US federal court officials are warning that hackers are emailing fake subpoenas that contain malware to corporate executives in an effort to steal private corporate data.

Thousands of top US executives have received the fraudulent emails that contain web links which, when clicked on, install malware on the user’s PC, letting hackers take control of the computer to steal passwords or other private information.

Web security professionals refer to these types of attacks as “whaling” because they use social-engineering gimmicks involved in “phishing” but target “big phish” rather than going after the masses of Internet users.

Websense Security Labs manager Stephan Chenette said the success rate has been extremely high and that it is, “Most likely due to the nature of the content and the real data, the emails had their exact names and legal language in there that made it seem like a serious subpoena.”

The fake subpeonas are written using official seal of the US federal court in San Diego, California, and are addressed to executives using their names, addresses and other personal information.

Clicking on the included link to view the “subpoena” brings up a realistic-looking legal document and secretly installs malicious computer software on the reader’s computer that can read keystrokes and sends the information to a computer over the internet, enabling hackers to steal passwords as well as other sensitive financial information.

Subpoenas in the US are usually served in person to assure judges that court orders have been personally received by the people named.

Federal investigators believe the hackers are unfamiliar with the US court system since the website executives are directed to use is a “uscourts.com” domain while actual court website addresses typically end with “.gov.”

Police believe that certain aspects of writing in the emails appear to be British.

Some of the targets have been executives at CitiBank, America OnLine and Ebay.

Source: Yahoo.com

Washington D.C. is attempting to build a city-wide surveillance system that would bring together thousands of city-owned video cameras, but city officials don’t yet have the money to complete the network or privacy rules in place to govern its use.

The security system will conduct 24/7 monitoring of public camera systems run by nine city departments. The first phase will bring together about 4,500 cameras trained on schools, public housing, traffic and government buildings that will feed into a central command office in the Washington D.C. Homeland Security and Emergency Management Agency.

Hundreds of additional security cameras will be added within the year.

By bringing all of these surveillance images together in one department, city officials hope to improve public safety and emergency response times.

The large D.C. surveillance system shows just how public security cameras have grown in use since the Sept. 11, 2001, terror attacks. By the fall of 2008, Washington D.C. will have installed approximately 5,600 security cameras, which is about triple the number it had in 2001.

Other cities have increased their use of public security cameras as well. New York plans to use a network of 3,000 public and private security cameras to monitor Lower Manhattan. Chicago’s emergency management office will soon be using more than 6,000 video cameras in schools, police other city departments.

U.S. cities, as well as Washington D.C. government departments, have varying regulations on the use of security cameras.

Washington D.C.’s attorney general’s office is currently working on a public policy to protect privacy rights, but it will not be finished by the time the surveillance system is implemented, said Darrell Darnell, head of the city’s homeland security department. Each city agency involved will follow their own rules in the interim, he said. Policies vary on such matters as how long images are kept.

In the past, courts have ruled that people have no right to privacy in public places. However, civil libertarians and some security professionals are concerned about who is watching the electronic eyes and how long they store the electronic images.

“If you’re just saving it, at some point, this stuff is going to be posted to YouTube,” said Frank Baitman, president of Petards Inc., a maker of video security systems.

Issues also can arise when security cameras are installed for one purpose and then used for another unintended reason. One example occurred in Tacoma, Wash., last year, when a high school official showed parents video images of their daughter kissing another girl.

The D.C. surveillance system will have between three to five operators watching footage from the cameras during eight-hour shifts. By the end of 2008, video analytic software will be installed that can alert operators to potentially dangerous events.

Baitman, the security expert, questioned whether that size staff could prevent crime, observing, “There’s no way you could have someone watching 1,500 cameras, even with video analytics, and identify crimes.”

Source: Washington Post

Internet statistics show that people “Google” a person’s name around 50 million times per day.

Atlanta resident Brandyn Briley is a frequent “Googler”. She uses various web search engines like Google and Yahoo to lookup information on potential clients, her children and even herself.

Web 2.0 sites like Naymz.com and Ziggs.com now give people like Briley a tool to keep track of when another person is doing a web search on them.

Tim Demello, from Ziggs.com, says, “What it does for the individual is it really gives them a strong sense of who is out there tracking them.”

Demello compares the Ziggs technology to caller ID for the world wide web.

Whenever a person searches for and clicks on a Ziggs.com profile, the site sends the profile owner an email alert, detailing the searcher’s location, the web search engine that was used, and the search phrase that the person used to find the profile.

Demello noted, “If someone types their name into Google, we track that through and send them a real time e-mail saying you are being searched from Chicago at 8:52 on a Friday.”

Ziggs can trace web searches of its users’ profiles down to the street and block level.

However, Ziggs won’t give you information about the name or address of the person doing the searching.

Demello said, “We don’t provide the name of the person searching, and the primary reason is that we believe very strongly in privacy.”

Source: CBS46.com

Cell phones and digital cameras, along with a sense of public duty, are propelling a new form of citizen “snitching” that some are calling “cyber snitching.”

This troubles some privacy experts, who are concerned that a sense of civic duty could quickly degenerate into a loss of personal privacy.

One example cited involves bystanders, who willingly turned over their cellphone videos and digital photos to help Montreal police identify and arrest hockey rioters last week. It was the most recent example of public citizens helping the police do their work.

Anie Lemieux, spokeswoman for Montreal police, observed: “We often say the public’s eyes are police eyes.”

However, Richard Rosenberg, professor emeritus of computer science at the University of British Columbia, said there is a slippery slope between justified and invasive involvement.

The incident in Montreal struck Rosenberg as an example of turning the general population into a branch of the police, where neighbours and people you don’t even know are snooping and spying on one another to see if there’s something the police might be interested in.

