NewsBits for March 21, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Anti-war hackers strike the US Navy Since the US and UK began military action against Iraq, online protesters have attacked a number of Web sites with anti-war slogans. Virus writer and hacker activity has stepped up dramatically since the US and UK armed forces started their war against Iraq. In the past 48 hours more than 1,000 Web sites have been hacked and defaced, according to Internet security firm F-Secure, and the company suggests most are in the response to the military action in the Gulf. http://news.zdnet.co.uk/story/0,,t269-s2132321,00.html http://www.vnunet.com/News/1139641 http://www.newsfactor.com/perl/story/21070.html Web sites defaced as Iraq war rages http://www.msnbc.com/news/888816.asp Norton SystemWorks heisted for terror war spam scam http://www.theregister.co.uk/content/55/29880.html Info seekers, hackers besiege government sites http://www.gcn.com/vol1_no1/daily-updates/21485-1.html Cyberspace an Invisible Front in War on Terrorism http://www.newsfactor.com/perl/story/21056.html Internet attacks limited in early days of war http://www.usatoday.com/tech/world/iraq/2003-03-21-web-hacks_x.htm Hackers, virus writers take to war theme http://www.computerworld.com/securitytopics/security/hacking/story/0,10801,79602,00.html - - - - - - - - - - Feds Alert to Web Security Threat As the Department of Homeland Security urges Americans to be on high alert for potential acts of cyberterrorism, many computer security experts say military conflict doesn't change the fact that the Net is already a pretty dangerous place. "When it really gets down to it, we're getting security attacks on a daily basis," said Vincent Weafer, director of Symantec Security Response. On an average day, the security software maker hears of five to 15 new viruses. In a typical year, it finds several thousand widespread vulnerabilities in computer systems. Web users and publishers fend off denial-of-service attacks and intruders seeking o steal crucial data on a daily basis. http://www.wired.com/news/business/0,1367,58139,00.html Cyberterror and professional paranoiacs Now wait for the hype about "cyberwar" and "cyberterrorism" to follow. The first onslaught came this week when Homeland Security Secretary Tom Ridge said he was ratcheting up to an Orange Alert to coincide with the U.S. invasion. Ridge said his department would "monitor the Internet for signs of a potential terrorist attack, cyberterrorism, hacking, and state-sponsored information warfare." http://news.com.com/2010-1071-993594.html - - - - - - - - - - Scam casts doubt on eBay's anti-fraud software Robert Beck suspended his distrust of online auctions last month and went for a top-of-the-line speaker system. He cast a winning bid of $1,900, paid by credit card and waited for his first eBay purchase. The speakers never arrived. Last week, detectives confirmed to the 25-year-old engineer that the sellers, an Arizona couple, had cashed out their bank account and fled town. The couple allegedly stole more than $100,000 from more than 500 bidders. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/5450291.htm - - - - - - - - - - E-mail worm pretends to have spy satellite images A new e-mail worm has surfaced that purports to show screensavers of U.S. spy satellite pictures of Iraq or animations that are either patriotic or that mock President Bush, a computer security company warned Thursday. The worm, dubbed Ganda-A, spreads by sending itself to e-mail addresses on an infected machine and tries to disable anti-virus and other security software and infect certain files on the hard disk, according to Sophos. http://www.cnn.com/2003/TECH/internet/03/21/worm.warning.reut/index.html http://www.usatoday.com/tech/world/iraq/2003-03-21-war-worm_x.htm War Worms Inch Across Internet http://www.wired.com/news/infostructure/0,1377,58143,00.html - - - - - - - - - - Man raped girl after online chat A MAN who met a 13-year-old girl on the Internet yesterday admitted having sex with her without her consent in the back seat of his car. A court heard the girl had refused an online request to meet Revi Bose in person but he told her he knew where she lived and had her phone number. The County Court was told Bose, then 21, rang her home and told her he would come looking for her if she didn't meet him. Prosecutor Rod Willcox told the court the girl was chatting to Bose in the Yahoo chatroom on July 22, 2001. http://www.theaustralian.news.com.au/common/story_page/0,5744,6166759%255E421,00.html - - - - - - - - - - Child porn images in the name of art A photographer, who claimed he downloaded child porn featuring children as young as six in the cause of art, was today behind bars. Police found 62 stored computer images and 41 photographs which had been downloaded and made into cards in Dominic Rouse's city centre studio. Rouse, who describes himself as a photographic artist, was caught in the American Operation Ore investigation after using a credit card to access child