Wednesday, June 30, 2004

SEC: [INFOCON] NewsBits - 06/29/04

Gmail - [INFOCON] NewsBits - 06/29/04

NewsBits for June 29, 2004

Justices Leave Online Porn Case Unresolved
The Supreme Court today said that a law aimed
at protecting children from Internet pornography
probably violates free-speech rights, but for the
second time the justices sent the case back to a
lower court for a new trial. The court ruled 5 to
4 that a lower court was correct to block the Child
Online Protection Act (COPA). But today's ruling said
the lower court should consider whether technological
advances have made it possible to keep children from
looking at "harmful" material online without
compromising the free-speech rights of adults.
- - - - - - - - - -
Playboy 'hacker' just a shelf-stacker slacker
A Southampton man has been jailed for convincing
legendary 'jazz-mag' Playboy that he'd hacked its
servers. He managed to extort a whole $100 – yes,
that's $100 – from the company, claiming paying up
would stop him selling confidential customer data.
Simon Jones, 25, carried out the attack from his
bedroom at his parents' house in Hampshire, where
he decided to take the billion-dollar company for
the princely sum of around £55. Playboy coughed
up rather than have the crime overlord sell the
details of two of its internet subscribers.
- - - - - - - - - -
A Russian Hacker Stole $15 Thousand
A hacker of Leninogorsk, Russia managed to illegally
withdraw 15,000 of American dollars from accounts
of foreigners and co-citizens. All victims visited
a webpage, submitted by a 16-year-old L. on the
Internet. The page offered visitors web-design,
website creation and support services. Having
completed orders, a young man using a specialized
computer software read all data from credit cards
used to pay him. After that he had access to these
accounts and paid for his orders in other virtual
shops including foreign e-shops. He acted on
a large scale, having visited 82 of such stores.
- - - - - - - - - -
Malicious server halted in wake of mysterious hack
A Russian Web site that had been downloading code
to steal financial information from users has
apparently been shut down, security officials
reported Monday. No one has figures on how many
government or other users may have been affected
by the widely publicized network attack. "Since
Friday, this thing was stopped in its tracks,"
said Oliver Friedrich, senior manager of Symantec
Corp.'s Security Response Group.

Authors of the last viruses are Russians
- - - - - - - - - -
Pop-up program reads keystrokes, steals passwords
Security researchers have discovered a malicious
program that installs itself through a pop-up ad
and can read keystrokes and steal passwords when
victims visit any of nearly 50 targeted banking
sites. The targeted sites include major financial
institutions, such as Citibank, Barclays Bank
and Deutsche Bank, researcher Marcus Sachs
said Tuesday.
- - - - - - - - - -
Serious Fraud Office under fire over electronic eavesdropping rules
Home Secretary David Blunkett should consider
stripping the Special Fraud Office (SFO) of
its powers to engage in electronic eavesdropping,
according to the Chief Surveillance Commissioner.
The proposals are contained in the annual report
to the Prime Minister from the Commissioner,
Sir Andrew Leggatt, who is responsible for
overseeing the controversial Regulation of
Investigatory Powers Act (RIPA).
- - - - - - - - - -
Sevenfold increase in phishing attacks
Online fraud watchers reported nearly 1,200 new
phishing attacks in May, and warned that the
number is rising. The Anti-Phishing Working Group
(APWG), which monitors the internet scams, said
that nearly 40 new attacks were seen every day
in May, representing a 700 per cent increase
since January this year.

Anti-phishing group backs email authentication
- - - - - - - - - -
Adobe targets piracy in Asia
Adobe Systems has stepped up its efforts to curb
piracy in Southeast Asia, including cracking down
on businesses that misuse software licenses.
Raymond Lee, Adobe's group manager for Southeast
Asia, said the company will be driving more
Adobe-centric initiatives to halt the unauthorized
duplication of its software. In the past, he
said, the company relied primarily on the
activities of the Business Software Alliance,
or BSA, an antipiracy organization with members
such as Hewlett-Packard, IBM, Microsoft and
- - - - - - - - - -
Another big Apache hole found
Linux and Unix vendors are releasing fixes for
a critical bug in the popular Web server Apache
that could allow attackers to crash the system
or execute malicious code. The bug affects Apache
1.3.x installations configured to act as proxy
servers, which relay requests between a Web browser
and the Internet. When a vulnerable server connects
to a malicious site, a specially crafted packet can
be used to exploit the vulnerability, according to
security researcher Georgi Guninski, who has publicly
released exploit code.
- - - - - - - - - -
TI teams to hang up cell phone crackers
Chipmaker Texas Instruments and chip designer ARM
are working together to beef up security for handhelds
following the emergence of the first virus to target
cell phones. The two companies, both dominant suppliers
and designers of cell phonechips, are "burying the
security into the hardware" where it's tougher to
get at, Dave Steer, ARM director of segment marketing,
said in an interview Tuesday.
- - - - - - - - - -
Comcast reports 35 percent decline in spam
Cable giant Comcast on Thursday said the volume
of spam originating from its network has dropped
35 percent since it blocked an e-mail loophole
weeks ago. The new data comes after Comcast,
the nation's largest broadband service, earlier
this month began blocking a gateway that spammers
commonly use to send mass volumes of unsolicited
e-mail. Called "port 25," the gateway lets PCs
send and receive e-mail based on SMTP (Simple
Mail Transfer Protocol), the most common
technology for exchanging messages.

