NEWS - October 28, 2005

The U.K.'s National Hi-Tech Crime Unit (NHTCU) has been raising funds for its latest Get Safe Online initiative by signing up security and online fraud experts willing to pay between

Consumer Reports WebWatch reported that "some computer users are cutting back on time spent surfing the internet". Twenty-five percent reported that they do not purchase items online anymore, and 80% say they're "at least somewhat concerned someone could steal their identity from personal information on the internet" and have stopped providing such information inline.

http://www.wired.com/news/business/0,1367,69365,00.html

Interest is growing in open source databases, in part due to security concerns. Evans Data surveyed 400 industry database administrators and found that use of the open source database software MySQL increased over 25% in six months and 44% of developers are now using it. Respondents said security was an important part of database development. Only 9% of those using open source reported a security breach within the last year, but 85% said proprietary database server data was compromised at least once in the last year. This situation may be similar to that of Firefox, which was relatively immune to attack until it gained enough users to draw the attention of both vulnerability researchers and hackers. Some believe the open source community can respond more quickly to vulnerabilities than can developers of proprietary software, but only time will tell if such is the case.

http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1137482,00.html

The problems that beleaguer the old internet are appearing again in newer technologies known collectively as Web 2.0, a term coined by O'Reilly Media Vice President Dale Dougherty to describe post-dot-com sites and services that use the web as a platform - such as Flickr, BitTorrent, tagging and RSS syndication. Proponents say Web 2.0 has been better engineered to withstand the troubles that wrecked Usenet, BBSes and free e-mail, but misuses abound, such as splogging and manipulation of Google rankings. Some decry the open media movement, saying it is driving out traditional, quality-controlled media. Wikipedia has been singled out for criticism because its content is uneven, but founder Jimmy Wales says they are working on a reviewing scheme that should address quality and reliability. Flickr co-founder Stewart Butterfield says the key is to make a system easier to fix than it is to deface.

http://www.wired.com/news/technology/0,1282,69366,00.html

The Cyber Security Industry Alliance (CSIA), the only public policy and advocacy group dedicated exclusively to cyber security, today announced its support of the final, consensus definition of spyware and new Risk Modeling Guidelines released today by the Anti-Spyware Coalition (ASC). In addition, the Alliance renewed its call on Congress to pass legislation to ensure those that propagate spyware are penalized and that security vendors working to safeguard their customers from spyware are not subjected to frivolous lawsuits.

The ASC risk modeling document outlines the objective criteria anti-spyware vendors use to determine whether to identify a piece of software as "spyware." The document, which goes into considerable technical detail about the specific behaviors and consent factors that make certain technologies risky, will help users better understand how the products that protect their computers work, as well as offering anti-spyware companies guidelines for their own proprietary rating processes, while still encouraging innovation for anti-spyware technologies.

More in https://www.csialliance.org/news/press/pr102705.pdf (requires PDF viewer) or http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/10-27-2005/0004197610&EDATE=

By Reuters
Published: October 28, 2005, 3:58 PM PDT

LONDON--Three Romanian fraudsters were jailed on Friday in London for a worldwide fraud carried out via Internet auction house eBay which netted at least 300 pounds, or $532,000.

Some 3,000 victims from as far away as the United States and South Korea were snared by the trio in a scam involving crime bosses in Romania and which police fear continues to this day.

Judge Duncan Matheson sentenced Nicolae Cretanu, 30, to 3 1/2 years and his wife Adriana Cretanu, 23, and their accomplice George Titar, 26, to 30 months each.

"This was on any showing a major and sophisticated fraud," Matheson told the Romanians as they stood in the dock at Middlesex Guildhall Crown Court.

Between 2003 and 2005, the three had played a major role in the fraud which worked by operating bogus auctions for consumer goods ranging from scooters to military memorabilia.

more here
http://news.com.com/Sophisticated+eBay+fraudsters+jailed+in+Britain/2100-7349_3-5920546.html?tag=html.alert

By Joris Evers
Staff Writer, CNET News.com
Published: October 28, 2005, 2:33 PM PDT

A worm found spreading via America Online's Instant Messenger is carrying a nastier punch than usual, a security company has warned.

The unnamed worm delivers a cocktail of unwanted software, including a so-called rootkit, security experts at FaceTime Communications said Friday. A rootkit is a tool designed to go undetected by the security software used to lock down control of a computer after an initial hack.

"A very nasty bundle is downloaded to your machine" when you click on the worm link, said Tyler Wells, senior director of engineering at FaceTime. "This is the first time that we have seen a rootkit as part of the bundle of applications that is sent to your machine. It is a disturbing trend."

IM worm and malicious code attacks are happening more than ever before. The number of threats detected for instant-messaging and peer-to-peer networks rose 3,295 percent in the third quarter of 2005, compared with last year, according to a recent report from security provider IMlogic.

more here
http://news.com.com/AIM+worm+plays+nasty+new+trick/2100-7349_3-5920403.html?tag=html.alert