porn. http://www.eveningnews24.co.uk/content/News/story.asp?datetime=21+Mar+2003+12%3A05&tbrand=ENOnline&tCategory=NEWS&category=News&brand=ENOnline&itemid=NOED21+Mar+2003+12%3A05%3A32%3A580 - - - - - - - - - - Orange County man charged with possessing child porn A Santa Ana Heights man was charged in federal court Thursday with possession of 100,000 photographic and electronic images of child pornography, the U.S. Attorney reported. John Maurice Aldrich, 61, is being held without bail and is scheduled to appear in court April 3, authorities said. He was arrested Wednesday night after an investigation that began in September. He came to attention of authorities last fall after he checked into a local hospital for treatment. During his hospital stay, his landlord inspected the apartment and found a 4-inch-high stack of child pornography, court papers said. The landlord called Newport Beach Police and they got a search warrant. http://www2.ocregister.com/ocrweb/ocr/article.do?id=31062 - - - - - - - - - - Photographer Guilty in Porn Case An Orem photographer faces up to 40 years in federal prison after pleading guilty to charges he made and distributed pornographic images of children. Joseph Paul Durborow, 41, pleaded guilty Wednesday to one count of child pornography manufacturing and distribution and one count of conspiring to sexually exploit children. The maximum sentence on each count is 20 years in prison and a fine of $250,000. Others arrested as part of "Operation Hamlet," an investigation into an international child pornography ring, led authorities to Durborow. While executing a search warrant at the home of a California man, authorities found nine pornographic images of the same children featured on Durborow's Web site in nonpornographic images, they said. An Idaho man arrested as part of the probe told federal agents he had exchanged pornography over the Internet with Durborow, who identified himself by e-mail and in chat rooms as "Lazarus," court documents said. http://www.sltrib.com/2003/Mar/03212003/utah/40235.asp - - - - - - - - - - S.F. man sentenced in child-porn case A San Francisco man has been sentenced to four years and nine months in prison for possessing child pornography that law enforcement agents found on his computers, federal prosecutors said Wednesday. Damien Nino, 38, who pleaded guilty to the felony charge last June, was sentenced Tuesday by U.S. District Judge William Alsup. Nino has been in jail since February 2002, shortly after he was stopped for a traffic violation and officers said they found hundreds of images of child porn on his laptop computer. In his guilty plea, Nino admitted that he had been arrested three times in nine months, each time with a different computer containing pornographic photos of children, some as young as 8 or 10. http://www.sfgate.com/cgi-bin/article.cgi?f=/chronicle/archive/2003/03/20/BA233153.DTL - - - - - - - - - - Photographer Guilty in Porn Case An Orem photographer faces up to 40 years in federal prison after pleading guilty to charges he made and distributed pornographic images of children. Joseph Paul Durborow, 41, pleaded guilty Wednesday to one count of child pornography manufacturing and distribution and one count of conspiring to sexually exploit children. The maximum sentence on each count is 20 years in prison and a fine of $250,000. Others arrested as part of "Operation Hamlet," an investigation into an international child pornography ring, led authorities to Durborow. While executing a search warrant at the home of a California man, authorities found nine pornographic images of the same children featured on Durborow's Web site in nonpornographic images, they said. An Idaho man arrested as part of the probe told federal agents he had exchanged pornography over the Internet with Durborow, who identified himself by e-mail and in chat rooms as "Lazarus," court documents said. http://www.sltrib.com/2003/Mar/03212003/utah/40235.asp - - - - - - - - - - Utah porn czar falls victim to budget ax Smut still lurks in the dark corners of this state, and filthy spam messages fill the Internet. But Paula Houston won't be around to lead the cleanup crusade. The nation's first state-employed pornography czar will soon be out of work, a victim of budget cutbacks. Her boss, Attorney General Mark Shurtleff, shifted $75,000 from other accounts to cover her salary last year, but couldn't do financial magic a second time. An attempt in the final days of the session of the state Legislature to rescue the position by taxing adult entertainment businesses failed. http://www.sanmateocountytimes.com/Stories/0,1413,87~11268~1256869,00.html - - - - - - - - - - Leadership selected for new cybersecurity panel Leaders have been named for the new House Homeland Security subcommittee on Cybersecurity, Science and Research and Development. Rep. Mac Thornberry (R-Texas) will chair the subcommittee and the ranking minority member is Rep. Zoe Lofgren (R-Calif.) Thornberry also is a member of the Armed Services, Budget and Resources