High Tech "NewsBits" for 06/10/05

NewsBits for June 10, 2005 ************************************************************ Bail for Brit accused of NASA hack North London man faces eight cybercrime charges The man accused of hacking 53 US government and space agency networks has been released on bail for PS5,000. Gary McKinnon, a 39 year- old unemployed man from north London, appeared on Wednesday at Bow Street Magistrates Court to face extradition charges by the US government. http://news.zdnet.co.uk/internet/security/0,39020375,39203033,00.htm NASA hacker is no Neo http://www.securityfocus.com/elsewhere/41104 - - - - - - - - - - Spam sign-up man convicted of harassment A US man who signed his boss up to various spam lists has been convicted of harassment. Scott Huffines, 41, from Essex County near Baltimore, Maryland, was sentenced to probation and 100 hours community service this week after pleading guilty to misuse of electronic mail, the Baltimore Sun reports. http://www.theregister.co.uk/2005/06/10/spam_harrassement_lawsuit/ - - - - - - - - - - Child porn case 'Internet at its worst' A Crown prosecutor says charges against a man accused of molesting a young girl constitute the first time an Alberta court has dealt with a case of child pornography being broadcast live on the Internet via a webcam. "This file is a good example of the Internet at its worst," Steve Bilodeau said outside the court yesterday. http://www.canoe.ca/NewsStand/LondonFreePress/News/2005/06/08/1076316-sun.html - - - - - - - - - - Symantec sues for right to delete spyware Next up, virus writers sue to protect their creations Symantec is suing a developer of adware in the US over its right to delete such programs. The company in question, Hotbar.com, has launched five legal campaigns over the past year to stop Symantec removing the adware it produces. http://www.vnunet.com/vnunet/news/2137732/symantec-sues-right-delete Software makers to send out network patrols http://news.zdnet.com/2100-1009_22-5741333.html - - - - - - - - - - Swedish anti-piracy group broke privacy data act Swedish anti-piracy group Antipiratbyran (APB) has been disciplined by the country's Data Inspection Board for breaking privacy data rules in its hunt for illegal file-sharers. ABP used special software to record the IP-addresses of file swappers, the file name and the server through which the connection was made, Sweden's The Local says. http://www.channelregister.co.uk/2005/06/10/apb_data_snafu/ - - - - - - - - - - EU Parliament rejects data retention plans But Europe's Council of Ministers is set to press on with attempts to force ISPs to retain customer information for up to three years Legislation that would require telephone companies and internet service providers (ISPs) to save information about customers' communications is set to proceed despite being rejected by the European parliament. http://news.zdnet.co.uk/internet/security/0,39020375,39203034,00.htm - - - - - - - - - - Bogus Jackson suicide bid claim used to spread malware A spam campaign that claims Michael Jackson has attempted suicide is being used to lure surfers into infecting their PCs with a Trojan horse. The malicious junk mail messages prey on the intense media interest in the trial of the controversial popstar. Typical subject lines of the messages state: "Re: Suicidal aattempt" and feature message text such as "Last night, while in his Neverland Ranch, Michael Jackson has made a suicidal attempt. http://www.theregister.co.uk/2005/06/10/jackson_trojan_spam/ http://www.vnunet.com/vnunet/news/2137758/jacko-suicide-note-trojan http://www.cnn.com/2005/TECH/internet/06/10/virus.michael.jackson.reut/index.html http://www.msnbc.msn.com/id/8169177/ http://news.zdnet.com/2100-1009_22-5740712.html http://software.silicon.com/security/0,39024655,39131133,00.htm - - - - - - - - - - Skulls Trojan puts on antivirus mask A new variant of the Skulls Trojan horse for cell phones is trying to trap victims by posing as antivirus software, F-Secure has warned. The Skulls Trojan horse, which affects Symbian-based cell phones, first surfaced in November. This latest Skulls.L variant is similar to Skulls.C, the only difference being that it's disguised as a pirated copy of F-Secure Mobile Anti-Virus, the Finnish antivirus maker said in an alert posted Thursday. http://news.zdnet.com/2100-1009_22-5741033.html - - - - - - - - - - Recon worms on the way, experts say Security experts are warning that vulnerability assessment worms, which check computers for security flaws and relay the information back to the author, are likely to become more of a threat. James Kay, the chief technology officer at e-mail security company Blackspider Technologies, said Friday that vulnerability assessment worms are quite rare at the moment. However, their number will probably increase as virus writers focus their attacks more carefully and try to avoid detection, he said. http://news.zdnet.com/2100-1009_22-5740912.html - - - - - - - - - - 10 patches - one critical - for June patch Tuesday Microsoft plans to release 10 patches - one of which it deems critical - in a tranche of security fixes next Tuesday (14 June). Seven of the security bulletins affect Windows and there's also a single "important" update for Exchange. Two patches address "moderate" problems with Windows and Microsoft Services for UNIX in one case and Internet Security and Acceleration (ISA) Server and Small Business Server in another. http://www.theregister.co.uk/2005/06/10/ms_june_patch_alert/ http://www.vnunet.com/vnunet/news/2137765/microsoft-prepares-critical http://news.zdnet.co.uk/software/windows/0,39020396,39203032,00.htm http://www.computerworld.com/securitytopics/security/story/0,10801,102399,00.html http://81.144.183.106/Articles/2005/06/10/210325/Microsofttoissue10securitypatches.htm Analysts: Windows Mobile 5.0 Security Falls Short http://www.eweek.com/article2/0,1759,1826676,00.asp - - - - - - - - - - Apple patches 11 security holes Apple has released a security update that fixes 11 vulnerabilities in the OS X operating system. The patched vulnerabilities include holes in both OS X Panther 10.3 and OS X Tiger 10.4. http://www.vnunet.com/vnunet/news/2137734/apple-patches-security - - - - - - - - - - Public sector porn downloading soars A report into internet abuse by the Audit Commission is only telling half the story, according to