutiny A terrorist threat is out there and not just against physical structures. A coordinated cyberattack against the USA could topple parts of the Internet, silence communications and commerce, and paralyze federal agencies and businesses, government officials and security experts warn. http://www.usatoday.com/tech/news/2004-08-02-cyber-terror_x.htm - - - - - - - - - - Child porn The question of what constitutes child pornography is extraordinarily complex. Standards that are applied in each society or country are highly subjective and are contingent upon differing moral, cultural, sexual, social, and religious beliefs that do not readily translate into law. Even if we confine ourselves to a legal definition of child pornography, the concept is elusive. Legal definitions of both "child" and "child pornography" differ globally and may differ even among legal jurisdictions within the same country. http://www.crime-research.org/news/03.08.2004/537/ - - - - - - - - - - Wi-Fi 'sniper rifle' debuts at DEFCON Conventional Wi-Fi aerials are all well and good but they don't really cut it if you want to impress fellow hackers and scare the general populace. Forget a modified Pringles can - what you really need at somewhere like last weekend's DEFCON shindig is something that looks like an M-16 but with its firing mechanism replaced by a 14.6 dBi Yagi antenna that can get you online at up to 10 miles (16.1 km). http://www.theregister.co.uk/2004/08/03/wi-fi_aerial_gun/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.