NewsBits for February 3, 2006 ************************************************************ Worms' many aliases can confuse consumers Friday's file-destroying worm goes by ``Mywife'' at Microsoft Corp. and McAfee Inc., ``Blackmal'' at Symantec Corp. and CA Inc. and ``Kama Sutra'' in most media reports. At F-Secure Corp., it's version ``E'' of ``Nyxem,'' while Sophos PLC says it's version ``D.'' Others variably refer to it as ``Kapser,'' ``KillAV,'' ``Grew'' or ``Blackworm.'' The official name? ``CME-24.'' The moniker may seem much ado about nothing, but security researchers worry that the variance could confuse consumers. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/13786471.htm Virus Naming Still a Mess http://blogs.washingtonpost.com/securityfix/2006/02/virus_naming_st.html File-destroying worm causes little damage http://www.msnbc.msn.com/id/11159834/ http://www.cnn.com/2006/TECH/internet/02/03/wormstrike/index.html http://www.newsfactor.com/story.xhtml?story_id=003000002NV6 http://www.usatoday.com/tech/news/computersecurity/2006-02-03-worm-update_x.htm Blackmal deletion day appears a dud http://www.securityfocus.com/brief/127 http://news.zdnet.com/2100-1009_22-6034706.html All quiet on the Nyxem front http://news.zdnet.co.uk/0,39020330,39250239,00.html Kama Sutra quiet so far http://australianit.news.com.au/articles/0,7204,18026739%5E15318%5E%5Enbv%5E,00.html Kama Sutra worm hype may bite back http://news.zdnet.com/2100-1009_22-6035068.html FAQ: The Kama Sutra worm http://news.zdnet.com/2100-1009_22-6034585.html - - - - - - - - - - MySpace.com Subject of Sex Assault Probe Police are investigating whether as many as seven teenage girls have been sexually assaulted by men they met through the popular Web site MySpace.com. The girls, ages 12 to 16, are from Middletown and say they were fondled or had consensual sex with men who turned out to be older than they claimed. None of the incidents appeared to be violent, said Middletown Police Sgt. Bill McKenna. http://www.latimes.com/technology/ats-ap_technology14feb03,1,1465060.story http://www.msnbc.msn.com/id/11162121/ MySpace, Facebook attract online predators http://www.msnbc.msn.com/id/11165576/ Police: Teens may have met assailants on MySpace.com http://www.cnn.com/2006/TECH/internet/02/03/myspace.assaults.ap/index.html - - - - - - - - - - Parkview assisting FBI in probe of file hacking As part of an ongoing FBI investigation into Medical Informatics Engineering and alleged software tampering at Orthopaedics Northeast, Parkview Health confirmed it is cooperating with the investigation. The hacker appears to have breached Orthopaedics Northeasts network by exploiting connections of Parkview and an unnamed medical office from the outside, said Raymond Kusisto, chief executive officer of Orthopaedics Northeast. http://www.fortwayne.com/mld/journalgazette/13782298.htm - - - - - - - - - - Hackers tap Greek government cell phones Unknown eavesdroppers tapped the cell phones of Greek Prime Minister Costas Karamanlis, five cabinet members and dozens of top officials for about a year, the Greek government said on Thursday. Illegal software installed at Greece's second biggest mobile phone operator, Vodafone Greece, allowed calls to and from about 100 phones to be recorded. Most belonged to the government but one was owned by the U.S. embassy in Athens, officials said. http://news.zdnet.com/2100-1009_22-6034895.html - - - - - - - - - - Reports: WMF flaw sold for $4,000 Russian hacker groups sold exploit code for the WMF exploit in early December, well before vulnerability research companies caught wind of the problem, mounting evidence is suggesting. A two-week window separated the development of the exploit and the discovery of suspicious activity, according to an eWeek article. During these two weeks the exploit code was available on underground websites -- at a $4,000 cost. http://www.securityfocus.com/brief/126 - - - - - - - - - - RIAA defendant 'has never used a computer' Lawyers claim client has never used or even turned on a computer in her life. The Recording Industry Association of America (RIAA) has issued another 750 writs against people it believes are pirates, including a carer in New York who claims never to have owned a computer. http://www.vnunet.com/vnunet/news/2149712/riaa-sues-pirate-without - - - - - - - - - - Spammers prey on bird flu fears Phoney email carries WMF Trojan. An email claiming to have information on a bird flu epidemic in Britain has been spammed out overnight, but the link it contains could infect PCs that have unpatched browsers. Internet monitoring firm Websense warned of the emails last night, which are in wide circulation. http://www.vnunet.com/vnunet/news/2149710/uk-bird-flu-email-warning - - - - - - - - - - Security gaps found in EPA contracting system An audit of a major Environmental Protection Agency contract management system uncovered significant security lapses that, if exploited by hackers, could