NewsBits for November 3, 2004 ************************************************************ Two found guilty in first felony spam conviction A brother and sister who sent unsolicited junk e-mail to millions of America Online customers were convicted today in the nation's first felony prosecution of distributors of spam. Jurors who convicted Jeremy D. Jaynes, 30, and Jessica DeGroot, 28, later sentenced Jaynes to a nine- year prison term and fined DeGroot $7,500 for three convictions each of sending e-mails with fraudulent and untraceable routing information. http://www.mercurynews.com/mld/mercurynews/news/10091161.htm http://news.com.com/North+Carolina+man+sentenced+to+9+years+for+spam/2100-1024_3-5438340.html http://www.newsfactor.com/story.xhtml?story_title=Guilty-Verdict-in-First-Felony-Spam-Case&story_id=28127 http://www.cnn.com/2004/LAW/11/03/spam.trial.ap/index.html http://msnbc.msn.com/id/6401091/ Experts say spam fight needs to be more strategic http://computerworld.com/securitytopics/security/story/0,10801,97195,00.html - - - - - - - - - - Data Security Breached at Wells Fargo For the third time in a year, computers with clients' information are stolen. The bank says there have been no indications of misuse. Four computers containing the Social Security numbers and other personal information of some Wells Fargo & Co. borrowers were stolen last month in the third such security breach in a year, the San Francisco bank said Tuesday. http://news.com.com/Wells+Fargo+computers+stolen/2100-1029_3-5437481.html http://www.latimes.com/technology/la-fi-wells3nov03,1,1870689.story http://news.zdnet.com/2100-1009_22-5437481.html http://www.theregister.co.uk/2004/11/03/wells_fargo_id_theft_flap/ - - - - - - - - - - Hackers reopen stolen code store with Cisco wares Source Code Club offering code for Cisco's PIX firewall software for $24,000. An anonymous group of malicious hackers reopened an online store that sells the stolen source code of prominent software products and is offering the code for Cisco Systems (Profile, Products, Articles) Inc.'s PIX firewall software to interested parties for $24,000, according to messages posted in online discussion groups. http://www.infoworld.com/article/04/11/03/HNciscopixhack_1.html http://computerworld.com/securitytopics/security/cybercrime/story/0,10801,97194,00.html - - - - - - - - - - Bulgarian Student Stung Bill Gates The transborder criminal organization used to forge credit cards, passports, driving licenses and Euro bills. Its members had never met each other. They only communicated via Internet. On Wednesday, the Bulgarian commandos burst into Alexei's home, just when he was finishing the forged credit card on the name of Bill Gates on his computer. http://www.standartnews.com/archive/2004/10/29/english/bulgaria/s4246_8.htm - - - - - - - - - - Online payment firm in DDoS drama Online payments processing firm Protx is continuing to fight a sustained internet attack which has severely impacting its services for the fourth successive day. http://www.theregister.co.uk/2004/11/03/protx_ddos_attack/ - - - - - - - - - - Movie industry to sue file sharers Taking a cue from recording companies, Hollywood movie studios are preparing to file copyright infringement lawsuits against computer users it says are illegally distributing movies online, a source familiar with the studios' plans said Wednesday. http://www.mercurynews.com/mld/mercurynews/business/technology/10091526.htm - - - - - - - - - - Critical IE Security Problem Reported A newly discivered vulnerability in Microsoft's Internet Explorer is rated as "extremely critical" by security firm Secunia. Unlike some threats that necessitate action, such as downloading files, the newest IE hole can be opened without user help. http://www.newsfactor.com/story.xhtml?story_title=Critical-IE-Security-Problem-Reported&story_id=28105 - - - - - - - - - - Security hole burns Java proxy server Sun Microsystems warned of a security flaw affecting one component of its flagship Java System Web server line of products. The flaw, in the Java System Web Proxy Server - until recently called the Sun One Web Proxy Server - could allow a remote attacker to gain access to a vulnerable system. The proxy server, used by e-commerce sites, enterprises and ISPs to cache and filter Web content, is a companion product to the Java System Web Server, Sun's main server software. http://computerworld.com/securitytopics/security/story/0,10801,97173,00.html - - - - - - - - - - Parents face porn claim risk, says MP PARENTS sending family pictures over the Internet could be accused of child pornography under planned new laws, the State Government has been warned. Independent MP Bob Such has written to Premier Mike Rann and Attorney-General Michael Atkinson expressing concerns over the changes, saying parents would be scared of even having their kids "hop into bed with them". http://www.news.com.au/common/story_page/0,4057,11270901%255E2682,00.html - - - - - - - - - - Virus report points to profit-hungry hackers Malicious software cases rose 22 percent in October, with Trojan horses accounting for nearly half, according to a newly released report by security company Trend Micro's TrendLabs. Those results further validate a growing concern in the security industry that hackers are more interested in turning a profit than gaining fame. Trojan horses can be used to dupe computer users into running a bot program, which in turn can help launch denial of service attacks for financial gain. http://news.zdnet.com/2100-1009_22-5438228.html - - - - - - - - - - United Nations working group to tackle spam, cyber-crime More than 250 experts wrapped up two days of talks in Geneva today on the creation of a United Nations working group which could deal with spam, cyber-crime and other Internet-related problems. http://www.newstarget.com/002072.html - - - - - - - - - - Security guru demands two-factor authentication RSA Conference: Businesses have been urged to get their act together over security and insist that users supply more than just a password before getting online. Howard Schmidt, the chief security officer for eBay and former White House adviser for cyberspace has called for greater use of two-factor authentication. http://news.zdnet.co.uk/0,39020330,39172578,00.htm - - - - - - - - - - SSH User Identities OpenSSH supports more than just simple passwords for authentication. It can be configured to use PAM (Pluggable authentication modules), Challenge/Response protocols, Kerberos authentication, authenticated host-based trust[1], and there are even patches for other methods, such as X509 keys. However the most popular alternate authentication method is Identity/Pubkey authentication. http://www.securityfocus.com/infocus/1810 - - - - - - - - - - 16 candles for first Internet worm The first significant Internet worm appeared on this day 16 years ago, and online security has never been the same, security professionals say. At around midnight on Nov. 2, 1988, the Morris worm, written by a 23-year-old Massachusetts Institute of Technology student called Robert Tappan Morris, was released on the embryonic Internet. http://news.zdnet.com/2100-1009_22-5438291.html - - - - - - - - - - Phishing for dummies: hook, line and sinker Recent "phishing" episodes, and two new browser vulnerabilities, show how the bad guys are tricking people into exposing their passwords and bank accounts. Couldn't happen to tech-savvy users, right? Unless you consider how entire nations have been fooled. http://www.theregister.co.uk/2004/11/02/phishing_tabbed_browsers/ http://www.vnunet.com/news/1159144 Chinese puzzle hampers banks' phishing fight http://www.theregister.co.uk/2004/11/03/chinese_phishing_puzzler/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.