NewsBits for February 10, 2006 ************************************************************ Police Charge Md. Student In Murder UMBC Student Met Woman on MySpace.com The body of woman who was reported missing in December was found Tuesday night, and police have charged a man they say she met on the Internet with her murder. Josie Phyllis Brown, 27, of Baltimore was reported missing by her family late in December. Her body was found Tuesday near the interchange of Interstates 95 and 695 in Arbutus in Baltimore County, police said. http://www.washingtonpost.com/wp-dyn/content/article/2006/02/09/AR2006020900591.html - - - - - - - - - - Debit card security breached at Bank of America A security breach involving an undisclosed company has prompted Bank of America to cancel the debit cards of numerous customers, a spokesman for the US' largest bank said on Tuesday. http://software.silicon.com/security/0,39024655,39156340,00.htm http://news.zdnet.co.uk/internet/security/0,39020375,39251735,00.htm - - - - - - - - - - Counselor Gets Life in Child Porn Case A former child counselor was sentenced to life in prison for his involvement in an international child pornography ring in a case the judge called the "most horrible" of her legal career. "You are the most despicable individual I have come across," San Diego Superior Court Judge Gale E. Kaneshiro told Paul Gordon Whitmore as she sentenced him Thursday. http://www.ksl.com/?nid=157&sid=161873 - - - - - - - - - - Lawsuit challenges new 'e-annoyance' law A new law targeting "annoying" e-mail messages and Web posts is being challenged in federal court. The plaintiff, a Web site that lets people send anonymous e-mail for a fee, said the suit was necessary because the law is so broad it makes providing the service a crime. http://news.com.com/2100-1028_3-6037439.html - - - - - - - - - - Will Lawyers Get Hung Up in Quest for Cell Phone Records? The sale of cell phone records over the Internet -- a hot topic that recently spurred litigation, legislation and a federal investigation -- has more than a few lawyers nervous. Attorneys are among the top customers of the controversial Web sites, according to private investigators, privacy advocates and Web site operators who sell the phone records. http://www.law.com/jsp/article.jsp?id=1139393114353 - - - - - - - - - - U.S. wraps up 'Cyber Storm' exercise testing Internet defenses The government concluded its ``Cyber Storm'' wargame Friday, its biggest-ever exercise to test how it would respond to devastating attacks over the Internet from anti-globalization activists, underground hackers and bloggers. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/13842562.htm http://news.zdnet.com/2100-1009_22-6038082.html http://www.fcw.com/article92302-02-10-06-Web http://www.govexec.com/story_page.cfm?articleid=33380&sid=28 - - - - - - - - - - U.S. Government to Survey Businesses on Cyber-Crime The U.S. government said Feb. 9 it will launch its first national survey to estimate. The Justice Department and the Department of Homeland Security will try to measure the number of cyber-attacks, frauds and thefts of information and the resulting losses during 2005, officials said in a statement. http://www.eweek.com/article2/0,1759,1924846,00.asp - - - - - - - - - - TPD creates cybercrime unit Billions of dollars are lost each year in communities such as Tallahassee to cyber- crimes, Tallahassee Police Department Chief Walter McNeil said Wednesday. To combat that problem, the department has created a cybercrimes unit to work on these cases. Sgt. Bill Bierbaum, supervisor of the financial-crimes unit, will oversee the cybercrimes unit. He said 40 to 50 percent of crimes reported are computer-related. http://www.tallahassee.com/apps/pbcs.dll/article?AID=/20060209/NEWS01/602090331/1010/NEWS01 - - - - - - - - - - Dawn of the undead In the quiet places of the world, a zombie army is gathering. Are you harbouring zombies? There's a fair chance you could be, if Paul Judge, the CTO of e-mail security firm CipherTrust, is right - he says that his company's statistics, gathered from its customers and a network of honeytrap PCs, show that a quarter of a million new zombie PCs come online every day. http://www.techworld.com/networking/features/index.cfm?featureid=2238 - - - - - - - - - - Bluetooth flaw found in Sony Ericsson phones Four models open to DoS attack, says FrSIRT Several mobile phones produced by Sony Ericsson are vulnerable to denial of service attacks, two security companies reported this week. The flaw is found in four models of Sony Ericsson phones and comes from an error in their Bluetooth service, according to the French Security Incident Response Team, or FrSIRT. http://software.silicon.com/security/0,39024655,39156343,00.htm http://www.computerworld.com/securitytopics/security/holes/story/0,10801,108575,00.html Nokia extends antivirus software http://www.computerworld.com/securitytopics/security/story/0,10801,108578,00.html - - - - - - - - - - Microsoft plans to release seven patches Tuesday At least two critical updates will be included in the collection. Microsoft Corp. on Tuesday plans to release seven patches for several of its software products, including at least two critical updates for known vulnerabilities, according to the company's monthly security update. http://www.computerworld.com/securitytopics/security/story/0,10801,108531,00.html? Microsoft Releases Bevy of Security Betas http://www.eweek.com/article2/0,1759,1924737,00.asp - - - - - - - - - - EFF issues Google Desktop warning Configure