VeriSign launches spam-blocking service
America has dirty little secret about spam
- - - - - - - - - -
In Wild West of data mining, a new sheriff?
Even as the government increasingly relies on of data
mining -- scouring databases in search of clues about
terrorism and everyday waste and fraud -- there aren't
clear rules about the practice. Privacy activists say
it's like the wild West, dangerously unregulated. When
the head of the Transportation Security Administration
recently disclosed that four airlines and two reservation
systems shared personal data on passengers without their
consent, privacy activists predictably cried foul.
- - - - - - - - - -
NIST aims to ease XP security setup
Officials at the National Institute of Standards
and Technology hope their new publication will
help simplify the process of setting security
controls on Microsoft Corp.'s Windows XP Professional
operating system. NIST officials, who released
the draft of Special Publication 800-68 this week,
said the recommendations and security configuration
checklists will help federal agencies fulfill their
responsibilities for computer and information
security under the Federal Information Security
Management Act of 2002.

Windows XP Service Pack 2: "A victory for the security guys"
- - - - - - - - - -
Voting software company submits code to NIST
An electronic voting software company has released
source code for a balloting security module to
the National Institute of Standards and Technology.
VoteHere Inc. of Bellevue, Wash., sent the reference
code implementation for VoteHere Technology inside,
or VHTi, to NIST's National Software Reference Library.

Commission proposes options for e-voting
- - - - - - - - - -
What's the New IE Flaw All About?
Here are answers to that and other questions
arising from the latest vulnerability to hit Microsoft's
Web browser. Security experts had been waiting for
a couple of weeks for the shoe to fall. On June 11,
US-CERT, the government-funded computer-security
watchdog at Carnegie Mellon University warned that
a flaw in Microsoft Internet Explorer could allow
a Web site to dump malicious programs onto Windows
computers. The alert was highly unusual because
CERT normally avoids public warnings about
vulnerabilities until patches to fix them
are available.
- - - - - - - - - -
Copy This Article & Win Quick Cash!
Is Bill Gates offering big bucks to track your email?
On the trail of the most forwarded hoax in Internet
history. A few months ago, I received an email that
promised to make me rich. It came from an acquaintance,
Kim Chernin, bearing the suspect subject line "Fwd:
quick cash?" Normally I'd send such spam straight
to the trash, but Chernin - a psychotherapist and
writer - is no fool; so I opened the message and
began to scroll.
- - - - - - - - - -
Cyber-loafing boss sacks office spyware detective
A man who became so frustrated at the extent of
his boss's 'cyber-loafing' has been sacked after
he installed spyware on his employer's computer
to prove it was used for little more than game
playing on a daily basis. And while the aggrieved
employee, Vernon Blake, did indeed prove that his
boss, George Dobbs, spent, on average, 70 per cent
of his time playing Solitaire, amazingly the only
person seriously disciplined in the whole affair
was Blake. He was sacked by the Alabama Department
of Transport while Dobbs received little more than
a written warning.
- - - - - - - - - -
Government denies request for lobbyist list, citing fragile database
The Bush administration is offering a novel reason
for denying a request seeking the Justice Department's
database on foreign lobbyists: Copying the information
would bring down the computer system. ``Implementing
such a request risks a crash that cannot be fixed
and could result in a major loss of data, which would
be devastating,'' wrote Thomas J. McIntyre, chief in
the Justice Department's office for information requests.
- - - - - - - - - -
419ers score football lottery winner
As demoralised England fans look towards the
2006 World Cup in consolation after their exit
from Euro 2004 last week 419ers are looking even
further ahead. The Boys from Lagos have cooked
up a footballing variant of the familiar lottery
ruse in preparation for World Cup 2010, in South
Africa. Not even the beautiful game is safe from
exploitation by these shameless scammers:
Search the NewsBits.net Archive at:
The source material may be copyrighted and all rights are
retained by the original author/publisher. The information
is provided to you for non-profit research and educational
purposes. Reproduction of this text is encouraged; however
copies may not be sold, and NewsBits (www.newsbits.net)
should be cited as the source of the information.
Copyright 2000-2004, NewsBits.net, Campbell, CA.
Asst. Chief Ron Levine (Acting) | Voice (650)949-7339
Foothill-DeAnza College Dist. Police | FAX (650)941-4963
12345 El Monte Road | Pager (888)399-7369
Los Altos Hills, CA 94022 | mailto:rlevine@ix.netcom.com
Visit the Foothill-DeAnza College Dist. Police Web Site at

Information is the currency of victory on the battlefield.
GEN Gordon Sullivan, CSA (1993)

INFOCON Mailing List @
IWS - The Information Warfare Site

To subscribe, change your subscription or unsubscribe go to http://www.iwar.org.uk/mailman/listinfo/infocon/


Post a Comment

<< Home

Get Firefox!