Thursday, June 30, 2005

VOIP: Transforming business, inviting attack

Internet Security Systems (ISS) today announced that Internet Security Systems' R&D - the renowned X-Force - has issued its latest Threat Insight Quarterly (Threat IQ) report featuring the most pressing security issues surrounding voice over Internet Protocol (VOIP).

Supreme Court Decides Grokster Case for Media Industry

The US Supreme Court ruled unanimously against file-sharing service providers Grokster and Streamcast Networks (developers of Morpheus) on Monday, vacating the 9th circuit appeals court summary judgment that found them innocent of secondary copyright infringement.

Jail for Cyber criminals

Two men have been sentenced to a total of 10 years in prison for their roles in a wide range of online fraud activities in the UK.

63% of US companies employ or plan to employ personnel to monitor employee e-mail

Proofpoint's 2005 survey of 332 technology decision-makers at large US companies reveals a growing concern over sensitive information leaving the enterprise through outbound e-mail.

Saturday, June 25, 2005

Utah Bank Caught In Cardsystems Breach

A small bank in Utah is the latest company to become entangled in the controversy over the CardSystems security breach that has put personal data on 40 million cardholders at risk for fraud.

Study Finds Online Banking Use Widespread

According to a Yahoo-commissioned study, a majority ofadults are comfortable monitoring their finances and payingbills over the Internet, while older people remain more cautious. In an online survey of 2,687 people, 64 percent said they check their bank account balances primarily online and 56 percent said they use the Internet as their primary way to check their investment portfolios.

Friday, June 24, 2005

Enjoy the weekend

We wish you all a blessed weekend. Rest, because Monday is going to kick of an existing week for van Gaalen Attorneys...

Wednesday, June 22, 2005

After Two Security Assessments I Must Be Secure, Right?

...Shortly thereafter, your relief turned to concern. "Is it really possible that we are completely secure?" Given you're skepticism, you decide to get one more opinion...

Earthlife goes to court to get Eskom information

The Earthlife Africa case against Eskom – it is demanding that power utility Eskom release its board minutes – has been set down for August 30 in the Johannesburg High Court. ‘This legal case is to review a decision on internal appeal by Eskom to refuse Earthlife Africa access to certain information requested by it in terms of the Promotion of Access to Information Act

Cellphone firms urge competition to be put ahead of regulation

Vodacom and MTN are in agreement for once. Commenting on the proposed Convergence Bill, which aims to introduce a common, technologically neutral platform for a converged industry, they urged government to allow competition rather than regulation to determine the development of the telecommunications sector.

Vodacom warns customers against virus outbreak

Vodacom is warning customers about a virus outbreak called Commwarrior that could affect most phones with Bluetooth and multi-media service functions.

EU ruling favours big IT companies

Large tech companies scored a significant victory this week when a key European parliament committee rejected plans that would have curtailed the ability of tech firms to win patents for their inventions.

Dutch court asked to identify music downloaders

The Brein Foundation, an Internet piracy watchdog, has called on the Dutch judicial authorities to force five Internet service providers to hand over personal data on people downloading music and films on a large scale.

Canada extends copyright law to cyberspace

Canada has amended its Copyright Act in a bid to give greater protection to the recording industry against sharing digital music files. The Bill will also exempt ISPs from copyright liability for providing Canadians with access to the Internet, reports The Globe and Mail. The Bill says explicitly that the ‘making available’ right, which gives the copyright holder the exclusive right to control who gets the material and how, has been extended to cyberspace. The original Copyright Act was not clear on that issue. Copyright holders are to get new rights, including the right to technological protection measures, rights-management information, the ability to control the first distribution of material in tangible form, new moral rights for performances, performers would get reproduction rights, and an adjustment in the term of protection for sound recordings.

Monday, June 20, 2005

'Misleading' autotrader links dropped

The Trading Post, which publishes classified advertising inprint and online, has stopped linking its autotrader Website to the name of a competitor, following an investigation by the Australian Competition and Consumer Commission. NSW Hunter Valley company Stickybeek, which operates a Web site used by businesses in the region for advertising, alleged the Trading Post was misleading Internet users into believing it was associated with Stickybeek's business.

Security breach may hit 40 million credit cards

MasterCard has reported that more than 40 million creditcard accounts of all brands, including 13.9 million MasterCards, may have been exposed to fraud through a security breach at a third-party payment processing company. MasterCard said in a statement that its analysts and law enforcement officials identified a security hole at CardSystems Solutions, a company based in Tucson, Arizona,that processes more than $15 billion in Visa, MasterCard,American Express, Discover, online debit and electronic transfer transactions a year for small to midsize merchants and financial institutions.

Sunday, June 19, 2005

Security risks of USB flash drives are ignored, says survey

Insecure hi-tech devices such as USB flash drives and media players are being used in 84% of companies, but little is being done to address the information security risks that they present, according to a survey by Pointsec.

