NewsBits for September 24, 2004 ************************************************************ A man admits hacking into computers of high tech company According to the Plea Agreement, Mr. Erfurt admitted that, on January 23 and 24, 2003, he hacked into the computer system of MESC by using a computer from his workplace at a separate company in Irvine, California. Mr. Erfurt had previously served as the Information Technology Manager and then as Network Manager for MESC. After gaining unauthorized access to MESC's computer system, Mr. Erfurt admitted that he downloaded a proprietary database, read the e-mail account of the company president, and deleted data from the servers. http://www.crime-research.org/news/24.09.2004/646/ - - - - - - - - - - Four Los Alamos lab workers fired over security, safety lapses Four laboratory workers were fired from their jobs at the Los Alamos National Laboratory because of their roles in several recent security and safety incidents in the facility. One other worker resigned in lieu of being fired, while seven other workers faced disciplinary actions, including demotions, pay cuts and suspensions or reprimands, according to Kevin Roark, a spokesman for the New Mexico- based facility. Another 10 workers who were under investigation in connection with the problems have returned to their jobs after being cleared of wrongdoing, according to Roark. One employee remains on paid leave. http://computerworld.com/securitytopics/security/story/0,10801,96169,00.html - - - - - - - - - - Hackers use Google to access photocopiers Making copies of something important? Photocopiers are the latest networked devices to fall prey to hackers armed with nothing more than Google's search engine. Hackers are using search engines to watch what people photocopy. Using Google hacks -- requests typed into the search engine that bring up cached information on networks -- hackers are discovering and using login details for networked photocopiers so they can watch what is being copied. http://news.zdnet.co.uk/internet/security/0,39020375,39167848,00.htm - - - - - - - - - - Google conforms to Chinese censorship Google's recently launched news service in China doesn't display results from Web sites blocked by that country's authorities, raising prickly questions for an online search engine that has famously promised to "do no evil."Dynamic Internet Technology Inc., a research firm striving to defeat online censorship, conducted tests that found Google omits results from the government- banned sites if search requests are made through computers connecting to the Internet in China. http://www.usatoday.com/tech/world/2004-09-24-google-in-china_x.htm - - - - - - - - - - FDIC warns consumers on e-mail scams Banking agency warns of 'phish' schemes. The FDIC Friday issued an alert about an increasingly common e-mail scam designed to steal personal information and money from millions of unwary consumers. The Federal Deposit Insurance Corp. (FDIC), perhaps best known as an insurer of bank deposits, issued its warning about so-called "phishing" eight months after criminals began misappropriating its name and reputation to perpetrate e-mail fraud. http://msnbc.msn.com/id/6091951/ Invasion of the identity snatchers http://www.theregister.co.uk/2004/09/24/identity_snatchers/ Credit card leaks continue at furious pace http://msnbc.msn.com/id/6030057/ - - - - - - - - - - Speedy cybersecurity legislation killed by turbulence An attempt by House Republican leaders to strengthen the Office of Management and Budgets role in cybersecurity was withdrawn late Thursday after industry and government officials voiced their opposition to the provision in legislation overhauling the U.S. intelligence community. Media reports this week had described the legislation as shifting responsibility for cybersecurity from the Homeland Security Department to the Office of Management and Budget. But David Marin, spokesman for Rep. Tom Davis (R-Va.), chairman of the House Government Reform Committee, disputed that. http://www.gcn.com/vol1_no1/daily-updates/27449-1.html - - - - - - - - - - Piracy cut back by compliance laws Having to fit in with new laws is keeping big businesses in line when it comes to counterfeit software - but their smaller counterparts are still a problem. New compliance and accounting regulations are helping to drive down the number of firms who use unlicensed and counterfeit software, according to Microsoft. http://news.zdnet.co.uk/business/legal/0,39020651,39167738,00.htm - - - - - - - - - - Virus writers hit home PCs as companies get tough Stronger corporate defences make poorly protected home users easier targets. Virus writers are increasingly targeting poorly protected home PCs because company defences are proving too much of a challenge. Vincent Gullotto, vice president of the Anti-Virus Emergency Response Team (Avert) at security company McAfee, said recent attacks have ignored corporate networks and aimed for the home user instead. http://www.vnunet.com/news/1158338 JPEG File Flaw Prompts New Wave of Attacks http://www.newsfactor.com/story.xhtml?story_title=JPEG-File-Flaw-Prompts-New-Wave-of-Attacks&story_id=27175 - - - - - - - - - - MS fires armour-piercing suit at 'bullet-proof' spam host Microsoft has fired off nine new lawsuits against spammers including an action against a web hosting firm that allegedly offered so-called "bullet proof" hosting to junk mailers. National Online Sales and its owner Levon Gillespie are jointly accused of offering a "safe haven" for purveyors of