have serious consequences for the agency's operations, assets and personnel. http://www.govexec.com/story_page.cfm?articleid=33290 - - - - - - - - - - AMD Hack Points to Widespread Web Forum Flaws, Attacks Malicious hackers are increasingly targeting security vulnerabilities in open-source software that runs bulletin boards and online forums, according to Internet monitoring firm Netcraft. The unpatched holes, in open-source software like phpBB, PostNuke, and Mambo are being used to take control of powerful servers for denial of service attacks and phishing scams. http://www.eweek.com/article2/0,1759,1918295,00.asp - - - - - - - - - - Mozilla plugs eight Firefox security holes Severity ratings range from 'low' to 'critical' Mozilla has released a security update that patches eight vulnerabilities in its Firefox browser. The company gave the flaws severity ratings ranging from 'low' to 'critical'. http://www.vnunet.com/vnunet/news/2149690/firefox-plugs-security-holes - - - - - - - - - - Spyware tunnels in on Winamp flaw Earlier this week, security companies warned that attack code for exploiting the flaw was circulating on the Internet. On Thursday, Sunbelt Software said it had found a Web site hosting a malicious Winamp playlist file. Opening the file loads spyware onto an unwitting user's PC, it said. http://news.zdnet.com/2100-1009_22-6035188.html - - - - - - - - - - Stronger efforts being made against embarrassing document 'metadata' When the New England Journal of Medicine used a word-processing function to reveal that Merck & Co. had deleted study data about Vioxx and heart attacks, the pharmaceutical giant joined a long line of organizations bitten by information lurking in electronic files. It's happened to no less than the White House, the Pentagon, the British prime minister's office and the United Nations. http://www.usatoday.com/tech/news/internetprivacy/2006-02-03-metadata-woes_x.htm - - - - - - - - - - Anti-piracy test is hit or miss with academy Despite the hand-wringing of all the publicists associated with small, review-driven movies who need to get their films seen by as many Oscars voters as possible, 74% of the 5,000 Academy of Motion Pictures Arts and Sciences members did manage to plug in their spankin' new Cinea machines. (LA Times article, free registration required) http://www.latimes.com/technology/la-et-oscartech3feb03,1,7044705.story - - - - - - - - - - Information-sharing initiatives future in question The newly formed federal Information-Sharing Environment is at risk of losing steam because its director has resigned after only six months on the job, Sen. Dianne Feinstein (D-Calif.) said at a hearing yesterday. http://www.gcn.com/vol1_no1/daily-updates/38197-1.html - - - - - - - - - - UK.gov inflates ID theft risk - ID-card selling bunkum The UK government has come out with yet another questionable study to support its obsessive bent to impose ID cards on the British public. Once again, ID fraud figures as the reason why Brits need expensive biometric proofs of identity. http://www.theregister.co.uk/2006/02/03/clumsy_id_card_study/ - - - - - - - - - - Internet jihad: Tackling terror on the Web Sara Ahmad's voice quavers slightly as she recalls the summer evening nearly 18 months ago when her older brother, Babar, an IT professional, came over for dinner. The following day Ms. Ahmad answered a knock at the door to find two policemen standing outside on her leafy suburban street. "They said he'd been arrested on a extradition request to the U.S.," recalls Ahmad, a doctor. "I was completely shocked." http://www.csmonitor.com/2006/0203/p06s02-woeu.html - - - - - - - - - - Mobile phone tracking, girlfriend stalking and the law A service has launched in the UK which allows you to track any mobile phone around the globe and follow its movements from your own computer. The Guardian ran a feature on it yesterday called 'How I stalked my girlfriend'. It painted a scary picture. http://www.theregister.co.uk/2006/02/02/mobile-phone_tracking/ - - - - - - - - - - Top Ten Cybercrime, Viruses and Spyware Most Frequently Detected In January, Sdbot.ftp was the malware most frequently detected by Panda ActiveScan, the free online antivirus solution. In addition to this malicious code, ranked first in distribution for the seventh month in a row, other visible threats on this monthly list include Metafile, in second place, and Tearec.A, in sixth place. With respect to spyware, New.net occupies first place in the ranking. http://biz.yahoo.com/prnews/060201/law087.html?.v=58 - - - - - - - - - - Security Fix Blogger Security Fix blogger Brian Krebs was online to answer your questions about the latest computer security threats and offer ways to protect yourself and your personal information. A transcript follows . http://www.washingtonpost.com/wp-dyn/content/discussion/2006/01/20/DI2006012000886.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2006, NewsBits.net, Campbell, CA.