NewsBits for March 31, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ PayPal charged with breaking Patriot Act A U.S. Attorney's office has alleged that PayPal violated laws regarding the processing of online gambling payments, and is asking parent company eBay to hand over nine months of the gambling-related earnings in settlement. The U.S. Attorney for the Eastern District of Missouri told eBay that its online payment service violated provisions in the USA Patriot Act between October 2001 and July 2002, according to eBay's annual report, filed Monday with securities regulators. Under the act, it is prohibited to transmit funds known to have come from a criminal offense, or that are intended to promote or support unlawful activities. http://news.com.com/2100-1018-994810.html http://www.usatoday.com/tech/techinvestor/techcorporatenews/2003-03-31-ebay-paypal_x.htm eBay says PayPal didn't violate Patriot Act http://www.nandotimes.com/technology/story/834642p-5878629c.html - - - - - - - - - - Data thieves strike Georgia Tech Online intruders broke into a server containing the credit card numbers of some 57,000 patrons of a Georgia Institute of Technology arts and theater program, a university official said Monday. The Online intrusions, which are thought to have occurred over the last two months, were only discovered in the past week or so, said David Terraso, a Georgia Tech spokesman. Both the Georgia Bureau of Investigations an independent resource for the state's law enforcement personnel --and the FBI have started investigating the matter, he said. http://news.com.com/2100-1002-994821.html - - - - - - - - - - Qualcomm 'superhacker' wins change of venue Accused superhacker Jerome Heckenkamp is saying goodbye to sunny San Diego, California after winning a venue change for a 10-count indictment accusing him of sophisticated hack attacks against telecom equipment- maker Qualcomm. A federal judge in San Diego ordered the case transferred Thursday to San Jose, California five hundred miles to the north, where Heckenkamp is already facing a weightier indictment accusing him of penetrating computers belonging to Lycos, Exodus Communications, Juniper Networks and Cygnus Support Solutions, and defacing online auction site eBay under the hacker handle "MagicFX." http://www.theregister.co.uk/content/55/30013.html - - - - - - - - - - Feds: Chinese Hack Attacks Likely Chinese hacker groups are planning attacks on U.S. and U.K.-based Web sites to protest the war in Iraq, the Department of Homeland Security warned in an alert that it unintentionally posted on a government Web site today. The hackers are planning "distributed denial-of-service" attacks, which render Web sites and networks unusable by flooding them with massive amounts of traffic. They also are planning to deface selected Web sites, according to the alert, though the government said it did not know when the attacks would occur. http://www.securityfocus.com/news/3599 http://www.washingtonpost.com/wp-dyn/articles/A60363-2003Mar31.html Islamist Web sites rage at U.S. http://www.nandotimes.com/technology/story/832979p-5867936c.html Iraq war sparks tit-for-tat hacker attacks http://www.cnn.com/2003/TECH/internet/03/29/hacker.attacks.reut/index.html Hackers Condemn Arab Site Hack http://www.wired.com/news/infostructure/0,1377,58277,00.html http://www.newsfactor.com/perl/story/21140.html http://www.usatoday.com/tech/world/iraq/2003-03-30-iraq-web_x.htm - - - - - - - - - - New Sendmail glitch a local issue A serious security vulnerability has been found in the popular Sendmail software, which processes 60 percent to 70 percent of the world's e-mail. The flaw was discovered by U.S.-based security researcher Michal Zalewski, and is separate from the one discovered by Internet Security Systems earlier this month. "I've confirmed this is a local issue, and my initial impression is that a remote attack possibility is not that unlikely," Zalewski said in a statement. http://zdnet.com.com/2100-1105-994711.html http://news.zdnet.co.uk/story/0,,t269-s2132689,00.html http://www.msnbc.com/news/893354.asp http://www.vnunet.com/News/1139828 http://www.theregister.co.uk/content/55/30012.html http://www.computerworld.com/securitytopics/security/story/0,10801,79882,00.html - - - - - - - - - - 3 get prison sentences in online child porn case An Oak Harbor couple and an Everett man who raped little children and took photos of the crimes that were traded on the Internet yesterday were given federal prison sentences ranging from 15 to 27 years. James and Tracey Wright sexually abused their own baby boys, 11 months and 3 years old, and allowed family friend Donald Keffler, 41, to abuse them, too. The couple also victimized seven other youngsters whom they were baby-sitting. Federal agents on the lookout for online consumers of child pornography and other sexual predators learned that Keffler was trolling the Web for children with whom he could have sex. http://seattlepi.nwsource.com/local/114885_porn29.shtml - - - - - - - - - - Teacher gets jail time -- and a reprieve -- in child porn case Todd