NewsBits for April 18, 2006 ************************************************************ Man guilty in high-tech crime spree HE FACES 32 YEARS IN PRISON FOR TAKING $3 MILLION IN GEAR. Reviewing security videotapes, the Santa Clara County investigators studied the giant burglar -- 6 feet 7 and with a shaved head -- amble in his trademark suit through some of the biggest companies in Silicon Valley. At least 22 times, he walked away with a variety of memory chips and server boards in what prosecutors are calling one of Silicon Valley's most notorious high-tech burglary sprees. http://www.siliconvalley.com/mld/siliconvalley/news/local/14369086.htm - - - - - - - - - - 2 men convicted in international Internet drug ring A federal jury convicted two men who allegedly used the Internet to illegally peddle drugs worldwide to tens of thousands of people. The jury deliberated a day following a seven-week trial before convicting Akhil Bansal and Fred Mullinix on all counts. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/14369977.htm - - - - - - - - - - FBI: No credit card data breach in N.H. state server case An FBI investigation has concluded that no consumer credit or debit card information was stolen from a New Hampshire state computer server in February because a suspect Cain & Abel password recovery program found on the hardware had never been activated. http://www.computerworld.com/securitytopics/security/hacking/story/0,10801,110612,00.html - - - - - - - - - - AOL Helps Catch Man Accused Of Sending Child Porn Federal agents say AOL helped them catch a Kissimmee man who was e-mailing child pornography. Braulio Lopez, 34, pled guilty to federal charges of possession and distribution of child pornography. AOL alerted authorities that Lopez sent four e-mails attached to images of child pornography. http://www.wftv.com/news/8791017/detail.html - - - - - - - - - - Former Police Officer Faces Child Porn Charges A former Waco Police Officer now faces charges of possession of child pornography. Amadore Gonzalez Junior turned himself in to US Marshals on Monday. If convicted, he could be put behind bars for up to ten years and fined as much as $250,000. http://www.kxxv.com/main.cfm?ID=1&NewsID=2847 - - - - - - - - - - Former School Employee Faces Child Porn Charges A former employee of the Mehlville School District faces child pornography charges. Authorities say when they seized Thomas Mantle's work computers, they found more than 1,300 images of child pornography. http://www.ksdk.com/news/news_article.aspx?storyid=95337 - - - - - - - - - - Google hosts 'boy love' site A marriage and family therapist intern is trying to convince Google to drop a website from its popular, free blog host http://www.blogger.com/ that promotes "boy love," sexual relationships between men and adolescents. http://www.worldnetdaily.com/news/article.asp?ARTICLE_ID=49680 - - - - - - - - - - New laws yet to slow down phishing Its been six months since Gov. Schwarzenegger signed the states anti-phishing law, but it doesnt seem to be working. Oliver Friedrichs, director of emerging technologies for Symantec Security Response, reports he currently tracks 7.9 million phishing emails a day, an increase of 39 percent from 2005. http://www.examiner.com/Business-a79916~New_laws_yet_to_slow_down__phishing_.html The Future of Phish Fighting http://www.eweek.com/article2/0,1759,1950280,00.asp Spammer faces chokey down under http://www.vnunet.com/vnunet/news/2154251/spammer-faces-sent-under Phishing Steals Spotlight at MIT Spam Conference http://www.newsfactor.com/story.xhtml?story_id=10200002LMVO - - - - - - - - - - Symantec boss demands tougher laws on cyber crime Symantec CEO John Thompson has said it is "unconscionable" that cyber crime is going unpunished to the degree that it is around the world and demanded that governments get to grips with the escalating threats. http://software.silicon.com/security/0,39024655,39158056,00.htm - - - - - - - - - - Applying Third-Party Patches Violate Licence Agreements Internet Security Systems has issued a warning to businesses that using third-party patches could violate the licence agreements for software installed on their mission-critical