Mr. Rosenberg is also the president of the British Columbia Freedom of Information and Privacy Association.

Source: Canada.com

A New Jersey state appellate court has upheld a public records fee of $1,900 for government records that were requested by a freelance journalist because several attorneys were needed to assist with the request.

Journalist Janon Fisher fought the fee, but the court decided that the charge was reasonable. The court said the state Attorney General’s Office had legitimate reasons for assigning five attorneys to collect and review the public records that were requested.

In a 3-0 decision, the court panel wrote that the Attorney General’s office “reasonably determined that those attorneys could identify the records responsive to the OPRA request and any privileged parts of those records more expeditiously and reliably than clerical staff.”

New Jersey state attorneys spent 52.5 hours to search and review thousands of e-mail communications and other state records to locate the requested documents. The total cost to fill the public records request was $1,877.93. The cost of the public records request was determined by multiplying the total hours by the hourly wage of the lowest-salaried deputy attorney general, which is $35.77 an hour.

The appellate court panel found that in addition to copying costs, New Jersey’s Open Public Records Act allows for a public agency to impose a “special services charge” if production of the records involves “an extraordinary expenditure of time and effort.”

New Jersey state attorneys said that Fisher’s records request took the state nearly two years to complete and included the review of more than 15,000 emails and electronic files.

Source: NewsDay.com

Microsoft has developed a small computer tool that police can use to easily pull forensic data from computers used in crimes.

The device is called COFEE ( Computer Online Forensic Evidence Extractor ) and it is a USB “thumb drive” that has been tested by a small group of law-enforcement agencies since June 2007.

COFEE contains 150 software commands that cut the time required to gather computer evidence. Computer forensics is becoming more important in both real-world crime, as well as cybercrime. The tool can also break passwords; analyze a PC’s internet activity and other computer activities.

COFEE also eliminates the need to seize an entire computer, which typically involves disconnecting it from a network, turning off the power and possibly losing electronic data in the process. The portable device allows investigators to can scan PC’s for evidence on site.

More than 2,000 police officers and investigators around the world are using the tool, which Microsoft is providing for free.

Lisa Johnson, head of the Special Assault Unit in the King County Prosecuting Attorney’s Office said, “So many of our crimes today, just as our lives, involve the Internet and other digital evidence,” further noting that “A suspect’s online activities can corroborate a crime or dispel an alibi.”

Source: nwsource.com

Last Wednesday the FBI made a public request for new laws that would give federal police increased powers to monitor “illegal activity” on the internet.

The request from FBI Director Robert Mueller came during a House of Representatives Judiciary Committee hearing. It seems to go beyond the current plan to monitor traffic on federal-government networks.

Mueller suggested that the FBI should have widespread oversight to monitor and conduct surveillance of private-sector networks too.

Mueller said the surveillance should include all Internet traffic, including .mil, .gov and .com website domains.

It is unclear whether “illegal activity” would be limited to dealing with internet crimes like denial-of-service attacks, spam, phishing and botnets, or would also include the monitoring of other illegal activities, like online gambling, the distribution of pornographic images or selling prescription drugs without a license.

Source: News.com

Human rights activists are using a clever combination of Facebook and Google Earth to find wanted Darfur war criminals and bring them to justice.

A Facebook page has been created on the social networking website encouraging people to report the sightings of Ahmed Haroun and Ali Kushayb.

Both men were indicted by the International Criminal Court in The Hague for war crimes a year ago.

Neither men have been captured and brought to justice.

Dr James Smith, chief executive of the Aegis Trust which set up the Wanted for War Crimes Watch List page on Facebook.com said “The men are suspected of hundreds of thousands of murders. Someone, somewhere, knows where they are.”

Google Earth and Google Maps are being used to map known movements of the two Sudanese men, each wanted on more than forty counts of crimes against humanity and war crimes committed in Darfur.

The Watch List even lists Ahmed Haroun’s phone number and office address.

Mr Donovan stated “He isn’t a fugitive hiding in a cave somewhere, but a bland looking man in a suit, sitting behind a desk in Khartoum.”

Khartoum has refused to surrender Mr Kushayb and Mr Haroun to the Court.

Rather, Mr Haroun has been promoted to the position of Sudan’s Minister for Humanitarian Affairs. He is currently responsible for the welfare of the victims of his alleged crimes.

As well as having vast power over humanitarian operations, he is responsible for liaisons with the International UN/African Union peacekeeping force tasked with protecting civilians against such crimes.

The other suspect, Mr Kushayb, was in custody in Sudan on other charges at the time that the ICC warrants were issued, however, last October the Sudanese Government announced he had been released, reportedly due to ‘lack of evidence’.

Source:Telegraph.co.uk

Filmmaker Jim Killeen is the producer of a new documentary film called Google Me.

Most people have googled their names, but how many people go to the extreme of actually meeting their “google twins”?

That’s the whole idea behind Google Me.

In the video below News.com reporter Kara Tsuboi interviews Jim Killeen and learns about the six other Jim Killeens he’s met through the Google search engine.

CNet News is reporting that some ex Google employees are working on a new social search engine.

The site is called Mechanical Zoo and is scheduled for a beta launch in May.

Mechanical Zoo is aiming to be an application ( rather than a regular web site ) that will allow people to search the knowledge in their social circle to find useful personal information and recommendations. Mechanical Zoo currently has 100 “alpha” users testing the search. The site will be a Yahoo Answers-type service, with more built-in knowledge about a person’s tastes and interests.

Mechanical Zoo cofounder Max Ventilla, a former business development manager at Google, says “We’ve developed an online social structure that lets users reach out to people they already know” for answers.”

Source: News.com