NewsBits for February 2, 2005
************************************************************
Police cuff US student keystroke logger
A Houston High School student faces a fine possible
$2,000 fine or 180 days' jail after admitting rigging
a keystoke logger to a teacher's PC and using it to
download exams, Houston's Local 2 reports.
http://www.theregister.co.uk/2005/02/02/student_keystroke_logger/
- - - - - - - - - -
Heise.de under DDoS attack
German tech publication Heise.de has been targeted
by a persistent and determined denial of service
attack, it says. The origin of the attack is unknown
so far, and Heise's publishing house is offering
a 10,000 reward for information leading to the
arrest of the attacker.
http://www.theregister.co.uk/2005/02/02/heise_ddos/
- - - - - - - - - -
Los Alamos lab penalized in 'missing' disk case
A report by the National Nuclear Security
Administration (NNSA) has determined that
two classified computer disks that apparently
disappeared at the Los Alamos National Laboratory
last year never even existed. Instead, according
to the report, bar codes were generated for the
disks, but the actual disks were never made.
http://www.computerworld.com/securitytopics/security/story/0,10801,99425,00.html
- - - - - - - - - -
Supreme Court puts hacker sentences up for grabs
A landmark U.S. Supreme Court decision last month
giving judges more leeway in deciding federal prison
terms could be good news for computer intruders who
don't fit the classic criminal mold, legal experts
say. In U.S. v. Booker, decided January 12th, the
court ruled 5-4 to overturn part of a 1984 law that
required judges to sentence offenders strictly by a
book of written guidelines produced and periodically
revised by a seven-member, presidential appointed
commission.
http://www.securityfocus.com/news/10404
- - - - - - - - - -
Internet Auction Complaints Increase
Americans are increasingly turning to Internet
auction sites to buy and sell goods from around
the world, and a growing number think they might
be getting a raw deal online. The number of
complaints filed with the Federal Trade Commission
over Internet auctions has nearly doubled from
51,000 in 2002 to more than 98,000 last year,
the agency said Tuesday in its annual report
on consumer fraud and identity-theft complaints.
(LA Times article, free registration required)
http://www.latimes.com/technology/la-fi-auctions2feb02,1,2810129.story
US hit for $548m in fraud losses
Identity theft topped the list of complaints
received by the US Federal Trade Commission for
the fifth successive year, accounting for 39 per
cent of consumer fraud complaints filed with the
agency last year. Credit card fraud was the most
common form of reported ID theft (28 per cent),
followed by phone or utilities fraud (19 per cent),
bank fraud (18 per cent), and employment fraud
(13 per cent).
http://www.securityfocus.com/news/10400
- - - - - - - - - -
Spamming and phishing to rocket in 2005
This year will see a dramatic rise in phishing
attacks and a plague of viruses written for
spammers, security watchers have warned. Security
appliance manufacturer Fortinet reported a big
increase in phishing during 2004 which is expected
to increase this year. Meanwhile, viruses written
specifically for criminals are predicted to reach
epidemic proportions.
http://www.vnunet.com/news/1160938
- - - - - - - - - -
Rowling warns Harry Potter fans about Net scams
Author J.K. Rowling is warning Harry Potter fans
to watch out for Internet fraudsters claiming to
sell electronic copies of her latest wizard saga
--they are trying to steal bank and credit card
details. In the latest phishing scam, fans were
asked to hand over their bank details to pay for
a supposed copy of "Harry Potter and the Half-
Blood Prince" which is to be published on July 16.
http://news.zdnet.com/2100-1009_22-5560051.html
- - - - - - - - - -
For kids, danger lurks a click away
The Web can open up a fascinating world for
kids, but in an instant it can also bring graphic
pornography and sexual predators into your home.
