NewsBits for August 4, 2004 ************************************************************ Three plead guilty to trying to hack into Lowe's computer Three Michigan men have pleaded guilty to charges that they conspired to hack into the national computer system of the Lowe's home improvement chain to steal credit card information, federal authorities said Wednesday. Under plea agreements, Brian Salcedo, Adam Botbyl and Paul Timmins pleaded guilty to just handful of the 16 charges each man originally faced, the U.S. Attorney's office said. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9320081.htm http://www.usatoday.com/tech/news/computersecurity/2004-08-04-lowes-hackers-guilty_x.htm - - - - - - - - - - 57 cuffed in UK anti-piracy crackdown UK anti-piracy investigators arrested 57 people last weekend in a nationwide crackdown targeting music, film and computer game piracy. Many of those arrested as part of Operation Zouk could face benefit fraud charges along with copyright offences 45 of those collared were on benefits. http://www.theregister.co.uk/2004/08/04/operation_zouk_piracy_crackdown/ - - - - - - - - - - Al-Qaeda computer whizz was top terror planner The Pakistani Al-Qaeda computer expert captured last month was one of the terror network's top planners with a five million dollar bounty on his head and had plotted to attack London's Heathrow airport, a senior security official said. Mohammad Naeem Noor Khan, 25, alias Abu Talha, arrested in the eastern city of Lahore on July 12, "is in the top hierarchy of Al-Qaeda's external operations wing," a security official closely involved in Pakistan's latest Al-Qaeda swoop told AFP. http://www.crime-research.org/news/04.08.2004/544/ - - - - - - - - - - Latest MyDoom hunts victims via Yahoo! Another new version of the MyDoom worm is spreading, and like last week's variant it uses Yahoo! as part of its infection routine. MyDoom-Q is similar to earlier MyDoom variants. It normally spreads via email, with a spoofed sending address and a variety of different subject lines. The body of an infected email contains random sentences, some of which refer to the attached Zip file that contains viral code. http://www.theregister.co.uk/2004/08/04/mydoom_targets_yahoo/ - - - - - - - - - - Google and Yahoo sued over gambling ads Major Web sites' advertisements for gambling are illegal in California, claims a lawsuit. Some gambling ads on Google, Yahoo and other major Web sites are illegal in California, according to a lawsuit filed on Tuesday. The 60-page filing, presented in San Francisco Superior Court, alleges that the companies sell rights to Web advertisements based on searches for terms such as "illegal gambling," "Internet gambling" and "California gambling." http://news.zdnet.co.uk/business/legal/0,39020651,39162562,00.htm - - - - - - - - - - FCC wants VoIP to include a back door for bugging Internet phone calls should be subject to the same type of law enforcement surveillance as cell and landline phones, federal regulators said Wednesday. The Federal Communications Commission voted for proposed rules that would require Internet service providers to ensure their equipment will allow police wiretaps. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9319855.htm http://news.com.com/Feds+back+Internet+wiretapping+rules/2100-7352_3-5296417.html http://www.msnbc.msn.com/id/5603020/ FCC rules on TiVo, wiretaps http://news.com.com/FCC+rules+on+TiVo%2C+wiretaps/2009-1030_3-5296770.html Ashcroft wins Internet wiretap system http://www.securityfocus.com/news/9263 - - - - - - - - - - 321 Studios Shuts Down Due to Legal Pressure 321 Studios, which argued that customers had a right to use its software to make back-up copies of their legally purchased games and movies, has been forced to shut down after several entertainment companies took the firm to court. 321 Studios produced products that disabled copy-protection code. http://www.newsfactor.com/story.xhtml?story_title=----Studios-Shuts-Down-Due-to-Legal-Pressure-&story_id=26170 http://www.wired.com/news/digiwood/0,1412,64453,00.html - - - - - - - - - - Phishing attacks up 20 percent in June Phishing attacks continue to escalate as the Internet population grows and people become more relaxed using their credit cards online. There were almost 1,500 unique phishing attacks in June, a monthly increase of 19 percent, according to a report published by the Anti-Phishing Working Group (APWG) on Wednesday. http://news.zdnet.co.uk/internet/security/0,39020375,39162684,00.htm Study: Phishing attacks up by 50% per month http://computerworld.com/securitytopics/security/story/0,10801,95029,00.html - - - - - - - - - - Fraudsters search Google for credit-card numbers Simple searches can reveal stolen card details, including names, addresses and phone numbers. Simple queries using the Google search engine can turn up a handful of sites that have posted credit card information to the