IT security specialists. The report surveyed 400 public sector organisations, including NHS trusts, local authorities, police and fire authorities. It found that 47 per cent had " inappropriate material" downloaded by members of staff, up from 31 per cent the year before. http://www.vnunet.com/vnunet/news/2137778/porn-tip-iceberg http://news.zdnet.co.uk/internet/0,39020369,39203035,00.htm - - - - - - - - - - Dutch hacker love-in will get permit Dutch hacker love in What the Hack will get a permit after all for this year's bash on a campground near Boxtel in the Netherlands. The gathering of 3,000 international hackers, between 28 and 31 July, faced the chop a couple of weeks ago, because the local mayor feared "breaches of law and order and danger to public safety". Now the organisers tell hack trekkies: "Ladies and gentlemen, grab your tissues to wipe away the tears of joy!" http://www.theregister.co.uk/2005/06/10/what_hack_saved/ - - - - - - - - - - Faulty update crashes ZoneAlarm firewall A bug in a Zone Labs update caused firewall crashes late Thursday for about 50,000 users of the popular ZoneAlarm Pro and ZoneAlarm Security Suite products. The crashes happened after people downloaded the daily Program Advisor update, said Gregor Freund, general manager of Zone Labs, which is part of Check Point Software. Thursday's update contained a bug that had slipped by Zone Labs' quality checks. http://news.zdnet.com/2100-1009_22-5741401.html - - - - - - - - - - Nigerian scams keep evolving The most familiar Nigerian scam is an e-mail offering lots of free money in exchange for helping someone with a name like Barrister Richard Okoya. The offer varies, but the theme is the same help a downtrodden victim recover a large sum of money trapped in an overseas bank, and you will be rewarded handsomely. For most, the e-mails are the butt of jokes and evoke a "Who would ever fall for that?" reaction. http://www.msnbc.msn.com/id/8171053/ - - - - - - - - - - Security guidelines for U.S. agencies due in July The goal: Help them assess compliance with upcoming infosec rules. The National Institute of Standards and Technology (NIST) will soon begin releasing formal guidelines federal agencies can use to assess their compliance with a set of mandatory information security rules due to take effect early next year. http://computerworld.com/governmenttopics/government/policy/story/0,10801,102409,00.html DHS issues RFI for ID management project http://www.gcn.com/vol1_no1/daily-updates/36056-1.html - - - - - - - - - - Vendors pushing new ID management tools Identity management products, once sold as stand- alone tools by relatively small pure-play companies, are increasingly being integrated into the product lines of major systems vendors. Underscoring that trend were separate announcements this week by Oracle Corp., IBM and Computer Associates International Inc., each of which featured products from earlier acquisitions in the identity management market. http://computerworld.com/softwaretopics/software/story/0,10801,102408,00.html - - - - - - - - - - The Scramble to Protect Personal Information Perhaps more than most corporations, Citigroup knows the perils of moving personal data. In February last year, a magnetic tape with information on about 120,000 Japanese customers of its Citibank division disappeared while being shipped by truck from a data management center in Singapore. The tape held names, addresses, account numbers and balances. It has never turned up. http://www.nytimes.com/2005/06/09/business/09data.html - - - - - - - - - - Controlling the enterprise information life cycle There's a stage in the life of a new technology in which half the world thinks it's a whole new paradigm and the other half thinks it's all hype. Half says it will never happen whereas the other half says, "We're doing it now." And even the most improbable vendor claims to have strategies and products to support it. So it is with ILM (information life-cycle management). http://computerworld.com/securitytopics/security/recovery/story/0,10801,102407,00.html - - - - - - - - - - Protect your Mobile Workers from Wireless Hotspot Phishing Using public hotspots is convenient; however you may want to think twice before accessing confidential information via hotspots. Recent headlines raise concern about wireless security issues around hotspots. Particularly the Evil Twin attack has received much attention, even though it is based on a tool that is relatively straightforward and has been around for several years. http://www.ebcvg.com/articles.php?id=757 Why Standards Are Important for Wireless Security http://www.computerworld.com/securitytopics/security/story/0,10801,102372,00.html - - - - - - - - - - IG to FBI: Make room for Scion The FBI must provide more specialized space where intelligence teams can access top-secret information through a new online network, the Justice Departments inspector general recommended in a declassified report released this week. The bureaus field offices must build more Sensitive Compartmented Information Facilities, or SCIFs, in which FBI personnel and their partners from other agencies can access and work with classified information, inspector general Glenn Fine Webwrote in the report. http://www.fcw.com/article89174-06-10-05-Web http://www.washingtonpost.com/wp-dyn/content/article/2005/06/08/AR2005060802329.html FBI CIO: Case management efforts moving forward http://computerworld.com/governmenttopics/government/story/0,10801,102365,00.html IG: Homeland Security IT systems not disaster-ready http://www.gcn.com/vol1_no1/daily-updates/36051-1.html - - - - - - - - - - Pop singer's phone recovered A Secret Service agent was dispatched to recover Jimmy Buffett's lost cellphone, which reportedly contained numbers for Bill Clinton, Al Gore and Jimmy Carter. The singer lost the phone at a Cuban restaurant in Delray Beach, Fla., on May 29, according to the Palm Beach Post. Busboy Jason Martin picked it up. "We were sitting around smoking weed and strolling down the list on Jimmy's phone, going 'Wow!' " Martin told the paper. The busboy says he didn't call any of the celebs, but told police his friends might have placed crank calls to Clinton. (LA Times article, free registration required) http://www.latimes.com/technology/la-et-quick10.6jun10,1,2392645.story *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.