When it comes to your kids, reports "Today" show
anchor Katie Couric, the most dangerous place in
the house can be just one keystroke away.
http://www.msnbc.msn.com/id/6893488/
- - - - - - - - - -
Police introduce stick icon to curb paedophilia
Children will be able to instantly report suspected
paedophiles prowling the internet in an initiative
announced by Australian Federal Police. Federal
Police Commissioner Mick Keelty launched the Virtual
Global Task Force website as part of a worldwide
crackdown on online child abuse. The system allows
children visiting such sites as internet chatrooms
and email websites to report suspect messages to
authorities by clicking on an icon - a stick figure
with an eye.
http://www.nzherald.co.nz/index.cfm?c_id=2&ObjectID=10008370
- - - - - - - - - -
The 'hacker tool' worm that gurned
The old English practice of gurning, in which
participants pull a funny or scary face, is being
used by a newly discovered worm to distract PC
users while their machines are being compromised.
The Wurmark-F worm, a variant of Wurmark-D which
began spreading last month, arrives as a zipped
email attachment and displays a picture of an
old man pulling an impressive gurn.
http://www.vnunet.com/news/1160945
- - - - - - - - - -
Deleting Spam Costs Billions, Study Finds
Time wasted deleting junk e-mail costs American
businesses nearly $22 billion a year, according
to a new study from the University of Maryland.
A telephone-based survey of adults who use the
Internet found that more than three-quarters
receive spam daily. The average spam messages
per day is 18.5 and the average time spent
per day deleting them is 2.8 minutes.
(LA Times article, free registration required)
http://www.latimes.com/technology/ats-ap_technology10feb02,1,7826648.story
- - - - - - - - - -
More women turn to net security
Retired people are increasingly going online.
Older people and women are increasingly taking
charge of protecting home computers against
malicious net attacks, according to a two-year
study. The number of women buying programs to
protect PCs from virus, spam and spyware attacks
rose by 11.2% each year between 2002 and 2004.
http://news.bbc.co.uk/1/hi/technology/4228891.stm
- - - - - - - - - -
Microsoft Offering Gov'ts Early Warnings
Microsoft Corp. offered Wednesday to begin
alerting the world's governments early to
cyberthreats and security flaws in its attack-
prone software. Microsoft also wants to work
with governments to help prevent and mitigate
the damage from hacker attacks, said Giorgio
Vanzini, the director of Microsoft's government
engagement team.
(LA Times article, free registration required)
http://www.latimes.com/technology/ats-ap_technology13feb02,1,1006306.story
http://news.com.com/Microsoft+to+help+governments+with+security/2100-7355_3-5559974.html
- - - - - - - - - -
Antivirus Tools Fool XP's Security Center
Microsoft's Windows XP Service Pack 2 is supposed
to improve security. Its Windows Security Center
should alert you when your antivirus software
is missing or out of date. But in our tests,
both McAfee's Internet Security Suite 2005 and
Symantec's Norton Internet Security 2005 crippled
SP2's ability to deliver accurate alerts immediately
after installation.
http://www.pcworld.com/news/article/0,aid,119376,00.asp
- - - - - - - - - -
VeriSign exports e-mail security to Europe
Amid similar moves by rivals, VeriSign has started
selling its e-mail security services in Europe.
The security specialist announced Wednesday
that it is extending the market for its services,
which are designed to provide automatic updates
to eliminate e-mail based threats and reduce
time spent on e-mail system management.
http://news.zdnet.com/2100-1009_22-5560709.html
- - - - - - - - - -
Spam fighter has a Honey Pot of an idea
Matthew Prince apologized that he couldn't hang
around for long after his presentation. He had to
catch a plane back to the Sundance Film Festival.
Yet when his talk ended, a small crowd gathered
around him anyway with the zeal of paparazzi
flocking to a Hollywood star.
http://www.mercurynews.com/mld/mercurynews/business/technology/10797707.htm
Zombie trick expected to send spam sky-high
http://news.zdnet.com/2100-1009_22-5560664.html
- - - - - - - - - -
Linux Kernel Security is Lacking
Recent events have shown that the way security
in the Linux kernel is handled is broken, and it
needs to be fixed right now. During the disclosure
of some recent vulnerabilities in the Linux kernel,
I learned some things about Linux kernel security
that was truly shocking. The way security in
the Linux kernel is handled is broken, and it
needs to be fixed right now.
http://www.securityfocus.com/columnists/296
Linux developers create forum to air core flaws
http://news.zdnet.com/2100-1009_22-5561031.html
- - - - - - - - - -
Clueless about cookies or spyware?
