NewsBits for March 24, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Hacktivists DDoS 10 Downing St site UK government website 10 Downing Street was briefly rendered inaccessible yesterday after a co-ordinated denial of service attack protesting the Prime Minster's role in the conflict. The site, which runs IIS on Win2K (according to Netcraft), is back on-line. Unconfirmed reports suggest hackers went one step further with the Whitehouse site, reportedly spraying it with anti-war graffiti. Defacement archive, Zone-h.org, links to a record of this supposed defacement, although its report contain a strong caveat that it wasn't able to capture and confirm the attack itself. http://www.theregister.co.uk/content/55/29897.html - - - - - - - - - - Key Arab news station knocked offline The Arabic satellite television channel Al Jazeera, which on Sunday broadcast controversial footage of US soldiers captured by Iraqi forces, has blamed computer hackers for crashing its online news service on Monday. The station's web site, which carried still images of the footage, was inaccessible on Monday morning. A spokeswoman for Al Jazeera told New Scientist: "We have a problem. I believe there are some hackers, some attack, but I don't know exactly." http://www.newscientist.com/news/news.jsp?id=ns99993537 Web sites defaced as Iraq war rages http://www.msnbc.com/news/888816.asp - - - - - - - - - - Alleged victims of Internet pyramid scheme share $20 million Operators of what the government contended was an illegal pyramid scheme have agreed to refund $20 million to investors, the Federal Trade Commission announced Monday. The money will go to those who lost money after investing in SkyBiz, an Internet- based operation in Tulsa, Okla. The out-of-court settlement was reached in January, shortly before the case was to have gone to trial, and announced formally on Monday. A court-appointed receiver will send e-mails to consumers eligible to collect refunds, commission lawyer Jim Elliott said. http://www.nandotimes.com/technology/story/824914p-5826004c.html - - - - - - - - - - 10 doctors quizzed on child porn At least 10 doctors are being investigated by police for downloading child pornography on the internet - and there may be many more, the Sunday Mercury can reveal. The health professionals have been quizzed as part of Operation Ore, the international probe into the trade in internet child porn. The shock revelations were disclosed in a report to a Midland healthcare trust meeting. It revealed that 10 doctors had been referred to the General Medical Council after allegedly accessing paedophile sites. They are NOT thought to include three previously reported police investigations. http://icbirmingham.icnetwork.co.uk/0100news/0100localnews/page.cfm?objectid=12769616&method=full&siteid=50002 - - - - - - - - - - N.J. Teacher Sentenced in Child Porn Case A sixth-grade science teacher has been sentenced to three years probation and banned from teaching for for using a school library computer to download child pornography. Officials at Roy W. Brown Middle School contacted police in December after discovering a library computer appeared to have been used to access pornographic Internet sites with images of children and teenagers. Computer technicians with the school and police determined the sites had been accessed before school hours, when no one was in the library. http://abclocal.go.com/wpvi/news/032203_nw_teachporn.html - - - - - - - - - - Man accused of having sex with teen faces prison term A Wilmington man accused of meeting a 14-year-old girl on the Internet and having sex with her at a hotel will serve at least 16 years in prison. Christopher David Reid, 27, pleaded guilty in Rockingham County Superior Court on Monday to first-degree kidnapping, two counts of second-degree rape and two counts of second-degree sex offense. Superior Court Judge Judson D. DeRamus sentenced Reid to serve between 16 and 24 years in prison. http://www.wilmingtonstar.com/apps/pbcs.dll/article?Date=20030319&Category=APN&ArtNo=303190701 - - - - - - - - - - Vietnam moves to counter 'cyber-dissidents' on the Web One of Vietnam's best-known dissidents was arrested last week for trying to post documents on the Internet, in a sign of the regime's growing fear of losing control of the Web. Pro-democracy activist Dr. Nguyen Dan Que, a thorn in Hanoi's side for the past three decades who was released from nearly 20 years' jail in 1998, was arrested at his home in southern Ho Chi Minh City on March 17. On Thursday, the foreign affairs ministry confirmed that the veteran campaigner would be prosecuted. http://www.nandotimes.com/technology/story/822878p-5813412c.html - - - - - - - - - - Fourth CERT document is leaked online In what appears to have been the fourth such incident last week, an individual using the name "hack4life" sent another internal CERT Coordination Center memo to an online discussion list on March 21, detailing a product vulnerability that hadn't yet been disclosed. http://www.computerworld.com/securitytopics/security/holes/story/0,10801,79659,00.html - - - - - - - - - - Supreme Court rejects attempt to appeal cases testing secret spy court The Supreme Court rejected a civil liberties challenge to post-Sept. 11 law enforcement spying on today, refusing to be drawn into a dispute over the boundaries of a law that gave the government broader surveillance authority after the terrorist attacks. The American Civil Liberties Union and other organizations wanted the justices to consider when the government should be allowed to monitor someone's telephone conversations and e-mail, then use the information to prosecute them. The Bush administration has argued that the surveillance, and a special court that oversees sensitive domestic espionage tactics, are indispensable tools in the war on terror. http://www.bayarea.com/mld/mercurynews/5470063.htm http://www.wired.com/news/privacy/0,1848,58186,00.html Ashcroft accelerates use of emergency spy warrants in anti-terror fight http://www.securityfocus.com/news/3372 - - - - - - - - - - Cyber-crime reporting on the increase National High Tech Crime Unit claims success with Confidentiality Charter. Four UK companies have started investigations into incidences of high-tech crime using the new Confidentiality