O'Brien, a former Kingston High School teacher convicted of multiple counts of possessing child pornography, was sentenced in Ulster County Court Friday to six months in jail and 10 years of probation. But the 26-year-old town of Ulster man left the court for home, not jail, after Ulster County Judge J. Michael Bruhn granted his attorney's request that O'Brien remain free while he appeals the legality of police seizing the computer on which the pornographic images were found. If that appeal is successful, the conviction will be thrown out. http://www.dailyfreeman.com/site/news.cfm?newsid=7535508&BRD=1769&PAG=461&dept_id=74969&rfi=6 - - - - - - - - - - Former Ted Reeve hockey coach faces child porn charges A man who has coached several Toronto hockey teams in the early to middle 1990s including the locally based Ted Reeve Thunder, 11- and 12-year-old boys' squad was arrested on child porn charges Tuesday. Police said the man has numerous previous convictions for sexually assaulting nine- to 13-year-old boys in Montreal and Toronto between 1984 and 1989 while he was a coach. Police alleged a man had Internet chats with an undercover police officer from Keane, New Hampshire, posing online as a 12-year-old boy. A man allegedly discussed having sex with children and sent child porn to the cop. http://www.mirror-guardian.com/to/beaches/story/972798p-1162457c.html - - - - - - - - - - Klez-H hangs around like a bad smell Klez, yet again, was the mostly reported viral menace on the Internet this month. Managed services firm Messagelabs has blocked Klez-H 387,026 times this month. The virus accounted for 15.3 per cent of support calls to AV firm Sophos. http://www.theregister.co.uk/content/56/30026.html - - - - - - - - - - Activists Alarmed by Measure Aimed at Blocking Encryption Cheating on income taxes or neglecting to pay sales taxes on online purchases could get you five extra years in prison if the government succeeds in restricting data-scrambling technology, encryption- rights advocates fear. Such a measure, they worry, also may discourage human rights workers in, say, Sri Lanka from encrypting the names and addresses of their confidants, in case they fall into the wrong hands. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-encrypt31mar31,1,3534377.story http://www.cnn.com/2003/TECH/biztech/03/31/encryption.battle.ap/index.html http://www.securityfocus.com/news/3579 http://www.usatoday.com/tech/news/techpolicy/2003-03-31-crypto-rights_x.htm http://www.nandotimes.com/technology/story/834379p-5876993c.html - - - - - - - - - - Child porn case puts focus on Web, libraries The debate over whether public libraries should be forced to censor the Internet material patrons can access on their computers has been raging for more than three years. This month, the U.S. Supreme Court is hearing arguments on both sides. In the meantime, local libraries are mostly free to do as they see fit. Nearly all the computers in Lackawanna County's 10 public libraries are fitted with filters that block access to obscene, pornographic and offensive Web sites, the county library system's head administrator, Mary Garm, said. http://www.zwire.com/site/news.cfm?newsid=7536086&BRD=2185&PAG=461&dept_id=416046&rfi=6 - - - - - - - - - - UK SMEs are sitting ducks for crackers More than one million UK businesses are vulnerable to hacker attacks. according to a study by Microsoft, 65 per cent of small and medium-sized businesses in the UK have no form of intrusion detection system, while more than 15 do not even a basic firewall. "This lack of basic protection leaves over 1,000,000 UK businesses vulnerable to malicious attacks from hackers and susceptible to the crippling effects of computer viruses," Microsoft (which, let's face it, knows a thing or two about such matters) warns. http://www.theregister.co.uk/content/67/30029.html - - - - - - - - - - E-mail bullying on the rise One in six workers in the UK has been bullied via e-mail, according to a new study. A poll conducted by internet job site reed.co.uk showed that e-mail bullying is on the increase with those in the south west and London suffering most from cyber criticism. Perhaps surprisingly, the higher up the office ladder people are, the more likely they are to be targeted by e-bullies. http://news.bbc.co.uk/2/hi/technology/2902777.stm http://www.theregister.co.uk/content/6/30010.html - - - - - - - - - - Profiling by grocery receipts? Feds eye personal commercial data in terror search The U.S. government has discovered a powerful resource in its war against terrorism credit-card records, hotel bills, grocery lists and other records detailing the private lives of its citizens. Government investigators are turning to commercial databases to track down and isolate possible hijackers and suicide bombers before they strike, raising fear among privacy advocates that long-standing protections against government snooping may be eroded. http://www.msnbc.com/news/893360.asp - - - - - - - - - - Hacker cracks Xbox challenge An anonymous hacker has succeeded in running Linux on an unmodified Xbox, apparently satisfying