NewsBits for April 27, 2006 ************************************************************ Aetna says laptop with member data stolen Health insurer Aetna on Wednesday said a laptop computer containing personal information on about 38,000 of its members was stolen from an employee's car. The data includes names, addresses and Social Security numbers, spokeswoman Cynthia Michener said. No personal banking information or health claim data was on the laptop, she added. http://news.zdnet.com/2100-1009_22-6066078.htmls - - - - - - - - - - MasterCard security breach hits Morgan Stanley But company still refuses to reveal scale or source of the credit card hack... Morgan Stanley customers in the UK are the latest to have been hit by a major security breach that has resulted in thousands of MasterCard credit card details being stolen by fraudsters. http://software.silicon.com/security/0,39024655,39158448,00.htm - - - - - - - - - - Local businessman may be UT hacker victim A Central Texas businessman says someone stole $15,000 from his bank account and a University of Texas hacker may be to blame. Personal information from about 200,000 people associated with UT's McCombs School of Business was accessed illegally this month. UT officials said the breach begain as early as April 11. http://www.kvue.com/news/local/stories/042606kvuehackervictim-cb.73c093e4.html - - - - - - - - - - New York man sentenced for sending threats to top eBay officials United States Attorney Kevin V. Ryan announced that a New Yorkman, Florin Horicianu, was sentenced to a total term of ten months, including five months in prison and five months of electronic monitoring for his convictions to two counts of transmitting threatening interstate communications to two eBay officials. http://sanfrancisco.fbi.gov/dojpressrel/2006/sf042606.htm - - - - - - - - - - Sentences handed down in child porn, embezzlement cases A sex offender who pleaded guilty to possessing child pornography on his computer was sentenced Tuesday to 25 years in federal prison. Pryse Samuel Walters entered into a plea agreement with the government that will allow his federal prison term to run concurrent with a state prison sentence he is serving. http://www.zwire.com/site/news.cfm?newsid=16533873&BRD=1994&PAG=461 - - - - - - - - - - Painter jailed for child porn UNIVERSITY student Stuart Painter has been jailed for six months for downloading and distributing pornographic pictures of young boys. Painter, 22, of Beanacre Road, Melksham, who was cleared in February of helping hide evidence linked to the murders of Roy and Joan Clarke, was sentenced at Bristol Crown Court today. http://www.thisiswiltshire.co.uk/display.var.742927.0.painter_jailed_for_child_porn.php - - - - - - - - - - Child porn surgeon to keep working A 44-year-old surgeon found with 147 images of child pornography on his home computer will be allowed to continue practising but with restrictions. Dr William Joseph Fitzgerald of Mackay in north Queensland today faced a disciplinary hearing of the Medical Practitioners Tribunal in Brisbane charged with unsatisfactory professional conduct. http://www.thesundaymail.news.com.au/common/story_page/0,5936,18945791%255E421,00.html - - - - - - - - - - Man, 54, arrested for downloading child porn A Petaluma man was arrested Tuesday after an eight-month investigation into allegations that he downloaded child pornography images from the Internet onto his computer, said Special Operations Lt. Danny Fish of the Petaluma Police Department. http://www.arguscourier.com/news/news/pornarrest060426.html - - - - - - - - - - Cop-poser charged with child porn A man who had allegedly posed as a Knoxville Police Department officer on the Internet while receiving and storing child pornography was arrested Wednesday, authorities said. Bradley Nelson Leonard, 33, was arrested on an indictment charging him with especially aggravated sexual exploitation of a minor and sexual exploitation of a minor, said KPD spokesman Darrell DeBusk. http://www.knoxnews.com/kns/local_news/article/0,1406,KNS_347_4652439,00.html - - - - - - - - - - Army Moving to Secure Data at Afghan Base After reports of thefts, the chief of staff says troops are being trained in the proper use and protection of computer memory drives. The Army's chief of staff said Wednesday that he was frustrated by security lapses at Bagram air base in Afghanistan that led to the loss of potentially sensitive data, and that the military must learn how to be more careful with new technology. http://www.latimes.com/technology/la-fg-drives27apr27,1,4679566.story - - - - - - - - - - Trojan horse freezes computer, requests ransom A new kind of malware circulating on the Internet freezes a computer and then asks for a ransom paid through Western Union Holdings Inc.'s money-transfer service. A sample of the Trojan horse virus was sent yesterday to Sophos PLC, said Graham Cluley, a senior technology consultant at the U.K.-based security vendor. http://www.computerworld.com/securitytopics/security/story/0,10801,110923,00.html - - - - - - - - - - AV firms rubbish MS Vista security claims Infosec Anti-virus firms at Infosec say they expect Vista and IE7 to change nothing for the industry. Microsoft used its presence at the show to laud the security features they've been busy building in the the upcoming software. http://www.theregister.co.uk/2006/04/27/av_on_ms/ - - - - - - - - - - IT security checklist focuses on consequences of breaches A small office of the Homeland Security Department has released a draft cybersecurity checklist intended to help enterprises focus on the real- world consequences of security breaches. http://www.gcn.com/online/vol1_no1/40564-1.html - - - - - - - - - - 47 Million Computers Are Transformed Into Bots Security experts at MicroWorld Technologies urges computer users around the world to take note of a recent study which revealed that a startling 47 million computers are transformed into botnets and zombies, controlled by many botmasters. http://www.it-observer.com/news/6184/47_million_computers_are_transformed_into_bots/ - - - - - - - - - - Better organization, focus needed for cybersecurity The government needs