Spyware-removal tools are a fairly new commodity
from Internet service providers, but some of the
software may confuse people as much as it protects
them, critics say. In one example, EarthLink's
Spyware Blocker program notes several different
kinds of potentially unwanted software found on
a subscriber's PC, including Trojans that can
steal personal information.
http://news.zdnet.com/2100-1009_22-5561063.html
Instances of spyware on consumer PCs up 230 per cent
http://www.vnunet.com/news/1160954
- - - - - - - - - -
Is hard time for worm author too harsh?
The teenager sentenced to 18 months in prison for
unleashing a variant of the MSBlast worm got off
easy, a majority of people said in a poll from
Sophos. In January, a federal district court found
19-year-old Minnesota resident Jeffrey Lee Parson
guilty of modifying the original MSBlast worm,
also known as Blaster, and releasing the variant
onto the Internet.
http://news.zdnet.com/2100-1009_22-5560829.html
- - - - - - - - - -
Apache 2 with SSL/TLS: Step-by-Step, Part 2
In the first article of this three part series,
the reader was shown how to install, configure,
and troubleshoot Apache 2.0 with SSL/TLS support.
Part two now discusses the recommended settings
for the mod_ssl module that lets us achieve
maximum security and optimal performance.
The reader will also see how to create a local
Certification Authority and a SSL certificate
based on the free and open-source OpenSSL library.
http://www.securityfocus.com/infocus/1820
- - - - - - - - - -
SAIC says FBI should deploy its case management system
Science Applications International Corp. said
Tuesday that it has urged the FBI to fully deploy
the Virtual Case File case management system the
San Diego company has provided in a pilot version.
The troubled VCF project has been the subject of
several critical reports and investigations by
the Government Accountability Office, the Justice
Department Inspector Generals Office, the National
Science Foundation and Congress.
http://www.gcn.com/vol1_no1/daily-updates/34962-1.html
- - - - - - - - - -
Plan Unveiled to Speed Cargo Processing
A customs official says the use of wireless sensors
inside shipping containers would increase security.
U.S. Customs and Border Protection Commissioner
Robert C. Bonner on Tuesday proposed a system of
"smart" cargo containers that could deter terrorist
attacks and speed the flow of goods into the U.S.
The technology, which is undergoing field tests
on vessels using busy shipping lanes between
Singapore and Southern California, involves the
use of wireless sensors inside cargo containers.
The sensors would allow the containers to be
monitored for signs of tampering.
LA Times article, free registration required)
http://www.latimes.com/technology/la-fi-customs2feb02,1,7675865.story
- - - - - - - - - -
Police places staff data in safe custody
West Yorkshire Police has deployed a secure user
data access system as it prepares to join a national
police directory. The UK's fourth largest police
force, which has about 10,000 staff using its
systems, wanted to eliminate duplication when
updating users' access rights.
http://www.vnunet.com/news/1160972
- - - - - - - - - -
E-Sponder keeps Super Bowl security in touch
Super Bowl XXXIX in Jacksonville, Fla., may
wind up being known as the Security Bowl. The
Jacksonville Sheriff's Office is coordinating
the security activities of 53 local, state and
federal agencies, including the FBI, Coast Guard
and U.S. Navy, for the Feb. 6 event through a
Web-based collaboration system in place since
Jan. 5 that was also used during a presidential
debate and World Series games in St. Louis last
year.
http://www.usatoday.com/tech/news/2005-02-02-security-bowl_x.htm
***********************************************************
Search the NewsBits.net Archive at:
http://www.newsbits.net/search.html
***********************************************************
The source material may be copyrighted and all rights are
retained by the original author/publisher. The information
is provided to you for non-profit research and educational
purposes. Reproduction of this text is encouraged; however
copies may not be sold, and NewsBits (www.newsbits.net)
should be cited as the source of the information.
Copyright 2000-2005, NewsBits.net, Campbell, CA.