Friday, June 17, 2005

UK warns of e-mail hacker attacks

A well-organized group of hackers has engaged in an"industrial scale" attack designed to cull commercially and economically valuable data from vital computer networks across Britain. In one of its most high-profile warnings about sophisticated electronic attacks, the normally secretive National Infrastructure Security Coordination Center said hackers believed to be from Asia have targeted parts of the country's "critical national infrastructure."

Phishing complaints double in Australia

According to the Australian Securities and Investments Commission, the number of people complaining about falling victim to or being targeted by a phishing scam has doubled in Australia over the past few months. ASIC commissioner Professor Berna Collier she feels the issue is accelerating so fast that a general warning to raise awareness is necessary.

YAHOO launches search of "Deep web"

Yahoo began testing a service yesterday that allows people to perform simultaneous searches for information contained within subscription-based Web sites. While most search engines crawl the Web and troll freely accessible sites, they cannot get into much of the so-called deep Web, vast amounts of data stored within paid and password-protected sites. Yahoo Search Subscriptions will allow search access to seven different subscription Web sites simultaneously, including the Financial Times and The Wall Street Journal Online.

UK Employers told to report Child Porn Downloads

UK police have urged companies to report staff caught downloading child abuse images from the Internet. The deputy director general of the National Crime Squad reassured employers that they need not fear prosecution as long as they promptly informed the police about any indecent images of children stored on their computer network.

E-Commerce thrives amid Phishing fears

The Cyber Security Industry Alliance reports that while consumers' concern over phishing and pharming attacks is leading some to curtail their online shopping, e-commerce still continued to rise this year. Nearly half of voters surveyed in the US last month said fear of identity theft was keeping them from conducting business online.

Court rules false claimes in an email body falls outside Can-Spam

A federal court in Idaho has ruled that the CAN-SPAM Act doesnot supply a cause of action for false information includedin the body of an allegedly unsolicited e-mail message. Thecourt concluded that the anti-spam law only covers falseinformation in email headers, not the text of the email.

Wednesday, June 15, 2005

VOIP provider targets SMEs

An international voice over IP (VOIP) provider is set to target SA's SME market with an offering of cheap Internet telephony.

Fraudsters use iPods to steal corporate data

Anti-fraud experts warn that Apple iPods, along with other music players that boast hard drives with up to 20 Gbytes of memory, could become widely used by employees to fool security officials and breach data security rules. In one case a recruitment agency found much of its client database had been copied to an iPods's memory and used to defraud the firm.

VOIP will indeed take-off in SA

Contrary to reports that VOIP take-up will be slow, implementations in corporate SA will gather momentum and VOIP will become a high growth and lucrative market, says Jaco Voigt, DataPro operations executive.

No redraft for Convergence Bill

The Department of Communications and MPs have rejected suggestions that the Convergence Bill should be redrafted

UK may extend Electronic Commerce Directive protection

The UK is seeking views on whether the protection given to ISPs under the Electronic Commerce Directive should be extended to cover providers of search engines, providers of keyword advertising services, and content aggregators.

Sarbonese-Oxley causes confusion in US IT sector

A report in CNET News examines the impact of the Sarbanes-Oxley Act and questions whether relief from the onerous provisions of the legislation is on the way. The Act, passed by Congress in the wake of scandals such as the Enron debacle, has caused confusion and been expensive for the IT sector. An absence of clear guidance from government officials or auditing firms about the anti-fraud law has meant that IT personnel have felt compelled at times to go to extremes, said one IT expert. Some IT departments seem to have responded to the law, commonly known as SOX, by documenting a wide range of activities, including apparently trivial ones. However, new official guidance was issued last month in a bid to clarify what needs to be tested when it comes to ‘general IT controls’. General IT controls include controls over program development, program changes and access to programs and data.

P orn is biggest IT abuse for British public servants

What is the biggest IT abuse across public services in the UK? Answer: The downloading of p ornography, according to public spending watchdog, the Audit Commission. The Times reports that according to the commission, downloading of p orn now represents nearly 50% of all cases of IT abuse. The commission has called for software to be installed urgently in all public sector computers to prevent users from accessing p ornographic sites. It gives warning that once staff gain access to some of these Web sites they can be tempted into more dangerous and illegal areas such as child p ornography.

Thursday, June 09, 2005

While companies scramble tp protect personal data

The NY Times reports on the increased corporate urgency to protect sensitive data with a move toward transferring such information via secure networks. The article focuses on the recent CitiFinancial case.

And increase their email monitoring

A new study has found that 63 percent of corporations with1,000 or more employees either employ or plan to employstaff to read or otherwise analyze outbound e-mail. Thereport, released Monday by e-mail security specialistProofpoint, said 36.1 percent of companies employ staff tomonitor e-mail today, with another 26.5 percent saying theyintend to employ such staff in the future.

