NewsBits for September 22, 2004 ************************************************************ Credit card firm hit by DDoS attack Credit card processing firm Authorize.Net has been the target of an "intermittent" and "large scale" distributed denial-of-service attack since last Wednesday that has resulted in "periodic disruptions" of service for some customers. Bellevue, Wash.-based Authorize.Net is owned by Burlington, Mass.-based Lightbridge Inc. and provides payment processing services for more than 91,000 small to medium-size e-commerce firms. http://computerworld.com/securitytopics/security/cybercrime/story/0,10801,96099,00.html http://www.wired.com/news/infostructure/0,1377,65039,00.html http://news.com.com/Attacks+disrupt+some+credit+card+transactions/2100-7349_3-5378217.html - - - - - - - - - - Virus knocks out Colorado DMV systems A computer virus has knocked out computer systems at the Colorado Division of Motor Vehicle offices, according to a spokeswoman for the agency. As a result, no documents, identification cards or driver's licenses are expected to be issued until at least Monday, according to DMV spokeswoman Diane Reimer. Reimer said the problem showed up at about 2:30 p.m. local time on Friday. http://computerworld.com/securitytopics/security/virus/story/0,10801,96095,00.html http://www.sophos.com/virusinfo/articles/denverdriver.html - - - - - - - - - - McSoftware pirate jailed for nine months A Scottish man who pirated computer software valued at an estimated PS750,000 was this week jailed for nine months. Brendan Timoney, 40, of the village of Coatbridge, in north Lanarkshire, central Scotland, pleaded guilty to three of eight charges he originally faced at Airdrie Sheriff Court, the Glasgow Evening Times reports. Timoney was selling illegal Adobe and Microsoft software. http://www.theregister.co.uk/2004/09/22/mcpirate_jailed/ - - - - - - - - - - Schwarzenegger signs some tech bills, vetoes others Gov. Arnold Schwarzenegger signed a bill to discourage pirating of music and motion pictures through the Internet, as well as a measure by Senate Minority Leader Dick Ackerman, R-Fullerton, that makes it a misdemeanor to secretly film or photograph someone in a state of undress. http://www.usatoday.com/tech/news/techpolicy/2004-09-21-calif-grab-bag_x.htm House may vote on spyware bill next week http://www.msnbc.msn.com/id/6073581/ - - - - - - - - - - Justice official defends PATRIOT Act A high-ranking Justice Department official defended provisions in the anti-terrorism law known as the USA PATRIOT Act at a Senate Judiciary hearing Wednesday, saying that "sneak and peek warrants" and library records searches are rarely used but are absolutely necessary. http://www.govexec.com/dailyfed/0904/092204dp2.htm - - - - - - - - - - House targets fraudulent Web site registration The U.S. House of Representatives on Tuesday approved a bill that would increase jail time for identity thieves and Web users who register sites under false identities. The bill, which passed by voice vote, would not directly outlaw the use of fraudulent registration information. http://news.zdnet.com/2100-1009_22-5376656.html - - - - - - - - - - House backs crackdown on video voyeurs Calling video voyeurism the new frontier of stalking, the House on Tuesday approved legislation to make it a crime to secretly photograph or videotape people, often for lascivious purposes. Under the legislation passed by voice vote, video voyeurism on federal lands would be punishable by a fine of not more than $100,000 or imprisonment for up to one year, or both. http://www.usatoday.com/tech/news/techpolicy/ethics/2004-09-22-house-no-peeking_x.htm http://www.cnn.com/2004/TECH/09/22/video.voyeurs.ap/index.html - - - - - - - - - - Fraudsters take advantage of chip-and-PIN rollout Fraud from new credit cards being sent to customers in the mail and intercepted by fraudsters soared 51 per cent over the last year, as criminals took advantage of the high volume of chip-and-PIN cards being mailed out to consumers. http://www.vnunet.com/news/1158251 - - - - - - - - - - Officials warn of records hoax Don't fall for an Internet hoax that tries to convince veterans that the National Personnel Records Center (NPRC) plans to destroy all paper military records. That's the message from Scott Levins, assistant director of military records at NPRC, a St. Louis- based division of the National Archives and Records Administration, who debunked the official-looking fake message circulating via e-mail and on veterans-related Web sites. http://www.fcw.com/fcw/articles/2004/0920/web-vethoax-09-22-04.asp - - - - - - - - - - Click here to become infected Users should be wary of pressing the 'click here to remove' link on spam messages because it serves to confirm to spammers that junk mail messages are being read. Such email addresses can be sold at a premium to other spammers. That's reason enough to simply delete spam messages, but a junk mail message doing the rounds today provides an even more compelling reason. Selecting the 'click here to remove' link on messages blocked by MessageLabs today triggers an attempt to load malicious code onto potentially vulnerable Windows PC. http://www.theregister.co.uk/2004/09/22/opt-out_exploit/ - - - - - - - - - - Ireland bars South Pacific in rogue dialler crackdown Ireland is to block direct dialling to 13 countries, mostly in the South Pacific, to combat the growing menace of rogue autodiallers. The ban comes into force on 4 October. Rogue diallers change the number used in dial-up connections to an expensive international number. Sometimes users are offered access to porn sites in return for changing their internet access numbers to whatturns out be premium rate or international numbers. More often changes in dial-up numbers are carried out surreptitiously using malicious code. http://www.theregister.co.uk/2004/09/22/ireland_rogue_dialler_crackdown/ http://www.newsfactor.com/story.xhtml?story_title=Ireland-Launches-Crackdown-on-Internet-Scams&story_id=27119 http://news.com.com/Ireland+launches+phone+fraud+crackdown/2100-1036_3-5377387.html - - - - - - - - - - Activists Find More E-Vote Flaws Voting activist Bev Harris and a computer scientist say they found more vulnerabilities in an electronic voting system made by Diebold Election Systems, weaknesses that could allow someone to alter votes in the election this November. Diebold said Harris' claims are without merit and that if anyone did manage to change votes, a series of checks and balances that election officials perform at the end of an election would detect the changes. http://www.wired.com/news/evote/0,2645,65031,00.html http://news.com.com/E-voting+critics+report+new+flaws/2100-1028_3-5378199.html U.S. Absentee Voting Site Proves Too Secure http://www.latimes.com/technology/la-na-pentagon22sep22,1,5878831.story Pentagon may lift voting site blockade http://news.zdnet.com/2100-1009_22-5376044.html - - - - - - - - - - New technology increases threats New technologies will make existing information security measures obsolete over the next five years, according to analyst Gartner. And an increase in IT outsourcing will be one of the biggest challenges for chief security officers, who will have to find new ways to safeguard networks, develop data privacy guidelines and protect intellectual property. http://www.vnunet.com/news/1158271 - - - - - - - - - - Code to exploit Windows graphics flaw now public A sample program hit the Internet on Wednesday, showing by example how malicious coders could compromise Windows computers by using a flaw in the handling of a widespread graphics format by Microsoft's software. http://news.com.com/Code+to+exploit+Windows+graphics+flaw+now+public/2100-1002_3-5378260.html - - - - - - - - - - Microsoft releases VPN patch for SP2 Microsoft has published the patch through its Web site. It fixes a problem that installing XP SP2 creates with VPNs and can be downloaded here. http://news.zdnet.co.uk/software/windows/0,39020396,39167556,00.htm - - - - - - - - - - Security experts give charities a hand The Information Systems Security Association (ISSA) is embarking on a mission to help charities by offering its expertise in security and auditing to those who are struggling to meet compliance regulations. http://news.zdnet.co.uk/internet/security/0,39020375,39167558,00.htm - - - - - - - - - - DHS expands biometric use Biometric programs should be expanded to fight terrorism and crime, a Homeland Security Department official said today. However, privacy protections should be kept in mind during that effort, said Asa Hutchinson, DHS' undersecretary for border and transportation security. Hutchinson spoke at the Biometric Consortium Conference in Arlington, Va. http://www.fcw.com/fcw/articles/2004/0920/web-asa-09-22-04.asp http://www.gcn.com/vol1_no1/daily-updates/27389-1.html - - - - - - - - - - IPass gets onboard with train Wi-Fi Network aggregator iPass, which gives access to multiple networks through one account, has added Broadreach to its service. IPass teamed up with Wi-Fi operator Broadreach on Wednesday, adding another section of the UK's public Internet access market to its 'global broadband roaming' network. http://news.zdnet.co.uk/communications/wireless/0,39020348,39167450,00.htm Mini WiFi locator locks in on networks http://www.msnbc.msn.com/id/6072905/ - - - - - - - - - - Internet has become the most vulnerable ever A threat of terrorism on the Internet appeared to be more serious than it was expected to be; displays of terrorism unbelievably extended because of the global distribution of the Internet. Dale Watson says, the threat lies not only in breaks into closed information systems of state authorities to access data bases or secret information due to special services that quite successfully counteract to similar attempts. The greatest danger is in breaks into open sites and computer networks. http://www.crime-research.org/news/22.09.2004/644/ - - - - - - - - - - Keeping tab on teens, by cellphone Within months, phones equipped with global positioning systems will let parents 'watch' their teens over the Internet -- and even tell how fast they are driving. As Misty Harris reports, even the manufacturer admits teenagers won't like it. http://www.canada.com/technology/story.html?id=4b95f868-15e0-402d-97d2-20c417a8a48d Bosses to track workers via their mobiles http://news.zdnet.co.uk/0,39020330,39167557,00.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.