NewsBits for August 4, 2005 ************************************************************ Ruling threatens use of undercover agents to trap Internet offenders The practice has become widespread_undercover agents pose as children on Internet chat rooms. When adults strike up online relationships and arrange for sexual liaisons, police are waiting at the rendezvous point with handcuffs and arrest warrants. http://www.kctv5.com/Global/story.asp?S=3675044 - - - - - - - - - - Cisco Web Site Hacked, Exposing User Passwords "This is starting to install doubt about Cisco products," said Joshua Wright, deputy director of training for the SANS Institute. According to Wright, any disclosures from the security glitch might lead to leaked information about Cisco's customers. http://www.newsfactor.com/story.xhtml?story_id=01300000AHJI - - - - - - - - - - Man Arrested After Child Porn Found On CD A retired Westport middle school teacher inadvertently left a CD full of child pornography, including what appear to be lewd pictures of schoolchildren, in a computer he borrowed from a neighbor, federal investigators said Wednesday. Paul Held, 67, a former teacher at Bedford Middle School, was arrested at his home in Westport Tuesday on federal charges of possession and distribution of child pornography and is being held without bond. http://1010wins.com/topstories/local_story_216071001.html - - - - - - - - - - Justice Dept. effort to eavesdrop on airline passengers challenged Two privacy groups asked the Federal Communications Commission this week to reject a proposal that would give the Justice Department sweeping new powers to eavesdrop on cell phone calls and Internet usage by airline passengers. http://www.govexec.com/story_page.cfm?articleid=31917 http://www.wired.com/news/privacy/0,1848,68407,00.html - - - - - - - - - - Spammer loses fight for right to spam A company in the US has lost a legal battle with the University of Texas over the institution's blocking of vast amounts of unsolicited commercial email. An online dating service does not have the right to blast unsolicited email at thousands of University of Texas email addresses, a federal appeals court ruled. http://news.zdnet.co.uk/internet/0,39020369,39212016,00.htm - - - - - - - - - - FAA CIO says cybersecurity incomplete govwide Cybersecurity must be the current and future focus of any federal information technology planning, said Dan Mehan, the Federal Aviation Administration's outgoing chief information officer, at an industry breakfast today. You have to start working on preprogrammed continuity of operations planning, he said at the event, sponsored by Input, a market research firm. http://www.fcw.com/article89787-08-04-05-Web - - - - - - - - - - It's a bull market for stock spam The volume of stock scam spam has risen, posing a new threat to investors, warns a new study from network security firm Sophos. Though traditional spam categories--medication, mortgage and pornography --continue to dominate, new ones such as stock scams are growing, according to the study, which covered the first six months of 2005. http://news.zdnet.com/2100-1009_22-5818416.html - - - - - - - - - - First potential virus risk for Windows Vista found Virus writers are targeting a new Microsoft tool that will be part of Windows and is set to ship as part of the next Exchange e-mail server release. A virus writer has published the first examples of malicious code that targets Microsoft's upcoming command- line shell, code-named Monad, according to Finnish antivirus maker F-Secure. If the technology is included in Windows Vista, these could be one of the first viruses to target the new operating system formerly known as Longhorn, F-Secure said Thursday. http://news.zdnet.com/2100-1009_22-5819428.html http://news.zdnet.co.uk/0,39020330,39212024,00.htm Hasta la Vista, baby Virus writers have created proof of concept viruses targeting the scripting language behind prototype versions of Vista, the next version of Windows. An Austrian virus writer has published five simple viruses targeting Microsoft Command Shell (MSH), the command line interface and scripting language, in a virus writing magazine. None of these pieces of malware have been named as yet. http://www.theregister.co.uk/2005/08/04/vista_virus/ Patches on the way for Windows flaws http://news.zdnet.com/2100-1009_22-5818881.html IP flaw leaves Windows 2000 wide open http://www.vnunet.com/vnunet/news/2140780/windows-2000-wide-open - - - - - - - - - - Worms could dodge Net traps Future worms could evade a network of