NewsBits for May 21, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Alleged software pirate arrested in Thailand A Ukrainian man sought by California investigators since 2000 for allegedly selling pirated software titles has been arrested in Bangkok, Thailand, federal prosecutors said. Maksym Kovalchuk, 25, of Ternopil, Ukraine, was nabbed Tuesday at an ice cream parlor. He was taken into custody with the aid of Royal Thai Police on a criminal complaint filed in San Jose, Calif., in 2000. Thai authorities identified Kovalchuk as Maksym Vysochanskyy. In the complaint, Kovalchuk is charged with trafficking in counterfeit goods, copyright infringement, money laundering and possession of unauthorized credit card information. (NandoTimes article, free registration required) http://www.nandotimes.com/technology/story/894695p-6233414c.html - - - - - - - - - - Man fined $534,000 in chat room stock case A judge ordered a former university student to pay regulators more than $500,000 for allegedly posting false messages about stocks on the Internet so he could profit from ensuing buying or selling sprees, federal regulators said Tuesday. The Securities and Exchange Commission contends that Refael Shaoulian, 26, sought to manipulate the price of five stocks while he was a student at University of California, Los Angeles. Shaoulian created false online identities on university computers then posted hundreds of false messages about the stocks on Internet bulletin boards and chat rooms, the SEC said in its civil complaint. http://www.usatoday.com/tech/techinvestor/2003-05-21-bruin-amuck_x.htm http://www.nandotimes.com/technology/story/894152p-6229326c.html - - - - - - - - - - Youth Hacked Into Database, School Says Student at Don Lugo High in Chino altered grades and tapped Social Security numbers, officials say. Letter tells parents of fraud risk. A 17-year-old junior at Don Lugo High School in Chino allegedly hacked into his school's computer system this month, changing his and a classmate's grades and also tapping into confidential student information, including Social Security numbers, officials said Tuesday. (LA Times article, free registration required) http://www.latimes.com/technology/la-me-tamper21may21,1,273621.story - - - - - - - - - - Businessman arrested in Internet teen sex sting A West Bloomfield mortgage company executive is charged with using the Internet to set up a sexual rendezvous with whom he thought was a 14-year-old boy who turned out to be a Royal Oak detective. Robert N. Bisgeier, 51, was arrested in a convenience store parking lot at 11 Mile and Campbell roads shortly after he pulled up in his new Toyota Avalon on Friday afternoon, police said. "He was a little surprised," said Royal Oak Detective Lt. Don Foster. "He thought he was going to meet a boy, but instead he runs into the police." http://www.zwire.com/site/news.cfm?BRD=989&dept_id=140317&newsid=8072696&PAG=461&rfi=9 - - - - - - - - - - Bill to promote Internet filters in libraries stalls A bill that would pressure public libraries to filter sexually explicit Internet sites has stalled in committee after legislative counsel said it is unconstitutional. Proponents say the libraries risk exposing children to pornography and similar material without the filters. Librarians say filters overblock legitimate Web sites and violate free speech provisions. http://www.usatoday.com/tech/news/2003-05-21-oregon-filters_x.htm - - - - - - - - - - Lawmakers, tech industry push anti-spam law A broad international effort by government and industry is needed to stop the torrent of junk e-mail that threatens Internet commerce and correspondence, lawmakers were told Wednesday. "Spam" now accounts for 46 percent of all e-mails sent, said Enrique Salem, president of Brightmail, a San Francisco company that helps Internet providers block spam before it reaches users' inboxes. He told lawmakers that half of e-mail will be spam by December, up from 7 percent in 2001. http://www.nandotimes.com/technology/story/894636p-6232937c.html http://www.usatoday.com/tech/news/2003-05-21-spam-testimony_x.htm http://www.msnbc.com/news/916420.asp Microsoft takes spam plan to Washington http://news.com.com/2100-1024_3-1008862.html http://news.zdnet.co.uk/story/0,,t269-s2135019,00.html http://www.securityfocus.com/news/4982 Aussie takes spam into his own hands http://zdnet.com.com/2110-1105_2-1008142.html Orange fights back in war against spam http://news.zdnet.co.uk/story/0,,t269-s2135055,00.html - - - - - - - - - - Washington law bans selling violent video games to kids Gov. Gary Locke signed a bill into law Tuesday that hits retailers with a $500 fine for selling or renting video games to children that depict violence against police. It's believed to be the first state law of its kind in the country, according to the bill's sponsor and the Interactive Digital Software Association, a trade group for video game manufacturers. Video game publishers promised an immediate legal challenge on free-speech grounds to the law, which applies to children under 17. http://www.nandotimes.com/technology/story/894169p-6229359c.html http://www.theregister.co.uk/content/54/30810.html http://www.usatoday.com/tech/news/2003-05-21-game-ban-wash_x.htm http://www.wired.com/news/business/0,1367,58937,00.html http://money.cnn.com/2003/05/20/technology/gaminglaw/index.htm http://www.msnbc.com/local/PISEA/122885.asp - - - - - - - - - - Pentagon promises safeguards on surveillance system The Pentagon changed the name of its planned anti-terror surveillance system Tuesday and promised to use only legally collected personal data but failed to satisfy a coalition of groups with privacy concerns. The Pentagon's 99-page report on the project also failed to reassure Sen. Ron Wyden, D-Ore., author of Congress' ban on implementing the system to scan databases with information about Americans without specific congressional approval. http://www.usatoday.com/tech/news/2003-05-20-tia-report_x.htm http://www.wired.com/news/privacy/0,1848,58936,00.html http://www.cnn.com/2003/TECH/ptech/05/21/pentagon.spying.ap/index.html http://www.msnbc.com/news/916028.asp http://www.washingtonpost.com/wp-dyn/articles/A19272-2003May21.html http://www.fcw.com/fcw/articles/2003/0519/web-ridge-05-21-03.asp