Web, ZDNet UK sister site CNET News.com learned on Tuesday. http://news.zdnet.co.uk/internet/security/0,39020375,39162557,00.htm - - - - - - - - - - Cybersleuths track Dame Porters millions Computer forensics played an important role in Westminster City Councils fight to recover the PS36m surcharge imposed on Dame Shirley Porter for her role in the 1980s homes for votes scandal, it emerged this week. Evidence unearthed by forensics experts at Vogon International helped city law firm Stephenson Harwood in tracking Dame Porters assets. http://www.theregister.co.uk/2004/08/04/vogon_traces_porter_dosh/ - - - - - - - - - - Cyber Cops to Monitor Internet in Vietnam A new police unit will start cracking down on Internet criminals next month as communist Vietnam works to maintain control over its growing number of online users. The special unit, under the Ministry of Public Security, will focus on crimes such as credit card fraud, hacking, gambling and posting banned information online, the Vietnam News reported Wednesday. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9317648.htm http://www.cnn.com/2004/TECH/internet/08/04/vietnam.internet.reut/index.html - - - - - - - - - - The eye of Oracle's security storm David Litchfield, the UK security expert at the centre of the current Oracle security scare, sets the record straight. David Litchfield, managing director of UK security software firm Next-Generation Security Software, found himself in the eye of a media storm after he pointed out some security flaws in Oracle's core database software at the Black Hat Security Briefings in Las Vegas last week. http://insight.zdnet.co.uk/internet/security/0,39020457,39162578,00.htm Oracle promises to patch flaws quickly http://news.zdnet.co.uk/0,39020330,39162560,00.htm - - - - - - - - - - Clash between Linux and encryption 'inevitable' HP's top Linux executive says digital rights management, which uses encryption to protect content such as music and movies, is on a collision course with Linux. Widespread use of Linux and open-source software is an inevitability, but the new programming technique is running into troubles with the important new technology of digital rights management, Hewlett- Packard's top Linux executive said on Tuesday. http://news.zdnet.co.uk/internet/0,39020369,39162559,00.htm - - - - - - - - - - 9/11 report light on ID theft issues In a world where 10 million people a year can have their identity stolen, where pretending to be someone else is as easy as stealing a wallet, what good are traveler databases and terrorist watch lists? After all, they are easily foiled by impersonation. But in the nation's most comprehensive look yet at what went wrong on Sept. 11., and what can be done to prevent the next terrorist attack, identity theft gets scarce mention. Buried deep within the 9/11 commission report on about 10 pages, starting with page 393 are suggestions for dealing with the deeply connected problems of terrorism and identity fraud. http://msnbc.msn.com/id/5594385/ - - - - - - - - - - Fingerprinting Your Files "Hash" functions identify digital content with mathematical certaintybut is that enough to foil the hackers? Three cryptographers at Stanford University recently came up with a clever solution to the persistent problem of identity theft on the Internet. Wily hackers in Russia, China, and other countries send out piles of e-mail messages looking like they came from some financial institution such as Citibank or Paypal. Millions of consumers get these messages, which have embedded HTML links in them that take the unsuspecting recipient to look- alike websites run in faraway places. http://www.technologyreview.com/articles/04/08/wo_garfinkel080404.asp - - - - - - - - - - Deploying Network Access Quarantine Control (part 1 of 2) One of the easiest and arguably most prevalent ways for nefarious software or Internet users to creep onto your network is not through holes in your firewall, or brute force password attacks, or anything else that might occur at your corporate headquarters or campus. It's through your mobile users, when they try to connect to your business network while on the road. http://www.securityfocus.com/infocus/1794 - - - - - - - - - - Porno blog spam turns nasty Blog spamming is turning nasty. First spotted approximately a year ago, blog spam involves the automated posting of Web address onto weblogs or online discussion boards. Spam comments deposited using the technique include a link to a spamvertised website. The idea is not so much to get visitors to a spammed location to visit the promoted site but to increase its page rankings in Google. This, in turn, increases the prominence of the site in certain searches and therefore increases the likelihood that more visitors will visit a site. That's the theory anyway. http://www.theregister.co.uk/2004/08/04/porno_blog_spam/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.