get-rich-quick schemes and penis enlargement rackets. The case was filed in Washington State's King County Superior Court. http://www.theregister.co.uk/2004/09/24/ms_anti-spam_lawsuit/ http://money.cnn.com/2004/09/23/technology/msftspam.reut/index.htm Sender ID dealt killer blow http://news.zdnet.co.uk/software/applications/0,39020384,39167720,00.htm - - - - - - - - - - Symantec Warns of Firewall Weakness Symantec says it has identified security flaws in several of its firewall and gateway products that could leave networks vulnerable to denial-of-service attacks. The security company has issued firmware upgrades to close the loopholes. http://www.newsfactor.com/story.xhtml?story_title=Symantec-Warns-of-Firewall-Weakness&story_id=27185 - - - - - - - - - - Dangers children face online Dateline hidden camera investigation turns spotlight on Internet predators. Instant messaging on the computer has become the phone for kids today. Children spend hours chatting online with their friends, and sometimes with strangers. A recent study found that one in five children online is approached by a sexual predator, a predator who may try to set up a face-to-face meeting. In a Dateline hidden camera investigation, correspondent Chris Hansen catches some of these men in the act. http://msnbc.msn.com/id/6083442/ - - - - - - - - - - VeriSign creates kid credentials VeriSign and a children's safety group has unveiled a new technology designed to make it easier for children to avoid child predators online. The i-Stik token, inserted in a computer's USB port, provides verification of a child's age and gender. Chatroom lurkers who can't prove their age will stick out like sore thumbs as more kids adopt the tokens, backers said. http://news.zdnet.com/2100-1009_22-5380589.html - - - - - - - - - - A Touchy Debate Over Voting With the presidential election less than six weeks away, activists and security experts are ratcheting up concern over the use of touch-screen machines to cast votes. After the 2000 election debacle and recount fiasco in Florida brought the words "hanging chads" and "butterfly ballots" to the masses, technology was hailed as a way to help reform voting nationwide by simplifying the way citizens vote for candidates and providing a paperless electronic count of votes. http://www.washingtonpost.com/wp-dyn/articles/A46816-2004Sep24.html A Massive Experiment' In Voting http://www.washingtonpost.com/wp-dyn/articles/A39102-2004Sep21.html Amid complaints, Pentagon restores access to Web site for overseas voters http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9745259.htm http://news.zdnet.co.uk/internet/security/0,39020375,39167719,00.htm - - - - - - - - - - So what is it about Win2k security MS won't enhance? If you want the 'security enhancements' of Windows XP SP2 but you're running an earlier version of Windows, then you're going to have to upgrade, Microsoft has been confirming to the public prints this week. Despite this being highly significant for the many companies still running Windows 2000, Microsoft has been confirming it pretty quietly - CNET and Microsoft Watch both seem to have been given statements on demand, and Redmond does not yet seem to be exactly bulging with detail on the subject. http://www.theregister.co.uk/2004/09/24/no_sp2_fixes_for_old_windows/ - - - - - - - - - - Big boss is watching Cell phones are giving employers new ways to check up on employees in the field--and raising fresh workplace privacy concerns as a result. On the leading edge of the trend is Nextel Communications. The wireless provider began selling its Mobile Locator service last November, giving bosses an easy way to find employees who carry GPS-equipped cell phones. http://news.com.com/Big+boss+is+watching/2100-1036_3-5379953.html - - - - - - - - - - Study: Security measures often overlook human factor Threats to data security are mounting, especially from within organizations, but top executives aren't helping their companies keep pace, a new study has found. CEOs are increasingly aware of the risks posed to company information by insiders, but they aren't acting on this knowledge, according to the "2004 Ernst & Young Global Information Security Survey." More than 70 percent of the 1,233 organizations surveyed in 51 countries failed to list training and raising employee awareness of information security issues as a top initiative. http://news.zdnet.com/2100-1009_22-5381187.html - - - - - - - - - - Internet emerges as potent terrorist tool The images coming out of the latest hostage crisis in Iraq capped by dramatic video of British captive Kenneth Bigley begging for his life have transfixed Britons, left governments looking helpless, and revived a classic dilemma about whether to negotiate with terrorists. http://www.usatoday.com/tech/webguide/internetlife/2004-09-24-net-terror_x.htm - - - - - - - - - - Tiny Sensors That Can Track Anything They're small, smart and vigilant, the sort of miniature technology that science fiction writers once dreamed of. But the battery-powered, wireless sensors sometimes known as "smart dust" are here, and they're making their way into the electronic fabric of our lives. In the last few years, smart dust sensors smaller than a deck of cards have been deployed in research projects to monitor the vibration of manufacturing equipment, keep tabs on colonies of seabirds and measure fine variations in vineyard climates that can make or break a wine. http://www.washingtonpost.com/wp-dyn/articles/A45915-2004Sep23.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.