NewsBits for April 7, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Tiny Nevada hospital attacked by Russian hacker A hacker who invaded the computer system at William Bee Ririe Hospital in Ely has been traced to the former Soviet Union, authorities said. The FBI said the hacker used the Web site of Al-Jazeera, the Arab news network, as a conduit to the hospital. http://www.usatoday.com/tech/webguide/internetlife/2003-04-07-hospital-hack_x.htm - - - - - - - - - - Ohio Volunteer Fireman Arrested in Internet Child Sting A Perrysburg Township volunteer firefighter has been arrested after reportedly trying to solicit sex over the Internet with a 14-year-old boy. Greg Beach was arrested Friday in Sterling Heights, Michigan. Neighbors say he was a quiet man who lived alone in this perrysburg township home. Gina Bengela who lives nearby says, "I was surprised. This is such a friendly neighborhood, lots of kids." Police say they believe Beach was using computers to solicit sex with a teen. What he didn't know was the 14-year old he thought he was talking to, was actually an undercover officer http://www.wtol.com/Global/story.asp?S=1217790 - - - - - - - - - - Doctor arrested in sex sting barred from home A Scottsdale doctor arrested in Tucson in an Internet child-sex sting operation was released to pretrial services Friday and ordered to live outside his home. Dr. Tom Francis, 43, who was arrested Monday, also was ordered not to have unsupervised contact with girls under 18 and not to use the Internet. Authorities said Francis traveled to Tucson to have sex with a 14-year-old girl and was arrested after he arrived at a restaurant where they agreed to meet. The "girl," however, was a male detective posing as the 14-year-old on the Internet. http://www.azcentral.com/arizonarepublic/local/articles/0405doctor05.html - - - - - - - - - - Al Qaeda Website Refuses to Die Repeatedly tossed off the Internet, a website believed to be al Qaeda's primary online method of communication continues to resurface as an uninvited guest on other websites. Alneda.com first appeared after the Sept. 11 attacks, hosted by legitimate Internet service providers in Malaysia and the United States who promptly evicted the site after being alerted to its contents and purpose. http://www.wired.com/news/infostructure/0,1377,58356,00.html - - - - - - - - - - Pakistan blocks 1,800 alleged porn Web sites Pakistani authorities said Sunday they've blocked 1,800 Web sites in a crackdown on Internet pornography in this deeply conservative Muslim country. But it's not proving to be easy. "Curbing porn sites is as difficult as blocking the wind," said Web engineer Farhan Parpia, of the state-owned telecommunications company. "You block one, and dozens more come up like mushrooms." http://www.usatoday.com/tech/world/2003-04-07-pakistan-sites_x.htm http://www.nandotimes.com/technology/story/843445p-5925099c.html - - - - - - - - - - Tough new laws against net child porn People who use the internet for child pornography will face up to 10 years jail under new laws to be introduced by the federal government, Justice and Customs Minister Chris Ellison said. Senator Ellison said downloading or transmitting child pornography would become a federal offence. This meant federal authorities would have the power to investigate, prosecute and punish anyone using the internet to trade in child pornography http://news.ninemsn.com.au/Sci_Tech/story_28412.asp - - - - - - - - - - Security attacks jump in Q1 Security incidents and attacks were up 84 per cent over the first three months of this year. According to security tool firm ISS' quarterly Internet Risk Impact Summary Report (IRIS) security attacks nearly doubled from Q4 2002 to Q1 2003. This increase was coupled with a ten-fold jump in overall security events (automatic probes, scans for vulnerabilities etc.) in the first three months of 2003 compared to the last quarter of 2002. http://www.theregister.co.uk/content/56/30134.html - - - - - - - - - - Who's 14, 'Kewl' and Flirty Online? A 39-Year-Old Detective It is the job of undercover police officers to pose as characters of the demimonde: prostitutes, johns, drug addicts. That means learning the ways of the street: the shuffling gait, the sneakers, the slang. But three undercover officers in the New York Police Department spend their time studying other things, like Prom Magazine, "American Idol" and the chatter at the mall. It is their job to impersonate not cocaine smugglers, but teenage girls and, sometimes, boys to serve as their invisible protectors. (NY Times article, free registration required) http://www.nytimes.com/2003/04/07/technology/07UNDE.html - - - - - - - - - - Defense wants tool for fast access to enemy data systems The Defense Department has awarded a research contract for a ruggedized portable system that warfighters would use to extract data from enemy forces captured computers. Ideal Technology Corp. on Friday received a DOD Small Business Innovation Research six-month contract to begin work on the portable tool. The first phase is worth $65,000. If Defense awards the company a second-phase contract, the value of the deal could grow to $750,000. http://www.gcn.com/vol1_no1/daily-updates/21640-1.html - - - - - - - - - - Point, click and bet? No. From traditional betting on horses, sports or a wide variety of casino games, to betting on the length of the Iraq war - all can be readily found on the Internet. That's despite the fact that most states prohibit online betting and gaming operations. Estimates of the money spent worldwide on Web gambling exceed $6 billion, with Americans constituting almost half the estimated 12 million players. A 1997 study showed 1 in 20 U.S. college students is addicted to Web gambling. http://search.csmonitor.com/search_content/0408/p08s01-comv.html - - - - - - - - - - Marketer Challenges Anti-Spam Crusader Every day, dozens of spam e-mails land in computer in-boxes advertising instant wealth, quick weight loss and cheap pornography. Francis Uy, a self- described computer geek from Ellicott City, decided to fight back by employing a tactic increasingly used by a small cadre of e-mail users fed up with spam: Outing