Charter, launched last year by the National High Tech Crime Unit (NHTCU). The Charter provides a framework for investigating criminal activity while minimising disruption of day-to-day trading. http://www.vnunet.com/News/1139653 - - - - - - - - - - States need cybersecurity focus A new Zeichner Risk Analytics LLC study found 36 state governments have failed to prepare, adopt and implement acceptable cybersecurity policies, which could have damaging consequences to citizen services, communication systems and critical utilities if the nation were to undergo cyberattacks. http://www.fcw.com/geb/articles/2003/0324/web-secure-03-24-03.asp - - - - - - - - - - Ruling on junk fax boosts antispam effort A federal appeals court said Friday that a law restricting junk faxes was constitutional, setting a precedent that favors legal attempts to restrict unsolicited e-mail. The Eighth Circuit Court of Appeals reversed a lower court's ruling, concluding that a 1991 federal law banning unsolicited fax advertising did not violate the First Amendment's guarantee of freedom of expression. http://zdnet.com.com/2100-1105-993749.html http://news.zdnet.co.uk/story/0,,t269-s2132356,00.html - - - - - - - - - - Microsoft chokes Hotmail to stop spam Microsoft's MSN Hotmail, a free Web-based e-mail service, has tightened restrictions on daily outbound messages sent by subscribers, a tactic it says will help curb spam. The Redmond, Wash.-based company on Friday said that Hotmail subscribers are now limited to sending only 100 messages a day "in an effort to prevent spammers from using Hotmail to spread spam," said Lisa Gurry, MSN lead product manager. The change, made last week, should affect only about 1 percent of its nearly 110 million worldwide users, based on historical usage data, Gurry said. http://zdnet.com.com/2100-1105-993774.html http://www.msnbc.com/news/890012.asp?0cv=TB10 http://www.computerworld.com/softwaretopics/software/groupware/story/0,10801,79665,00.htm - - - - - - - - - - New police tactic--phone spam Authorities in China are turning to technology to nab vandals--they use a computer program that spams the wrongdoers' mobile phones until they turn themselves in. Officials in Hangzhou, the capital of China's Zhejiang province, have developed a system which bombards mobile phones with pre-recorded voice messages, according to the official newspaper, the People's Daily. Businessmen who put up illegal advertisements which contain mobile numbers have become the target of the computerized phone-spammer. http://zdnet.com.com/2100-1105-993822.html http://news.zdnet.co.uk/story/0,,t269-s2132339,00.html http://www.nandotimes.com/technology/story/823979p-5819588c.html http://news.com.com/2100-1039-993861.html - - - - - - - - - - Met police use spam to warn against 999 timewasting The Metropolitan Police Service is to reinforce the message that 999 calls should be made in the event of an emergency - by spamming up to 250,000 Londoners. Scotland Yard has signed a deal with messaging outfit Buongiorno to state the bleeding obvious to the capital's residents. Non-urgent calls to emergency service personnel are a problem but serious questions should be raised about whether the Met is getting its message across in the most effective way. http://www.theregister.co.uk/content/6/29907.html - - - - - - - - - - Start-Up Aims to End Spam Silicon Valley is continuing to hemorrhage thousands of jobs, but there are some here who say that the time has never been better for creating a start-up company. On Monday, Phil Goldman, whose career as a software designer has included stints at Apple, General Magic, WebTV and Microsoft, will introduce a service that he says will permanently end e-mail spam for consumers who are being driven to distraction by unsolicited pitches for diet schemes and offers of great wealth from Nigeria. http://news.com.com/2010-1071-992911.html http://www.nytimes.com/2003/03/24/technology/24PHIL.html - - - - - - - - - - Microsoft rapped for 'extinct' hacker claim Standards body forces Redmond to pull 'unsubstantiated and misleading' advert. Microsoft has been forced to pull a magazine advert in which it boasts it can make hackers extinct, because it cannot substantiate its claims. The Advertising Standards Authority of South Africa (ASASA) ruled that an advert implying that Microsoft's software can bring about the extinction of the hacker should be pulled for being "unsubstantiated and misleading". http://www.vnunet.com/News/1139664 - - - - - - - - - - Microsoft goes to school for secure code In the second of a string of collaborations between Microsoft and universities in the UK, the University of Leeds has received partial funding to teach would- be developers to write secure code. The module will be available to 100 undergraduates at Leeds from January 2004. Dr Nick Efford, who is designing the syllabus, said it will differ from modules at other universities. "They have traditionally emphasized network security, cryptography and things like that," he said. "Our course is emphasizing secure coding and software security. We will still cover cryptography but that will not be our focus." http://zdnet.com.com/2100-1105-993833.html http://news.zdnet.co.uk/story/0,,t269-s2132333,00.html - - - - - - - - - - Why the Dogs of Cyberwar Stay Leashed The United States could try out its much-hyped "cyberwarfare" capabilities in Iraq... but it would probably be illegal. As the U.S. and U.K. campaign to "shock and awe" the Iraqi leadership and population continues, as "bunker buster" bombs hit the Iraqi Presidential palaces and coalition forces attempt to disrupt the command and control of the Iraqi military, one widely-reported offensive capability is nowhere in sight: the United States has not yet officially used the tools of cyberwarfare. http://www.theregister.co.uk/content/55/29887.html - - - - - - - - - - North Wales Police could bypass Tetra Many functions to be done using GPRS network North Wales Police is to equip its officers with mobile technology that could make the controversial Tetra communications system less relevant. As part of its drive to get more officers on patrol, North Wales Police will issue officers with handhelds and tablet PCs. http://www.vnunet.com/News/1139654 *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.