11/5/2005

Online Auto Sales Scammers To Jail

Filed under: — Aviran Mordo

An Ohio federal court on Friday sentenced a pair of Internet fraudsters to more than a year in jail for an online car sales scam involving nearly 30 victims.

Christopher Sean Justin of Fayetteville, N.C., and April Bates of Gulfport, Miss., took in more than $60,000 in the scam over a four-month period that ended in February, the U.S. Department of Justice said.

The two traveled the country, advertising cars for sale on various auto-related Web sites. Once they collected payments, usually cashiers checks, the pair would cash the money and leave town without delivering any vehicles.

It appears Justin had tried to play upon his victims’ sympathies. He claimed to be in the military and said he was trying to sell the cars before being shipped overseas, according to the court.

Justin and Bates were arrested in February by highway patrol officers near Georgetown, Colo., after the FBI agents issued an arrest warrant. Both later pleaded guilty to conspiracy to commit mail fraud and wire fraud.

Justin has been sentenced to 18 months in prison followed by three years of supervised release. Bates must serve 15 months in jail, and the two are ordered to repay their victims.

Source: ZDNet

Unsecured Wi-Fi Would Be Outlawed By N.Y.

Filed under: — Aviran Mordo

According to a new proposal being considered by a suburb of New York City, any business or home office with an open wireless connection but no separate server to fend off Internet attacks would be violating the law.

Politicians in Westchester County are urging adoption of the law–which appears to be the first such legislation in the U.S.–because without it, “somebody parked in the street or sitting in a neighboring building could hack into the network and steal your most confidential data,” County Executive Andy Spano said in a statement.

The draft proposal offered this week would compel all “commercial businesses” with an open wireless access point to have a “network gateway server” outfitted with a software or hardware firewall. Such a firewall, used to block intrusions from outside the local network, would be required even for a coffee shop that used an old-fashioned cash register instead of an Internet-linked credit card system that could be vulnerable to intrusions.

Scott Fernqvist, special assistant to the county’s chief information officer, said Friday that he thought “the law would apply” to home offices as well.

Source: News.com

Researchers Developed HIV Test On A Chip

Filed under: — Aviran Mordo

A new HIV test the size of a credit card promises to diagnose the disease in minutes rather than weeks, and could be deployed in sub-Saharan Africa as early as next year.

The device could solve one of the vexing problems of AIDS treatment in underdeveloped countries, where patients are not within easy reach of medical facilities. By providing an on-the-spot diagnosis, doctors hope to close the gap between test and treatment, and prevent known cases from slipping through the cracks.

The technology is similar to “blending digital camera technology with the brains of a Palm Pilot,” says Dr. Bruce Walker, director of AIDS research at Harvard Medical School. Walker is part of a team of scientists at Harvard and the University of Texas at Austin who developed the sensor system. In tests, it has detected the amount of CD4 cells in the blood in as little as 10 minutes. The CD4 count indicates the stage of HIV in a patient, and helps doctors determine the best treatment and how much of it to administer.

Source: Wired

XML-RPC Attack Affects Blog Systems

Filed under: — Aviran Mordo

There are reports on an attack exploiting xml-rpc for php vulnerability.

xml-rpc for php is used in a large number of popular web applications such as PostNuke, Drupal, b2evolution, Xoops, WordPress, PHPGroupWare and TikiWiki. When exploited, this could compromise a vulnerable system (complete list of vulnerable systems).

An attacker may exploit this issue to execute arbitrary commands or code in the context of the Web server. This may facilitate various attacks including unauthorized remote access.

XML-RPC for PHP 1.1 and prior versions are affected by this issue. Other applications using this library are also affected.

The security web site Secunia rates this vulnerability as Highly critical.

Most of the affected systems have put out a pach to fix this problem (complete list)

Powered by WordPress