systems. http://www.it-observer.com/news/6121/applying_third_party_patches_violate_licence_agreements/ - - - - - - - - - - Lenovo, Microsoft to sign intellectual property pact Antipiracy deal similar to two signed earlier in month. As part of Microsoft Corp.'s continued efforts to promote its antipiracy campaign in China, Microsoft and Lenovo Group Ltd. executives formally plan to sign a $1.2 billion deal Monday to cement a joint effort by the companies to provide genuine Windows software to Chinese customers. http://www.computerworld.com/securitytopics/security/story/0,10801,110623,00.html http://www.usatoday.com/tech/news/2006-04-17-microsoft-china_x.htm - - - - - - - - - - New Bagle spawns spam downloader Computers infected with a well-known worm began downloading a new spam tool Sunday night used by hackers to send unwanted e-mail. http://www.techworld.com/security/news/index.cfm?RSS&NewsID=5809 Hackers Sneak Through Browser Vulnerability http://www.it-observer.com/news/6119/hackers_sneak_through_browser_vulnerability/ MU Security Takes A Hacker's Approach http://www.crn.com/sections/security/security.jhtml?articleId=185303227 - - - - - - - - - - Microsoft patch hits HP hardware Users of Hewlett-Packard printers, scanners and cameras may be experiencing some problems after installing Microsoft's latest round of security patches, released late last week. http://www.techworld.com/security/news/index.cfm?RSS&NewsID=5812 http://www.theregister.co.uk/2006/04/18/ms_patch_glitch/ http://software.silicon.com/security/0,39024655,39158122,00.htm http://news.zdnet.com/2100-1009_22-6062026.html - - - - - - - - - - Firefox under fire from multiple security bugs The Mozilla Foundation has warned of a slew of critical vulnerabilities to its popular Firefox web browser and related products. The most serious of the flaws create a means for hackers to inject malware onto vulnerable systems. Other flaws would make it easier to construct phishing attacks or swipe sensitive information from PCs running Firefox. http://www.theregister.co.uk/2006/04/18/firefox_security_update/ Firefox fixes new security flaws http://www.securityfocus.com/brief/188 - - - - - - - - - - Walking a New Beat Surfing MySpace.com helps cops crack the case.As far as Jennifer Joffe was concerned, the party started the night of Feb. 23, when she let four friends raid the liquor cabinet of her mother's Boulder, Colo., mansionand it ended when she stumbled up to bed. http://www.msnbc.msn.com/id/12335363/site/newsweek/ MySpace Faces a Perp Problem http://www.wired.com/news/culture/0,70675-0.html - - - - - - - - - - Wiretaps vulnerable to phreaking You cant always believe what you hear Researchers at the University of Pennsylvania have found that it is not at all difficult for bad guys to outwit law enforcement wiretaps on their phone lines. http://www.gcn.com/online/vol1_no1/40428-1.html - - - - - - - - - - Cyber Sleuths Call For New 'Smart Swarms' Bees do it. And if the cyber-strategists working at such high-level organizations as the National Security Agency and the Los Alamos National Laboratory are right, 'smart swarming' may be en effective way to solve even the toughest security problems. http://www.internetnews.com/security/article.php/3599386 - - - - - - - - - - Cyberstalking, the Net's 'hidden horror,' likely to rise Claire Miller, a 44-year- old publishing executive in New York, recently stripped her nameplate from the tenant directory at the entrance to her apartment building in the Kips Bay neighborhood, where she has lived for more than 11 years. She also asked the landlord to disconnect the buzzer and is in the process of changing her phone number. These are drastic measures for an otherwise outgoing person. http://www.iht.com/articles/2006/04/17/business/stalk.php - - - - - - - - - - European Businesses Are Vulnerable To IT Attacks McAfee has announced research which reveals the extent to which companies are failing to protect themselves from security vulnerabilities. Almost half of those questioned (45%) believe that their IT infrastructure is never 100% protected from software and network vulnerabilities. http://www.it-observer.com/news/6123/mcafee_european_businesses_are_vulnerable_it_attacks/ http://www.theregister.co.uk/2006/04/18/mcafee_security_survey/ Firms slow to fix security flaws http://news.bbc.co.uk/2/hi/technology/4907588.stm - - - - - - - - - - Hands-on testing of the new Linux virus Our tests shows the code's viral nature is sometimes -- but not always -- effective on both platforms, depending on the kernel being used. Of course, it's impossible for us to test every version of the kernel out there, but thus far, it looks like those prior to version 2.6.16 are susceptible, and at least some of those after that release are not. http://www.it-observer.com/news/6118/hands_testing_new_linux_virus/ - - - - - - - - - - Microsoft to push Sender ID at e-mail summit Microsoft Corp. plans to promote adoption of the Sender ID e-mail specification and introduce a new program for helping Internet service providers protect the integrity of e-mail messages at the E-mail Authentication Summit Wednesday in Chicago. http://www.computerworld.com/securitytopics/security/story/0,10801,110634,00.html http://news.zdnet.com/2100-1009_22-6061828.html - - - - - - - - - - NASA hacker to speak at security show Gary McKinnon will be joined by other hackers and security experts on a panel discussion at the Infosecurity conference this month. Gary McKinnon faces the prospect of an indefinite stay in Guantanamo Bay, but this won't prevent him from appearing on a panel discussing hacking at a UK security conference, it was revealed on Thursday. http://news.zdnet.co.uk/internet/security/0,39020375,39263341,00.htm - - - - - - - - - - Stop the bots Botnets are a major source of evil on the Internet, from spam, phishing attacks, virus propagation and denial-of-service attacks to the stealing of financial information and other illegal activity. Does disbanding them raise legal and ethical implications? http://www.securityfocus.com/columnists/398 - - - - - - - - - - Ciscos IPS Exam: Get Your Network Secure Most Cisco security exams are about understanding Ciscos viewpoint on security and how its sales, marketing and products fit within the network. The Securing Networks Using Intrusion Prevention Systems (IPS) security exam is no exception: Its all about Ciscos IPS and Intrusion Detection System (IDS) security products. http://www.it-observer.com/news/6117/ciscos_ips_exam_your_network_secure/ - - - - - - - - - - Seven steps to keep instant messaging secure Instant messaging is a phenomenon that infiltrated corporate America like bedbugs in a flophouse. It burrowed its way into companies a few users at a time, became fruitful and multiplied, and today has become a popular tool for employees to carry on business and, yes, exchange the occasional message with buddies scheduling that night's cocktail hour. http://www.it-observer.com/news/6120/seven_steps_keep_instant_messaging_secure/ - - - - - - - - - - Dermatology websites are the new porn Online image library plagued by 'adult' searches. An online image library intended to help doctors make dermatological diagnoses is being used as a stand-in porn site, according to a study from Johns Hopkins University. http://www.vnunet.com/vnunet/news/2154235/dermatology-websites-porn - - - - - - - - - - 180solutions sponsors Yapbrowser and child porn? My head is swimming and I feel ill. I just read the blogs about 180solutions' latest Yapbrowser, installed from 180's servers no less, that directs all search requests to child porn sites. And this from a company that has made countless claims of cleaning up their act. Oh, but 180 does like to talk about the "long tail" of the internet and "trusting the affiliate model" Excuse me while I get sick. http://blogs.zdnet.com/Spyware/index.php?p=812 - - - - - - - - - - GAO: Feds need governmentwide policies on info sharing More than four years after the Sept. 11, 2001, terrorist attacks, federal agencies still have not standardized processes to share terrorist- related as well as sensitive, but unclassified, information, the U.S. Government Accountability Office said in a report released yesterday. http://www.computerworld.com/securitytopics/security/story/0,10801,110633,00.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2006, NewsBits.net, Campbell, CA.