High Tech "NewsBits" for 04/04/05

NewsBits for April 4, 2005 ************************************************************ Suspected phisher arrested in Estonia Police in Estonia have arrested a man suspected of stealing millions of Euros from bank accounts across Europe, according to a report in the Sydney Morning Herald. The unnamed 24-year-old from the Estonian capital Tallinn is believed to have infected hundreds of computers with a Trojan horse program to obtain usernames and passwords from them. High-tech crime police in Europe believe the suspect stole money from accounts in Britain, Estonia, Germany, Latvia, Lithuania and Spain. http://news.zdnet.com/2100-1009_22-5654268.html http://www.theregister.co.uk/2005/04/04/estonian_trojan_suspect_cuffed/ - - - - - - - - - - Hungarian sentenced to prison for spying on Ericsson A 26-year-old Hungarian man was sentenced Monday to three years in prison for industrial espionage against wireless equipment maker LM Ericsson, news reports said. Csaba Richter was found guilty Monday of hacking into Ericsson's computer systems and illegally accessing secret information, Swedish Radio reported. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/11308756.htm - - - - - - - - - - Hackers allegedly steal Russian Central Bank's database There is no such thing as total secrecy in banking these days. Illegally duplicated CD-ROMs containing various database can be purchased on the computer markets or via the Internet in today's Russia. It is quite easy to buy any database ranging from the lists of mobile telephone company's customers to classified data of the state traffic police or the customs authorities. http://english.pravda.ru/main/18/89/358/15223_bank.html - - - - - - - - - - Man sentenced for kiddie porn John Leroy Morrison, 38, of Wakefield, was sentenced this week in federal court to four years in prison and three years supervised release upon discharge for possessing child pornography. The case was investigated by the Federal Bureau of Investigation, Hagen said. The investigation was part of "Operation Peer Pressure," one facet of the FBI's ongoing national initiative to protect children from sexual offenders, including child pornographers and pedophiles. http://www.ironwooddailyglobe.com/0401gcrt.htm - - - - - - - - - - Former Stafford Co. Coach Pleads Guilty to Kiddie Porn Charges A former Stafford County teacher and football coach pleaded guilty Thursday to five counts of distributing child pornography. Craig D. Welker, 33, also was arraigned in Fredericksburg Circuit Court Thursday on 125 counts of possessing child pornography. Police traced a screen name and e-mail address to Welker that had been used to upload 13 images of girls "well under the age of 18," court records said. Virginia State Police later seized a large number of compact discs, 8 mm videos, pictures and magazines from his home and his laptop computer and other items from school. http://www.wtopnews.com/?sid=463027&nid=25 - - - - - - - - - - Child porn probe leads to Casper man Computer software developed in Wyoming and used by a law enforcement agent in Hawaii led to the arrest of a Casper man on two federal child pornography counts. Bradley Wilkison pleaded not guilty Wednesday in Cheyenne before U.S. District Court Judge Alan Johnson to one count of possessing child pornography and one count of attempting to transmit an image of child pornography across state lines, according to federal court records. The investigation of Wilkison began on Feb. 1 with the law enforcement agent in Hawaii who found a movie file that had an Internet address that originated in Casper, according to the criminal complaint written by Wyoming Division of Criminal Investigation special agent Flint Waters and filed in federal court on Feb. 23. The agent in Hawaii was using the nationally acclaimed file- sifting technology written by Waters, who belongs to the Wyoming Internet Crimes Against Children (ICAC) Task Force, according to the complaint. http://www.casperstartribune.net/articles/2005/04/02/news/casper/9606594d2a7b579187256fd6006ff2ac.txt - - - - - - - - - - Boyertown teacher found with child porn on his computer A math teacher at Boyertown Area Senior High School has been arrested for allegedly having images of child pornography on a personal computer he kept in his classroom. Peter John Lamana, 38, of the 500 block of Norway Place in Bethlehem, was charged with felony counts of sexual abuse of children and possession of obscene and other sexual material and performances, according to Colebrookdale District police. Some of the material allegedly found on Lamanas computer included images gathered during class and at a parent/teacher conference, police said. http://www.pottstownmercury.com/site/news.cfm?newsid=14272791&BRD=1674&PAG=461&dept_id=18041&rfi=6 - - - - - - - - - - Carjackers swipe biometric Merc, plus owner's finger A Malaysian businessman has lost a finger to car thieves impatient to get around his Mercedes' fingerprint security system. Accountant K Kumaran, the BBC reports, had at first been forced to start the S-class Merc, but when the carjackers wanted to start it again without having him along, they chopped off the end of his index finger with a machete. http://www.theregister.co.uk/2005/04/04/fingerprint_merc_chop/ - - - - - - - - - - N.Y. lawmakers target modem hijacking State lawmakers unveiled a bill Monday that is believed to be the first in the nation to target modem hijacking, a practice in which thieves tap into people's computer modems to make international phone calls. If passed, the law would allow telephone companies and the state attorney general to bring lawsuits against modem hijackers and their accomplices. The bill is expected to face a vote by the end of June. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/11310169.htm - - - - - - - - - - Florida files multimillion-dollar spam suits The Florida Attorney General's office has filed its first claims under the state's antispam law, charging two men with masterminding a scheme that marketed fraudulent online businesses via e-mail. The office of Attorney General Charlie Crist has filed civil claims against Scott J. Filary, 25, and Donald E. Townsend, 34, representatives said on Monday. http://news.zdnet.com/2100-1009_22-5653662.html - - - - - - - - - - Sybase, NGSSoftware near flaw-publishing agreement Database maker Sybase will likely drop legal threats against a U.K.-based security company this week, allowing the company to publish details on six flaws, a source familiar with the negotiations said on Monday. http://www.securityfocus.com/news/10821 - - - - - - - - - - Email worm graduates to IM The Chod.B worm is now spreading over Microsoft's instant-messaging service, after first being observed spreading over email systems last week. A worm that first disguised itself as an email from computer vendors now attempts to trick MSN Messenger users into executing malicious files. http://news.zdnet.co.uk/internet/0,39020369,39193674,00.htm - - - - - - - - - - Text me and I'll reply with a virus Virus writers have created a third mobile phone virus capable of replicating via MMS messages. The Mabir worm, which targets Symbian Series 60 phones, is not spreading, but its ability to propagate via Multimedia Messaging Service messages (MMS) gives cause for concern. http://www.theregister.co.uk/2005/04/04/mabir_mobile_worm/ - - - - - - - - - - New security scares for Outlook and IE Several vulnerabilities that allow for remote code execution with no actions from the user have been confirmed by Microsoft. A timetable for patching the highly critical flaws has not been released. http://news.zdnet.co.uk/internet/0,39020369,39193671,00.htm http://www.vnunet.com/news/1162292 - - - - - - - - - - Red Hat patches critical hole Red Hat Inc. is warning enterprise Linux users to update their installations of XFree86 to fix a number of serious security bugs, some of which could allow attackers to take over a system. The affected operating systems include Enterprise Linux AS 3, Enterprise Linux ES 3 and Enterprise Linux WS 3, Red Hat said in an advisory. http://computerworld.com/securitytopics/security/holes/story/0,10801,100860,00.html - - - - - - - - - - Sweden Becomes a Piracy Battlefield A crackdown is underway in a country where file swapping is accepted as the norm. Workers stepped through the shattered glass doors of Antipiratbyra one day last week, busy installing new alarms and security systems in the Swedish film and games industry's anti-piracy bureau here. "We are under siege," said Henrik Ponten, a lawyer with the bureau, himself labeled Sweden's most hated man by one of the country's largest newspapers (LA Times article, free registration required) http://www.latimes.com/technology/la-ft-sweden4apr04,1,6315670.story - - - - - - - - - - Hacking Google for fun and profit Insecure websites are not the only venues at risk from Google-hacking. Network hardware can be hacked, cached printing pages can be perused and security cameras snooped on thanks to evolutions in attack techniques that are dumbing down network attacks. So-called Google hacking - named after the search engine - relies on employing carefully crafted combination of search terms to unveil potentially confidential files. http://www.theregister.co.uk/2005/04/04/google_hacking/ - - - - - - - - - - Gone phishing special report The volume and severity of phishing scams is rocketing as cyber-criminals become ever more cunning and sophisticated. The online scams attempt to trick unwary surfers into divulging sensitive and confidential information to bogus websites designed to appear as bona fide businesses such as internet banking sites. http://www.vnunet.com/specials/1159732 Germany's Postbank is hit by new phishing attack http://computerworld.com/securitytopics/security/story/0,10801,100858,00.html - - - - - - - - - - Gmail tries out antiphishing tools Google's popular free Web-based e-mail service is testing phishing protection designed to alert members to potential e-mail fraud attacks. When a Gmail user opens a suspected phishing message, the software displays a large red dialog box stating: "Warning: This message may not be from whom it claims to be. Beware of following any links in it or of providing the sender with any personal information." The service also provides a hyperlink to information on Gmail's help pages about e-mail fraud. http://news.zdnet.com/2100-1009_22-5653794.html - - - - - - - - - - Firefox improves pop-up ad blocking The Mozilla Foundation has developed a beta patch for the Firefox browser that it claims improves the blocking of pop-up ads. The popular open-source browser already contains a pop-up blocker by default, but this does not handle pop-ups launched by plug-ins such as Flash and Java. http://news.com.com/Firefox+improves+pop-up+ad+blocking/2100-1032_3-5654284.html - - - - - - - - - - Three quarters of corporate PCs shun SP2 Only a quarter of corporate PCs running Windows XP have upgraded to SP2 (Service Pack 2), according to a survey out this week. The study by asset management outfit AssetMetrix- published days before the deadline for holding back on SP2 installation expires on 12 April - paints a picture of a lack of preparation for a