committees. The Homeland Security Committee was formed to coordinate all House oversight of the Homeland Security Department and has legislative jurisdiction over the 2002 act creating the department. It is chaired by Rep. Christopher Cox (R-Calif.) http://www.gcn.com/vol1_no1/daily-updates/21486-1.html - - - - - - - - - - IGs: Watch those Social Security numbers Fifteen inspectors general this month told the Presidents Council on Integrity and Efficiency that federal agencies are lax in overseeing the use and disclosure of Social Security numbers stored in agency databases. Some agencies, they said, are allowing contractors free access to such private information before their background checks are completed or after they stop working within the government. The Social Security Administrations inspector general undertook the survey at the request of the Senate Governmental Affairs Ways and Means Subcommittee on Social Security. http://www.gcn.com/vol1_no1/daily-updates/21463-1.html - - - - - - - - - - Campus network security the subject of new study A $100,000 study will aim to bolster the security of computer networks at Arizona universities, as experts say the schools are targeted daily by hackers. The study, commissioned by the Arizona Board of Regents, should be finished by August. The University of Arizona, Arizona State University and Northern Arizona University maintain internal security measures, but this is the first time all three are joining in an outside examination. http://www.usatoday.com/tech/news/computersecurity/2003-03-21-network-study_x.htm - - - - - - - - - - Microsoft Struggles with Role as Top Hacker Target As the company whose software runs more than 90 percent of all personal computers, Microsoft Corp. is the constant target of hackers -- and these days, of irate network administrators. Almost every major Internet attack in recent years -- computer "worms" and other bugs with names such as Slammer, Code Red and Nimda -- was directed at servers using Microsoft's software. Among hackers, the company's products are favorite targets not just because they're so widely used, but also because they're known to have flaws. http://www.newsfactor.com/perl/story/21067.html - - - - - - - - - - Spammers remain unrepentant as they make money Captain Bob could be any teenage school-leaver, filling in the gap before university and a job in some computer- related field. But the 19-year-old is possibly New Zealand's biggest spam-artist. From his Mt Eden bedroom he sends unsolicited spam emails across the world by the million. http://www.nzherald.co.nz/storydisplay.cfm?storyID=3251095 - - - - - - - - - - Office 2003 may pose antivirus problem The latest test version of Microsoft Office 2003 could cause problems for antivirus companies because the XML-based format it supports will bog down scanning software, according to security experts. The problem centers on macros embedded in documents in the Office 2003 beta, or test, version. When saved as an XML (Extensible Markup Language) file, the macros can more or less wind up anywhere. This means that scanners must search the entire contents of a file, rather than examine the part of the file where macros are always positioned. http://zdnet.com.com/2100-1105-993696.html - - - - - - - - - - Tech hides data, IDs inside music files SunnComm Technologies, one of several companies developing anti-CD copying products, has licensed a new technique that can hide data, video, software or an identifying watermark inside music files. The company said Thursday that it is working with Stealth MediaLabs to create a kind of super-watermark that can be embedded inside music files, which--the companies contend--can survive if the song is digitally compressed, rerecorded through an analog connection, or even if the song is recorded off the radio. http://zdnet.com.com/2100-1105-993588.html http://news.zdnet.co.uk/story/0,,t269-s2132268,00.html - - - - - - - - - - Is SSL safe? Czech security researchers this week claimed to have uncovered weaknesses in SSL that might permit crackers to decypher transmissions over supposedly secure links. however, independent cryptography experts, who are studying a paper from Czech security outfit ICZ, are yet to verify the risk is real and as serious as ICZ suggests - so the research needs to be treated with caution. http://www.theregister.co.uk/content/55/29868.html - - - - - - - - - - The Pentagon's tactical Internet - a war too early? The Pentagon is furiously buying up commercial satellite capacity in order to meet the bandwidth needs of a new kind of IT-driven war, reports the Washington Post. But Register sources suggest that the US military has other, rather larger problems in delivering on the digital battlespace vision. A recent Department of Defense briefing included an instructive illustration of the growth in this hunger for bandwidth, and of what it is that the military intends to do with it. http://www.theregister.co.uk/content/6/29882.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.