spammers by posting their addresses and phone numbers on the Internet, enabling network operators to block their e-mail or to sue them. http://www.washingtonpost.com/wp-dyn/articles/A42993-2003Apr6.html http://www.msnbc.com/news/896671.asp - - - - - - - - - - Spam foe needs filter of himself Phil Goldman, a veteran Silicon Valley entrepreneur and co-founder of WebTV, wants to become a leader in the war against spam, but he's begun by attacking his coalition partners rather than the enemy. Last year, Goldman purchased a questionable patent that he claims gives his new company -- Mailblocks of Los Altos -- exclusive rights to an established anti-spam strategy called challenge/response. http://www.siliconvalley.com/mld/siliconvalley/5565843.htm - - - - - - - - - - Samba flaw threatens Linux file servers The Samba Team released a patch on Monday for the second major security flaw found in the past few weeks in the open-source group's widely used program for sharing Windows files between Unix and Linux systems. The security problem could easily let an attacker compromise any Samba server connected to the Internet. The vulnerability is unrelated to the previous flaw, for which Samba released a patch on March 17. http://news.com.com/2100-1002-995834.html - - - - - - - - - - Cyberspace invaders? Seti@home flaw The Seti@home project has released a new version of its software in order to close up a security hole that could let invaders into participants' PCs. The project, which allows desktop and workstation users to contribute processing time to the search for extraterrestrials, issued the new distributed client on Friday. It fixes a buffer overflow vulnerability that could allow an attacker to take control of a computer just by sending specially formatted Web requests. The flaw is one of three reported to Seti@home by a Dutch security researcher last December. The three vulnerabilities only became public knowledge this weekend. http://zdnet.com.com/2100-1105-995801.html http://news.zdnet.co.uk/story/0,,t269-s2133025,00.html http://www.theregister.co.uk/content/55/30124.html - - - - - - - - - - Apache urges update ahead of DoS risk alert The Apache Software Foundation has updated its popular Web server software to guard against a serious, as yet unspecified, denial of service risk. Users of version 2.x of the Web server on all platforms are urged to upgrade to version 2.0.45. Sites running 1.x aren't affected. Details of the problem, discovered by security outfit iDefense, are to be made available later today. http://www.theregister.co.uk/content/55/30126.html - - - - - - - - - - Entrust, Waveset partner for ID management Access management software provider Entrust Inc. and identity management company Waveset Technologies Inc. will swap technologies and work to develop new products as part of a partnership agreement announced today. The strategic alliance between Austin-based Waveset and Addison, Texas-based Entrust allows each company to use the other's technology to launch new products and services, the two companies said. http://www.computerworld.com/securitytopics/security/story/0,10801,80112,00.html - - - - - - - - - - Porn spam: Are employers liable? Lewd e-mail promoting pornography may soon pose more than just a technical challenge in the ongoing fight against spam--experts say it's set to become an acute legal problem too. Graphic images appearing unbidden on PCs by way of e-mail in-boxes could qualify as evidence of a "hostile work environment," something that's prohibited by federal employment law. http://zdnet.com.com/2100-1105-995658.html http://news.zdnet.co.uk/story/0,,t269-s2133054,00.html http://news.com.com/2100-1032-995658.html - - - - - - - - - - Why we may never regain the liberties that we've lost The lights of a magnificent, recovering city glittered from the 80th floor of the Empire State Building on Wednesday evening. The multiple ironies were not lost on the gathering of civil-liberties and public- interest activists. The Empire State Building is now the tallest structure in the city, still half-stunned from the attacks that brought down the two taller buildings 18 months ago. As a new war raged in Iraq, the people in the room were acutely aware of the only slightly older war that has consumed their daily lives like nothing beforethe way in which the war on terrorism has also turned into an assault on individual liberties. http://www.siliconvalley.com/mld/siliconvalley/5571471.htm Libertarians struggle to reconcile security, privacy concerns http://www.nandotimes.com/technology/story/843006p-5923363c.html - - - - - - - - - - Security Log Firewalls and Internet Security: Repelling the Wily Hacker, Second Edition, by William R. Cheswick, Steven M. Bellovin and Aviel D. Rubin; Addison Wesley Professional, 2003. If there's one security book that has stood the test of time, this is it. It's amazing how many of the same issues, concepts and techniques covered in the original 1994 edition are still valid. http://www.computerworld.com/securitytopics/security/story/0,10801,80056,00.html - - - - - - - - - - Schools use SMS to fight truancy Parents of kids playing hookey in Yorkshire are to be told their little darlings are skipping school - by text. A trial in the East Riding of Yorkshire will enable schools to broadcast texts from a PC to parents informing them of all the latest info from school. Text alerts could be about class closures or up-and- coming school events. But the 'edutxt' service could also be used for teachers to tell parents that their kids haven't shown up at school. http://www.theregister.co.uk/content/59/30132.html - - - - - - - - - - Oracle inks homeland security deal Oracle has signed a deal to supply the Transportation Security Administration with call center software and other information technology infrastructure. The Redwood Shores, Calif., software maker announced the contract with the newly established federal agency on Monday. The TSA, which is part of the recently formed U.S. Department of Homeland Security, is responsible for security screening at commercial airports across the country. http://news.com.com/2100-1009-995831.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.