major change in corporate computing infrastructures. http://www.theregister.co.uk/2005/04/04/sp2_survey/ http://www.vnunet.com/news/1162300 - - - - - - - - - - UK citizens confused by security terminology Survey: Many Internet users in the UK don't understand words like phishing, Trojan and spam, which could make them more likely to fall victim to cybercrime. http://news.zdnet.co.uk/internet/security/0,39020375,39193691,00.htm - - - - - - - - - - ISS puts more network defenders on patrol Internet Security Systems has added two new models to its flagship Proventia line of intrusion prevention appliances. The Atlanta-based network protection company on Monday announced the Proventia G400 and the Proventia G2000, part of a family of integrated security products designed to protect corporate systems. The devices feature spyware-blocking for the network, improved policy management, and a preconfigured set of prevention policies. http://news.zdnet.com/2100-1009_22-5653978.html - - - - - - - - - - OMB issues draft federal ID card guidance The Office of Management and Budget wants to establish an 18-month timeline for agencies to implement an interoperable employee identification card. In the draft guidance that will be published this week in the Federal Register, OMB officials set an Oct. 27, 2006, deadline for agencies to comply with the National Institute of Standards and Technologys Federal Information Processing Standard 201. NIST released the standard in February. http://www.gcn.com/vol1_no1/daily-updates/35450-1.html - - - - - - - - - - High-tech passports coming; complaints already in The dark blue cover will look the same, but U.S. passports are getting a high-tech makeover this year. Blue-jacketed tourist passports, as well as the maroon- and-black-covered ones used by diplomats and others on government business, are being redesigned and going electronic. The goal is to make it harder to copy or tamper with them, just as currency has been redesigned to fight counterfeiting. http://www.usatoday.com/tech/news/2005-04-03-passports_x.htm Privacy Advocates Criticize Plan To Embed ID Chips in Passports http://www.washingtonpost.com/wp-dyn/articles/A21858-2005Apr2.html - - - - - - - - - - Civil liberty group pans EU biometrics plans Civil liberties groups have condemned an EU study on the possible social impact of biometric technologies including fingerprint, iris and face recognition as "technologically determinist" and say it puts economics and profit above liberties and privacy. http://www.theregister.co.uk/2005/04/04/biometrics_eu_report/ http://computerworld.com/securitytopics/security/privacy/story/0,10801,100859,00.html - - - - - - - - - - U.S. tracks immigrants with device As he sat in a detention facility in Colorado with other illegal immigrants as his deportation proceedings dragged along, Winifried Kreuzhagen, a German national, was approached with an offer from immigration officials. They would release him, but only if he agreed to wear an electronic ankle bracelet that would confirm he was home when he was supposed to be and if he submitted to intensive supervision, including a 150-mile round trip from his home in Colorado Springs to Denver three times a week to check in. http://www.chicagotribune.com/technology/chi-0504040067apr04,1,2451041.story - - - - - - - - - - Some colleges falling short in computer security If the computer age is continually testing how well institutions protect personal information, the nation's colleges and universities may be earning a failing grade. Last Monday, administrators at the University of California, Berkeley, acknowledged that a computer laptop containing the names and Social Security numbers of nearly 100,000 people--mostly graduate school applicants --had been stolen. Just three days earlier, Northwestern University reported that hackers who broke into computers at the Kellogg School of Management there may have had access to information on more than 21,000 students, faculty and alumni. And one week before that, officials at California State University, Chico, announced a breach that may have exposed personal information on 59,000 current, former and prospective students. http://news.com.com/Some+colleges+falling+short+in+computer+security/2100-1029_3-5653140.html Black eye for privacy http://news.zdnet.com/2100-1009_22-5653737.html Is your personal data next? http://www.msnbc.msn.com/id/7358558/ Net Aids Access to Sensitive ID Data http://www.washingtonpost.com/wp-dyn/articles/A23686-2005Apr3.html Keeping Social Security Numbers Safe http://www.washingtonpost.com/wp-dyn/articles/A24296-2005Apr4.html - - - - - - - - - - Fences Around the Internet Would anyone be willing to return to the days when residential telephone service meant a clunky, black dial phone (leased from AT&T) that plugged into a line (owned by AT&T) that connected to a spider web of lines (you guessed it, owned by AT&T)? Not if it meant forsaking the wealth of choices that blossomed after consumers won the right to buy their own phones and select their long-distance carrier. (LA Times article, free registration required) http://www.latimes.com/technology/la-ed-isp4apr04,1,1847663.story - - - - - - - - - - Spying As a Business Whether they're driving through a tunnel or taking a cigarette break, Americans are finding even their most mundane movements captured on video. The surveillance camera market has swelled to between $5 billion and $6 billion from about $2 billion before Sept. 11 -- and is projected to grow at 25 percent a year. http://www.wired.com/news/business/0,1367,67119,00.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.