to establish clear lines of authority and clarify responsibility for an effective national information assurance policy, former presidential adviser Paul Kurtz said Thursday. "We have a growing body of law and regulation bearing on information security," Kurtz said at the GovSec conference in Washington. But, "we are not ready for a major disruption of the information infrastructure today, and we have a long way to go to get there." http://www.gcn.com/online/vol1_no1/40570-1.html - - - - - - - - - - Schneier: ID cards will worsen ID theft Security expert Bruce Schneier has slated the UK's ID card scheme, saying that not only will it not solve e-crime, it will also make ID theft worse. The security guru told ZDNet UK on Wednesday that the risks of implementing a centralised ID card scheme were "severe", with little return on the investment required. http://news.zdnet.co.uk/internet/security/0,39020375,39265743,00.htm - - - - - - - - - - 'Your borders are porous', IT pros told Infosecurity 2006: Security professionals overwhelmingly agreed that network border security is becoming an anachronism. Security professionals have been advised to accept that organisations' perimeters are now open, and to start designing future systems architecture to account of this. http://news.zdnet.co.uk/internet/security/0,39020375,39265750,00.htm - - - - - - - - - - Early days of dial-up hacking recalled The last day of Infosec brought nostalgia for the old days of hacking. Robert Schifreen, the ex-hacker and author famous for breaking into Prince Phillips' Prestel account 20 odd years ago, recalled a more innocent age during his stint chairing a hackers panel. http://www.theregister.co.uk/2006/04/27/infosec_blog_six/ - - - - - - - - - - Mobile malware - its only the start The next couple of years will see mobile security rise higher and higher up the security agenda. Initially, mobile malware was specifically aimed at smartphones. http://www.it-observer.com/articles/1122/mobile_malware_its_only_start/ - - - - - - - - - - Warnings over USB memory sticks Smart phones, iPods and USB memory sticks are posing a real risk for businesses, warn security experts. Just over half of companies take no steps to secure data held on these devices, found a UK government-backed security survey. http://news.bbc.co.uk/2/hi/technology/4946512.stm http://www.it-observer.com/news/6185/usb_negligence_threatens_uk_firms/ - - - - - - - - - - PIV cards on the horizon Six months from the deadline for issuing interoperable smart federal ID cards, standards and specifications are in place. Now the heavy lifting is about to begin. "Now we face the daunting task of meeting the presidential requirements," Judith Spencer, chairwoman of the Federal Identity Credentialing Committee, said Thursday at the GovSec conference in Washington. http://www.gcn.com/online/vol1_no1/40573-1.html - - - - - - - - - - Security pros give VoIP the brush-off Infosec Delegates at Infosec gave a resounding dismissal to a motion supporting VoIP deployment. The debate, this house believes that the business advantages of VoIP outweigh the security concerns ended in a fairly unanimous thumbs down, which implied security professionals don't think the technology is ready for big money corporate rollouts. http://www.theregister.co.uk/2006/04/27/infosec_voip_debate/ A Proactive Approach to VoIP Security http://www.it-observer.com/articles/1121/a_proactive_approach_voip_security/ - - - - - - - - - - BitLocker gives dual-boot systems the elbow Security features introduced in Windows Vista will make setting up PCs to boot in either Linux or Windows far more difficult, according to security guru Bruce Schneier. Vista is due to feature hardware-based encryption, called BitLocker Drive Encryption, which acts as a repository to protect sensitive data in the event of a PC being either lost or stolen. http://www.theregister.co.uk/2006/04/27/schneier_infosec/ - - - - - - - - - - PKI doesnt have to be perfect to be worthwhile Nobody ever said implementing a public-key infrastructure would be easy, but a pair of experts at the 2006 International Conference on Network Security said last week that using PKI is often harder than it needs to be. http://www.gcn.com/print/25_9/40506-1.html - - - - - - - - - - VeriSign enterprise security tool comes to Europe VeriSign has launched a service to help large European companies secure their networks and systems. Secure Risk Profile Service (SRPS) was first unveiled in the US last month and is now available to companies across Europe. http://software.silicon.com/security/0,39024655,39158428,00.htm - - - - - - - - - - Insight into UK's digital habits The survey assessed digital take-up of TV, radio and internet. Internet take-up and use is now higher in rural areas of the UK than in big cities, according to a survey of regional communication habits. http://news.bbc.co.uk/2/hi/technology/4949752.stm - - - - - - - - - - Your Thoughts Are Your Password What if you could one day unlock your door or access your bank account by simply "thinking" your password? Too far out? Perhaps not. Researchers at Carleton University in Ottawa, Canada, are exploring the possibility of a biometric security device that will use a person's thoughts to authenticate her or his identity. http://www.wired.com/news/technology/0,70726-0.html - - - - - - - - - - Why No One Can Beat Spam "Technology solutions can only go so far," said John Mozena of the Coalition Against Unsolicited Commercial E-Mail. "It's not like the Internet is broken and these messages go out automatically. Human beings send them, and despite the atrocious spelling most of them use, often they're very canny people." http://www.newsfactor.com/story.xhtml?story_id=1230000359LO - - - - - - - - - - Soweto's dreadlocked hacker pushes free software Kgabo Sepuru says he's passionate about freedom, and it shows. He's been a software developer for nearly 15 years and is one of the driving forces behind free and open source software in South Africa's most famous apartheid-township, Soweto. http://www.tectonic.co.za/view.php?id=978 *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2006, NewsBits.net, Campbell, CA.