NewsBits for September 16, 2004 ************************************************************ Feds say Lamo inspired other hackers The final act in the saga of Adrian Lamo's hacking adventures ended with a contrite message from the once brash cyber outlaw, and a grim denunciation from his prosecutor, who blamed the hacker for inspiring other computer intruders. In a hearing in New York last July, Lamo, 23, was sentenced to six months of house arrest followed by two years probation, and ordered to pay $65 thousand in restitution, for intruding into the New York Times' internal network and conducting thousands of database searches using the newspaper's Lexis-Nexis account. http://www.securityfocus.com/news/9520 - - - - - - - - - - Teacher Accused in FBI Internet Sting A South Philadelphia elementary school teacher has been caught in a federal internet sting. The charge is trying to lure an underage girl for sex. What clearly concerns everyone is the accuser's occupation, as a computer lab teacher he would have contact with lots of real world kids. His alleged crime involved cyberspace, an apparent effort to lure an undercover FBI agent who was posing as a very young teenage girl. http://abclocal.go.com/wpvi/news/091504_nw_fbisting-Rosenberg.html - - - - - - - - - - Security scandal prompts shake-up, firings The Energy Departments Los Alamos National Laboratory has overhauled the way it keeps track of classified removable electronic media, fired four employees, pressured another to resign and disciplined seven more as a result of its inquiry into security breaches that became public in July. Los Alamos managers cleared 10 of the 23 employees they had placed on administrative leave in July and another employee remains on paid investigatory leave. http://www.gcn.com/vol1_no1/daily-updates/27318-1.html http://www.fcw.com/fcw/articles/2004/0913/web-losalamos-09-16-04.asp http://www.wired.com/news/privacy/0,1848,64973,00.html - - - - - - - - - - Chip and PIN intro fuels mini-boom in card crime The mass replacement of credit and debit cards with the UK roll-out of Chip and PIN is fuelling a 'mini-boom' in card crime, The Guardian reports. Crooks are intercepting replacement cards in the post and using them to commit fraudulent transactions. Often, bank cards users are not expecting to receive new cards, so they won't realise anything is amiss until they receive their monthly statements. http://www.theregister.co.uk/2004/09/16/chip_pin_crime_wave/ - - - - - - - - - - Google Search Reveals Credit-Card Numbers Think your personal information is safe from ctber-criminals? A simple Google search lays bare dozens of credit-card numbers and other personal information. Most is found on the sites of small businesses that may not be familiar with the risks to which they are exposing their customers. http://crm-daily.newsfactor.com/story.xhtml?story_title=Google-Search-Reveals-Credit-Card-Numbers&story_id=26967 - - - - - - - - - - Mozilla fixes 10 security flaws The three most serious flaws, fixed in new releases of Mozilla and Firefox, could let an attacker run code on the victim's computer. The latest releases of the Mozilla and Firefox browsers, along with the Thunderbird email software, fix 10 security issues, including three critical vulnerabilities, according to the Mozilla Foundation, which develops the software. http://news.zdnet.co.uk/internet/security/0,39020375,39166827,00.htm - - - - - - - - - - Group Seeks Ways to Prosecute Cybercrime Governments and private sector officials from around the world sought ways Thursday to jointly combat cybercrime, whose growth mirrors the phenomenal rise of the Internet's popularity. At a conference organized by the Council of Europe, delegates from Europe, the United States, Australia and China digested new data pointing to an increasing problem of global proportions: How can national law stop those who commit fraud, spread racism, steal credit card numbers or sell child pornography worldwide, nonstop and just about anonymously? http://www.newsday.com/news/nationworld/world/wire/sns-ap-europe-cybercrime,0,1886178.story - - - - - - - - - - New MyDoom offers 'how to' details A new version of the Internet worm MyDoom includes a photo of suspected Netsky worm writer Sven Jaschan and a description of the worm itself. In the latest bizarre twist in the worm's development, authors included a detailed account of what MyDoom.Y does and how it works. This particular tactic has left antivirus vendors baffled. http://news.com.com/New+MyDoom+offers+%27how+to%27+details/2100-7349_3-5369473.html http://news.zdnet.com/2100-1009_22-5369473.html MyDoom.Y baffles antivirus