a $100,000 challenge funded by Lindows founder Michael Robertson. A hacker using the name Habibi-Xbox revealed the exploit Saturday in a message posted on the Xbox Hacker Web site. Organizers of the Xbox-Linux Project confirmed the method works. http://news.com.com/2100-1043-994794.html http://www.msnbc.com/news/893472.asp - - - - - - - - - - The security appliance is dead - report Yankee Group is advising clients to stop buying security appliances and to consider investing in security switches instead. Two Yankee Group reports, Security Services Switches Mark the End of Security Appliances, and Security Service Switches to Rule the Day: Security Appliances are Dead!, declare the end of the security appliance market and the ushering in of security service switches. The US analyst firm predicts 25 per cent of Fortune 100 companies by the end of this year will have deployed SS switches to protect their critical communications assets. http://www.theregister.co.uk/content/55/30022.html - - - - - - - - - - XP update bolsters Wi-Fi security Update: Microsoft on Monday released a Windows XP update designed to enhance security for computers that connect to wireless networks, but the software is only a part of the Wi-Fi picture. The software update would change how the operating system connects to 802.11, or Wi-Fi, networks or base stations. Under the older method, one encrypted key is used by everyone connecting to the wireless network. The update would provide a means of associating a separate key for each computer connecting to the network, a change that in theory should increase security. http://zdnet.com.com/2100-1105-994719.html http://news.zdnet.co.uk/story/0,,t269-s2132731,00.html - - - - - - - - - - Nortel touts secure Wi-Fi for enterprise Enterprise Wi-Fi can be secure and manageable said Nortel Networks on Monday, as it launched a range of wireless LAN products. Nortel has announced wireless LAN products to woo IT managers that are still uncertain about security and manageability of office wireless. The products, which include a security switch that monitors wireless traffic from the wired network, join wireless LAN announcements from other vendors including Alcatel and Cisco. http://news.zdnet.co.uk/story/0,,t269-s2132681,00.html http://news.com.com/2100-1039-994788.html - - - - - - - - - - Uncle Roger's Folly The Ganda virus shows why the Internet isn't the best source for reliable war news, and malicious code isn't a good medium for anything. Laugh at the news of poor "Uncle Roger" from Haernoesand, Sweden, the mistreated student/virus-writer rousted by the coppers for creating a virus he thought might get his complaints heard during Gulf War II. "Go USA" was one phrase the virus used as an enticement -- the idea being, perhaps, to exploit the feelings of citizens who might wish to acquire a jingo screen-saver. http://www.securityfocus.com/columnists/151 - - - - - - - - - - Freedom, technology and the Net These are perilous times for online privacy, free speech and the freedom to tinker with legally purchased hardware and software. Last week, the House of Representatives approved a constitutionally dubious bill to criminalize domain names that might possibly confuse children, while the movie studios tried to expand the most worrisome parts of the Digital Millennium Copyright Act (DMCA) through the simple expedient of lobbying state legislators. http://news.com.com/2010-1071-994654.html Fighting high-tech surveillance in a high-anxiety society http://www.usatoday.com/tech/news/techpolicy/2003-03-31-aclu-tech_x.htm http://www.nandotimes.com/technology/story/834243p-5876314c.html - - - - - - - - - - Digging for Clues - One expert shows you how it's done Tina Bird, head of IT systems and services at Stanford University, offered the examples below last month during a live webcast sponsored by the Bethesda, Md.-based SANS Institute. Example 1 shows a log entry from a system that's running Solaris as a remote host attempts to connect to the network through a process called a remote procedure call (RPC). However, "with this data by itself, we really can't tell what's going on," said Bird. But it's in the next entry, shown in Example 2, where things get interesting and start to show signs of a buffer-overflow attempt. http://www.computerworld.com/securitytopics/security/story/0,10801,79799,00.html - - - - - - - - - - Cell Phones' Flaws Imperil 911 Response When the windows shattered in the little white house in Chillum and flames lapped upward to the children's bedrooms, a neighbor grabbed her cell phone and dialed 911. Her call flew through the skies of Prince George's County -- only to land at the wrong fire department, miles away in the District. For several minutes, the caller and the 911 operators frantically tried to figure out what was going on. The operator didn't recognize the address, but the woman kept repeating it and asking for help, according to the D.C. fire department's analysis of the 911 tapes. http://www.washingtonpost.com/wp-dyn/articles/A54802-2003Mar30.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.