Tuesday, June 07, 2005

Citifinancial loses consumer data on nearly 4 million people

CitiFinancial, the consumer finance division of Citigroup,said yesterday it has begun notifying 3.9 million UScustomers that computer tapes containing information abouttheir accounts -- including Social Security numbers andpayment histories -- have been lost. Citigroup said thetapes were lost by the courier UPS in transit to a creditbureau.

Monday, June 06, 2005

Group seeks to define spyware

Makers of anti-spyware software are taking another shot atcreating a definition of spyware, this time with help from consumer organizations. A new group, tentatively named the Anti-Spyware Coalition, plans to publish proposed guidelines later this summer that define spyware, best practices for desktop software development, and a common lexicon.

Phishers widen net by targeting Credit Unions

Phishers are widening their net to take in credit unions,according to a new report by the Anti-Phishing WorkingGroup. While most of the fraud schemes still focus on bigbusinesses such as major banks, smaller financial companiesare increasingly being hit.

The battle for the soul of the internet

Elliot Noss, the CEO of Tucows, writes an interestingeditorial highlighting the current battle over Internetgovernance. Noss is strongly in the ICANN camp, arguing thatif the U.N. and the ITU were successful in gaining control,it is not difficult to envision a Balkanization of theInternet as whole portions of the Internet decide they didnot want to rely on the U.N. and the ITU for their singleauthoritative root.

Microsoft agrees to give rivals access to software

Microsoft has agreed to give rival software firms freeaccess to some of its software codes and full operability onits Windows-based servers, European regulators said Monday.The announcement is part of Microsoft's last-ditch effort tomeet a June 1 deadline set by regulators to comply with lastyear's antitrust ruling.

Sunday, June 05, 2005

UK Lawmakers pass internet 'Grooming' law

A bill to clamp down on paedophiles grooming children on theInternet has been passed by MSPs in the UK. The Protectionof Children Bill will make it an offence to set up meetingswith under-16s via Internet chatrooms and carry a maximum10-year sentence.

Dell aplogizes for Sales Rep's E-mail disapproving Lenovo

Dell says it will take disciplinary action as appropriateagainst a US-based salesperson who sent an e-maildiscouraging former IBM clients from buying Lenovo products.Last year, IBM sold its personal computer business to LenovoGroup Ltd., which is partially owned by the Chinesegovernment.

Thursday, June 02, 2005

Commission to restrict data retention proposals

The European Commission is shortly to put forward proposals for EU data retention legislation that will limit the retention period to one year, announced the Information Society and Media Commissioner Viviane Reding.

APWG pools data to trap Phishers

The Anti-Phishing Working Group is coordinating efforts tobuild a central repository for phishing data, to betterprotect Internet users and help catch cybercriminals. Thegroup has expanded its simple list of phishing scams into adatabase that can be used for analyses and to shareinformation with members. Additionally, a standard XML formhas been created to facilitate the submission of data onattacks to the organization.

Four Major French Banks hit with simultaneous phish scam

Four major French banks have issued warnings to their clients after Internet fraudsters made a simultaneous attempt to gain access to confidential customer information.BNP Paribas, Societe Generale, CCF and CIC all issued warnings to their clients via their websites after the massive attempted fraud on Friday which police are investigating.

Australian Regulator issues net Codes of Conduct

The Australian Broadcasting Authority has issued newInternet and mobile content guidelines which will ban thedistribution of adult videos to mobile phones in Australia.The three codes - one for Internet content hosts and two forInternet service providers - were developed by the InternetIndustry Association. They replace the previous codes,registered by the ABA in May 2002

French class action suit launched over DVD copy protection

A group of French attorneys have filed suit against six of France's leading audio-visual sector firms, claiming that the use ofanti-copy technology on DVDs violated consumers' right to make private copies for personal use. The complaint is largely based on a French appellate court's recent ruling that the use of anti-piracy technology to protect DVDs from unauthorized copying usurps consumers' right to make personal copies.

WIPO recommends new regulation for new gTLD registrations

WIPO has recommended the introduction of a uniform IPprotection mechanism designed to further curb unauthorizedregistration of domain names in all new generic Top-LevelDomains (gTLDs). The proposal says that new gTLDs would berequired to offer IP owners the option of registering theirprotected identifiers during a specified period beforeopening registration to the general public. In sponsored orrestricted gTLDs where IP owners may not be eligible toregister domain names, IP owners could instead be given theoption of obtaining defensive registrations during thisinitial period.

Wednesday, June 01, 2005

EC figure accuses IT Giants of exploiting Open Source

Jesus Villasante, a senior figure at the EuropeanCommission, has launched an outspoken attack on severalmajor American IT firms, accusing them of exerting too muchinfluence on the progress of the open-source community.Villasante said that big companies such as IBM, HP, and Sunare just using the open-source community as subcontractorsrather than encouraging the community to develop independentcommercial products.

SMS leads to damages...in South Africa

In the first case of its kind to come before the Durban Equality Court a white woman was found guilty of hate speech and unfair discrimination (based on an SMS message) and ordered to pay financial damages to a black complainant...