early- warning sensors hidden across the Internet unless countermeasures are taken, according to new research. In a pair of papers presented at the Usenix Security Symposium here Thursday, computer scientists said would-be attackers can locate such sensors, which act as trip wires that detect unusual activity. http://news.zdnet.com/2100-1009_22-5819293.html - - - - - - - - - - JPEG-based virus attack gets closer Security researchers have warned that an infectious JPEG virus could be just around the corner. A virus writer has got close to exploiting a critical flaw in the way Microsoft Windows handles JPEGs. Costin Raiu, the head of research and development for Kaspersky Labs Romania, said on Tuesday that over the weekend a virus writer tried to spread a Trojan by exploiting a known image-handling flaw. http://news.zdnet.co.uk/internet/security/0,39020375,39212149,00.htm - - - - - - - - - - DNS servers--an Internet Achilles' heel Hundreds of thousands of Internet servers are at risk of an attack that would redirect unknowing Web surfers from legitimate sites to malicious ones. In a scan of 2.5 million so-called Domain Name System machines, which act as the White Pages of the Internet, security researcher Dan Kaminsky found that about 230,000 are potentially vulnerable to a threat known as DNS cache poisoning. http://news.com.com/DNS+servers--an+Internet+Achilles+heel/2100-7349_3-5816061.html http://computerworld.com/securitytopics/security/story/0,10801,103744,00.html - - - - - - - - - - Cyber tip line educates teens of online dangers The National Center for Missing & Exploited Children has launched an online program directed at teens to raise awareness about the prevalence of online sexual exploitation and to help teens better protect themselves against online predators. The online ads are a second installment in a campaign that began last year focused on internet safety. http://www.zwire.com/site/news.cfm?newsid=14963154&BRD=1452&PAG=461&dept_id=448709&rfi=6 - - - - - - - - - - Hacker criticises cyber crime laws Gary McKinnon, the UK hacker facing extradition to the US accused of 'the biggest military computer hack of all time', is calling for international computer crime laws to be passed. http://www.vnunet.com/computing/news/2140725/hacker-criticises-cyber-crime - - - - - - - - - - Annual hacking game teaches security lessons The weekend-long Capture the Flag tournament stressed code auditing as a measure of hacking skill this year, a move that emphasized more real-world skills, but not without controversy. The game required skills that are also required by both security researchers and hackers, such as ability to analyze attack vectors, understanding and automating attacks, finding new, unpredictable ways to exploit things. http://www.securityfocus.com/news/11269 - - - - - - - - - - Hacker fear fuels outsourced security spend Complexity of deploying in-house security systems also boosting services. Global demand for outsourced security services is "strong and growing fast", fuelled by increasing fear of viruses, malware, spyware and hacking, combined with the complexity of rolling out security systems in house. http://www.vnunet.com/vnunet/news/2140767/hacker-fear-outsourced-security - - - - - - - - - - The new threat to Hollywood: Darknets PRIVATE, ENCRYPTED FILE-SHARING NETWORKS SET TO GROW. Fresh from its victory in the Supreme Court Grokster case, Hollywood faces a new Internet threat -- the rise of ``darknets,'' or private, encrypted networks that allow the anonymous exchange of music, movies and other digital files. http://www.siliconvalley.com/mld/siliconvalley/12306819.htm - - - - - - - - - - ID cards 'were oversold' The Government has admitted that it overhyped the benefits of ID cards. The UK government has admitted that it exaggerated the benefits of ID cards by claiming they would be a panacea for identity theft, benefit fraud and terrorism. http://news.zdnet.co.uk/business/legal/0,39020651,39212022,00.htm http://www.theregister.co.uk/2005/08/04/id_cards_oversell/ - - - - - - - - - - E-Government think tank launched Representatives from all branches of the UK Government are represented in a group that will be run by Brunel University. A think tank dedicated to e-government issues has had its first meeting. The e-Government Integration and Systems Evaluation (e-GISE) Network, is aiming to identify the challenges associated with e-government, with an initial focus on local authorities. http://news.zdnet.co.uk/0,39020330,39212021,00.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.