it carefully, or forget it. Google has released a revamped version of its desktop search tool which introduces the ability to search the contents of one computer from another. Previous versions of the tool indexed files on user's PCs, but using the optional "Search Across Computers" facility in Google Desktop 3 temporarily stores text copies of searchable items on Google's own servers for up to 30 days. http://www.theregister.co.uk/2006/02/10/google_desktop_privacy_kerfuffle/ Privacy concerns over Google Desktop 3 http://news.zdnet.co.uk/software/applications/0,39020384,39251943,00.htm - - - - - - - - - - Companies Hiring Hackers to Break into Their Computers Shields, spyware, firewalls, all ways to protect your computer from viruses and identity thieves. Some companies are going one step further to protect their systems, actually hiring the hackers. With just a few clicks on a keyboard, James Dennis uses his software to break into your company's computer network. http://www.it-observer.com/news/5697/companies_hiring_hackers_break_into_their_computers/ - - - - - - - - - - Oracle defends security record Oracle has shrugged off criticisms of its recent security record, saying that one of the company's biggest security concerns is that its customers are so used to being secure that they are not used to applying patches. Hasan Rizvi, vice president of security products at Oracle, told ZDNet Australia on Wednesday that unlike rival Microsoft, security has always been a high priority at the database maker. http://www.it-observer.com/news/5698/oracle_defends_security_record/ Ratings Game: Security Flaw Scoring System Flounders http://www.eweek.com/article2/0,1759,1925052,00.asp - - - - - - - - - - Malware Evolution 2005 Kaspersky Lab has released its latest analytical report, entitled Malware Evolution: 2005. The report is based on data received from Kaspersky Lab's round the clock monitoring of malicious code. It covers the evolution of malicious code over the past year in detail, including developments which have taken place in the criminal underground. Presented in accessible language, the report will be of interest both to IT security professionals and computer users, and includes graphs and tables for easy reference. http://www.it-observer.com/news/5700/malware_evolution_2005/ - - - - - - - - - - Interpeak Protection Profile Interpeak has announced its plan to write a protection profile for its secure and trusted protocol stacks. The Secure and Trusted Stack Protection Profile specifies the security and functional assurance requirements for a class of IPv6 networking. A stack evaluated against this Protection Profile serves as a trusted foundation in security critical and complex applications. http://www.it-observer.com/news/5699/interpeak_protection_profile/ - - - - - - - - - - Agnitum Outpost Firewall Pro 3.5 The latest version of Outpost Firewall Pro empowers users to share advice and configuration skills automatically with the ImproveNet security community network. Firewall configurations can now be created and updated automatically, with user consent, while the actual configuration of the firewall is handled remotely in the background by Agnitum security professionals. http://www.it-observer.com/news/5696/agnitum_outpost_firewall_pro_35/ - - - - - - - - - - Japanese telecoms operator develops secure IM Engineers at NTT Communications have developed a secure instant-messaging system that supports logging and archiving of messages and that can interact with some third-party IM networks. http://www.techworld.com/security/news/index.cfm?RSS&NewsID=5346 - - - - - - - - - - ID cards campaigners aren't giving up As the government agrees new concessions to get its national identity card bill through parliament, the No2ID team calls for more lobbying efforts. Campaigners against the introduction of a UK biometric national identity card scheme have vowed to keep up the struggle, even if parliament passes the government's IT card bill next week. http://news.zdnet.co.uk/business/legal/0,39020651,39251739,00.htm - - - - - - - - - - Spyware fight attracts a crowd Four groups have sprung up to fight the insidious software that pops up ads on screens or spies on PC users. Is that too much of a good thing? Last month, the number of efforts to fight adware and spyware doubled with the announcement of two new initiatives: Spywaretesting.org, a consortium of antivirus companies, and StopBadware.org, an initiative led by two universities. These join the Trusted Download Program and the Anti-Spyware Coalition, both formed last year. http://news.zdnet.com/2100-1009_22-6037999.html - - - - - - - - - - Wi-Fi for dummies Securing network access while on the run The average user has no idea of the risks associated with public Wi-Fi hotspots. Here are some very simple tips to keep network access secure. My friend Philip is an expert at community activism and is a cracker-jack financial advisor as well. http://www.theregister.co.uk/2006/02/10/wifi/ - - - - - - - - - - Movie Firewall dramatizes dangers of ID theft Watch any recent movie or television series with a scene involving computers and youll often find that the software programs used by the characters look pretty slick but arent very realistic. Not so with the new Warner Bros. film Firewall, a bank-heist thriller that stars Harrison Ford and opens today in theaters nationwide. http://www.computerworld.com/securitytopics/security/hacking/story/0,10801,108577,00.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2006, NewsBits.net, Campbell, CA.