NewsBits for August 16, 2005 ************************************************************ DoS for hire scam teen jailed for five years A New Jersey teenager was last week sentenced to five years in youth detention for taking part in a denial of service for hire scam. Jasmine Singh, 17, pleaded guilty to two counts of computer theft over attacks on online sporting goods stores said to have cost victims $1.5m. Judge Frederick DeVesa in Superior Court, New Brunswick also ordered Singh to pay $35,000 compensation. http://www.theregister.co.uk/2005/08/16/teen_hacker/ - - - - - - - - - - Report: Black market growing for offshore data There's a thriving black market for highly sensitive, personal and financial details about Australians leaked from offshore call centers operating in India, according to a report by the Australian Broadcasting Corp. http://computerworld.com/managementtopics/outsourcing/story/0,10801,103962,00.html - - - - - - - - - - Evanston firefighter arrested in child porn case A veteran Evanston firefighter was being held in federal custody Monday after he allegedly sent an undercover FBI agent child pornography through an Internet chat room. The feds arrested Thomas Erpelding, 52, of Skokie on Monday morning and charged him with one count of distribution. http://www.suntimes.com/output/news/cst-nws-fireporn16.html - - - - - - - - - - Credit report site settles with feds A subset of a major credit reporting company, which allegedly promised free reports but then billed customers $79.95 for a "credit monitoring service," has agreed to settle charges of deceptive marketing practices. http://news.zdnet.com/2100-9588_22-5835037.html - - - - - - - - - - Bush blocks bush on .xxx The controversial .xxx TLD domain has been delayed after the chairman of ICANN's Government Advisory Committee (GAC), Mohamed Sharil Tarmizi reacted to political and public pressure to ask for a postponment in implementing of the cyberporn ghetto. http://www.theregister.co.uk/2005/08/16/smut_tld_delayed/ http://www.usatoday.com/tech/news/techpolicy/2005-08-16-xxx-domain_x.htm http://news.zdnet.co.uk/internet/ecommerce/0,39020372,39213536,00.htm Porn makes you blind: official http://www.theregister.co.uk/2005/08/16/emotion_induced_blindness/ Game developers form sex 'special interest group' http://news.zdnet.com/2100-1040_22-5835241.html - - - - - - - - - - Hackers Exploit New Windows Flaw Web monitoring firm Websense reported that a Swedish-hosted Web site has been engineered with malware built in that exploits a flaw in unpatched versions of Internet Explorer. The flaw allows hackers to gain complete control of PCs visiting the infected site. http://www.newsfactor.com/story.xhtml?story_id=100000028ZCS http://www.vnunet.com/vnunet/news/2141198/second-microsoft-patch-cracked http://www.cnn.com/2005/TECH/internet/08/16/microsoft.worm.reut/index.html Windows Vista puts testers' security at risk http://www.vnunet.com/vnunet/news/2141188/windows-vista-puts-tester Forecast Cloudy for Windows Vista http://www.wired.com/news/infostructure/0,1377,68514,00.html - - - - - - - - - - IRC bot latches onto Plug-and-Play vuln The Microsoft Plug-and-Play vulnerability exploited by the ZoTob worm has been harnessed to create an IRC bot. IRCBot-ES uses the vulnerability to spread instead of more common vectors such as Windows RPC security vulns. http://www.theregister.co.uk/2005/08/16/irc_bot/ Zotob worm hits Windows users http://news.zdnet.com/2100-1009_22-5832849.html Zotob worm makes little progress http://news.zdnet.co.uk/internet/security/0,39020375,39213393,00.htm - - - - - - - - - - Patches rain down on OS X Latest patch plugs 44 security holes. Apple has released a set of patches that fix 44 security flaws in its OS X operating system for servers and desktop computers. http://www.vnunet.com/vnunet/news/2141220/patches-rain http://news.com.com/Apple+unloads+dozens+of+fixes+for+OS+X/2100-1002_3-5834873.html http://www.securityfocus.com/news/11282 http://software.silicon.com/security/0,39024655,39151405,00.htm - - - - - - - - - - US cyber security 'almost out of control' The information technology infrastructure in the US, including air traffic control systems, power grids, financial systems, and military and intelligence cyber networks, is highly vulnerable to terrorist and criminal attacks, an article in the August issue of IEEE-USA Today's Engineer has warned. http://www.vnunet.com/vnunet/news/2141195/security-almost-control - - - - - - - - - - Net bulges with illegal animal auctions An investigation into the illegal net trade in live animals and animal products has revealed that those with sufficient cash can purchase anything from a gorilla to a Siberian tiger or - if they sound like a bit of a handful - elephant tusks or a stuffed peregrine falcon. http://www.theregister.co.uk/2005/08/16/net_animal_trade/ - - - - - - - - - - Money Matters - Variety of fraud The Postal Inspector in San Diego has announced a new type of counterfeit scheme. You thought there was enough challenge dealing with cash. Now you get to worry about the validity of postal money orders. http://www.vvdailypress.com/2005/112411322741386.html - - - - - - - - - - August Patch Winds Fade The Next Great Worm may be coming some day, but it won't be based on MS05-039. It's just not a conducive bug. At first glance, Microsoft's August vulnerability and patch set seemed like a real killer set of vulnerabilities. One of them in particular, MS05-039 (Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege), caught attention as a "wormable" hole. http://www.eweek.com/article2/0,1759,1848696,00.asp - - - - - - - - - - Neighbor's Wi-Fi is hot topic Many readers say if it's in your house, it's not stealing; Can Net monitoring programs still work? Evidently, stealing your neighbor's Internet connection is on a lot of people's minds. Earlier this month, a CNN/Money article explored the legality and risks of piggy-backing on your neighbor's wireless connection without paying for it, or even letting your neighbor know what you're doing. http://money.cnn.com/2005/08/12/technology/personaltech/wifi_pirate_mail/index.htm - - - - - - - - - - Keeping watch on data snoops and abuse (series of stories) The feds reach a deal with a credit report Web site they say charged for "free" reports. Also: Data theft suspected at call center. http://news.com.com/Keeping+watch+on+data+snoops+and+abuse/2009-7349_3-5835162.html - - - - - - - - - - Phishing Overview Phishing is the activity of fraudulently presenting oneself online as a legitimate enterprise in order to trick consumers into giving up personal financial information that will be used for identity theft or other criminal activity. Phishing is most commonly perpetrated through the mass distribution of e-mail messages directing users to a web site, but other venues are utilized as well. http://www.greenarmor.com/phishing.shtml - - - - - - - - - - Using the Windows Server 2003 to Harden the ISA Firewall The issue of hardening the ISA firewall has always been a hot topic. The topic became especially hot when ISA Server 2000 was released with system hardening wizards that broke key features of the ISA Server 2000 firewall product. While many of us made gallant attempts at coming up with comprehensive hardening plans that wouldnt break core ISA Server 2000 firewall functionality, it always seemed like we were feeling our way through the dark. http://zone-h.org/en/feeds/year=2005/month=08/ - - - - - - - - - - How to keep your computer activities out of divorce court Employing a private investigator isn't the only way to gather evidence in divorce or child custody proceedings. Clandestine keylogging and tracking programs installed on home computers can provide digital proof. You should know the downsides before you install this type of software. http://www.usatoday.com/tech/columnist/kimkomando/2005-08-14-divorce-court_x.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.