firms http://news.zdnet.co.uk/internet/security/0,39020375,39166836,00.htm - - - - - - - - - - Freegate is not Trojan horse, says Symantec Symantec is to stop classifying a software utility that enables Chinese surfers to view blocked websites as a Trojan horse. The reassessment follows stories earlier this week questioning the designation of the widely-used Freegate programas malicious code. Freegate has 200,000 users, Dynamic Internet Technology (DIT), its developer, estimates. http://www.theregister.co.uk/2004/09/16/symantec_relabels_freegate/ - - - - - - - - - - E-crime: call for a united front Cyber criminals could be slipping through the fingers of investigators due to a lack of co-operation between police and corporate cyber sleuths, warns an e-crime researcher. Quick police access to privately owned infrastructure in order to chase online felons is just one issue still to be resolved, says Shane McKenzie. http://www.theage.com.au/articles/2004/09/13/1094927496692.html - - - - - - - - - - COTS will never meet Defense security needs Commercial-off-the-shelf software and hardware will never be able to meet the IT security needs of the Defense Department, because corporations cant make the business case to strengthen their commercial products to the level needed, according to Dr. Linton Wells II, acting assistant secretary of Defense, networks and information integration, Office of the Secretary of Defense. http://www.gcn.com/vol1_no1/daily-updates/27314-1.html - - - - - - - - - - Microsoft tells music biz to 'back lock-down CD standard' Microsoft is attempting to force a last-minute pact with record labels over the future of copy-protected CDs, according to a letter seen by MusicAlly. The allegedly leaked document is purportedly from Alain Levy and David Munns of EMI via Tom Silverman of Tommy Boy Records, who was asked "to reach out to the independent sector to achieve quick consensus on this issue [and] report back to Microsoft." http://www.theregister.co.uk/2004/09/16/ms_cd_copy_protection/ EarthLink tests file-sharing program http://news.com.com/EarthLink+tests+file-sharing+program/2100-1032_3-5369839.html - - - - - - - - - - Small businesses crying out for help with security SMEs are tech buyers too - and according to analysts, when they get their credit cards out, they're most likely to spend their cash on web hosting and consulting on networks and security. According to analyst IDC, it's particularly those in the medium-sized bracket - between 100 and 999 - that are eyeing up IT services with increasing interest. The analysts also found that while they have less money to spend than their corporate counterparts, the SME segment tends to have big plans for IT services and a budget set aside to pay for them. http://management.silicon.com/smedirector/0,39024679,39124021,00.htm - - - - - - - - - - IBM protects passwords with PC chip Big Blue will be the first computer maker to use National Semiconductor's SafeKeeper Trusted I/O Device, which stores a computer's identity in silicon, making it harder for outsiders to access, the companies announced Thursday. It's adding the technology as part of an upgraded input-output chip, which is a secondary PC chip that shuttles data from various parts of a PC. http://news.com.com/IBM+protects+passwords+with+PC+chip/2100-1029_3-5368442.html - - - - - - - - - - Fighting terrorism propaganda on the Internet In dramatical September days where all the country were stuck to TV, radio and news portals, people time and again asked heartily where were these greatly praised "Russian hackers"? Why could not they just deface terrorist websites? Let's try to answer. Firstly, computer hacking is a tool of a criminal, not defender. Civilized world should not resort to illegal means, in order not to stand in one row with barbarians. It is a well-known and very popular principle nowadays. http://www.crime-research.org/news/16.09.2004/636/ - - - - - - - - - - Protect us from smut, whimper trembling workers UK workers are delicate flowers, to be sure. According to a survey by antivirus outfit Sophos, more than half of 1,000 shocked employees polled reckon their bosses must take responsibility in ensuring that "violent, pornographic and other offensive content" does not reach their inboxes. This spam tsunami not only unsettles the nervous, but also "wastes valuable time and network resources, resulting in a significant loss of revenue for businesses". Sophos estimates that 50 per cent of all email is spam, and this figure is set to rise. http://www.theregister.co.uk/2004/09/16/bosses_fight_lewdity/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.