http://zdnet.com.com/2100-1105_2-1008395.html http://www.eweek.com/article2/0,3959,1098048,00.asp - - - - - - - - - - Merrill Lynch Hands Off Network Security Business is getting riskier. Digital attacks on businesses, such as the Slammer worm earlier this year, are unleashing their destruction at ever- increasing speeds. Hackers are constantly poking and prodding, trying to breach the security defenses of American companies. There's also the growing stack of federal and state legislation requiring businesses to prove they're being diligent at securing their data. http://www.informationweek.com/story/showArticle.jhtml?articleID=10000380 - - - - - - - - - - Security conference offers weird, woeful predictions The forecast calls for IT disasters with a chance of nanotechnology. The good news: By 2010, computers should match the human brain in processing power. The bad news: By decade's end, wireless-based viruses, hacking and security breaches will be a major headache for IT administrators. http://www.computerworld.com/securitytopics/security/story/0,10801,81402,00.html - - - - - - - - - - Why spammers lurve the 'Microsoft support' worm The latest Windows mass mailer worm could be used by spammers to launch bulk mail blizzards from computers they don't own, a security researcher warns. AV vendors are now reporting the Palyh worm (which poses as a message from support@microsoft.com) as a variant of Sobig-A. Most vendors are renaming the virus as Sobig-B. http://www.theregister.co.uk/content/56/30808.html - - - - - - - - - - Cybersecurity and You: Five Tips Every Consumer Should Know It's no accident that the Bush administration's cybersecurity plan begins with an appeal to home users and small businesses, arguably the least computer security-conscious group of Internet users. "Home users are more likely to have a level of vulnerability they aren't aware of," said Mark Uncapher, senior vice president and counsel for the Information Technology Association of America. http://www.securityfocus.com/news/4983 - - - - - - - - - - Breaking into The Realm Those who were part of the computer underground in the early to mid-'80s will feel nostalgic pangs as they watch In the Realm of the Hackers, a documentary that chronicles the rise and fall of Australia's most notorious hackers. It tells the story of two Melbourne Generation-X hackers - Electron and Phoenix - who, as part of hacker crew "The Realm", were responsible in the '80s and '90s for attacking many high-profile computer systems here and in the United States. Their exploits were responsible for the US Government putting pressure on the Hawke government to enact Australia's first federal cyber-crime legislation in 1989. http://www.theage.com.au/articles/2003/05/19/1053196515084.html - - - - - - - - - - How Secure Is Windows Server 2003? Forrester senior analyst Laura Koetzle pointed out that the IIS Web server program is turned off by default in the new version of Windows, so that machines not offering Web connections need not be secured against Web-based attacks. By all indications, Windows Server 2003 is engineered to be more secure than its predecessors. Microsoft has adopted a two- pronged approach to achieving this goal: The company has added several new features intended to boost security, and it has altered the operating system's out-of-the-box settings so that many other features are turned off by default. http://www.newsfactor.com/perl/story/21559.html - - - - - - - - - - Application security - the next frontier? Last week Checkpoint confirmed that it is branching out into new areas, notably application security. Why is Checkpoint interested? The proposition that the perimeter is everything is not a valid one. Business, in technology terms, is much more interactive than it has ever been. Collaboration is king. This means that the welcome mat is out for customers, partners and suppliers, extending services and optimising the value chain. http://www.it-director.com/article.php?articleid=10859 - - - - - - - - - - Catastrophes and contingencies For years, companies have prepared for the worst. And that was before Sept. 11, 2001. In the wake of that tragedy, perceptions of how to safeguard corporate data have changed. The lessons learned from the World Trade Center catastrophe have formed the blueprints that life science companies must adopt to ensure survival after a disaster. http://www.computerworld.com/securitytopics/security/recovery/story/0,10801,81373,00.html - - - - - - - - - - Passive Network Traffic Analysis: Understanding a Network Through Passive Monitoring Network IDS devices use passive network monitoring extensively to detect possible threats. Through passive monitoring, a security admin can gain a thorough understanding of the network's topology: what services are available, what operating systems are in use, and what vulnerabilities may be exposed on the network. Much of this data can be gathered in an automated, non-intrusive manner through the use of standard tools, which will be discussed later in this article. While the concepts presented here are not difficult to understand, the reader should have at least an intermediate understanding of IP and a base-level familiarity with the operation of network sniffers. http://www.securityfocus.com/infocus/1696 - - - - - - - - - - U.S. creating digital log of Iraq prisoners U.S. interrogators in Iraq are building a digital catalog of prisoners of war and loyalists of Saddam Hussein's Baath Party, scanning and saving their fingerprints and other body characteristics in databases. The data banks, controlled by the FBI, CIA, Department of Homeland Security and other federal agencies, are being used to investigate suspicious foreigners entering the United States, as well as to trace suspects in future terrorist attacks. http://www.nandotimes.com/technology/story/893497p-6224845c.html - - - - - - - - - - Cops Challenged on GPS Use It seems like grist for a high-tech thriller: Police hide a paperback-sized satellite tracking device in a suspect's car, then wait for him to lead them to the shallow grave where he buried his victim. In a first-in-the-nation case, the state's high court heard arguments Tuesday on whether authorities had sufficient grounds to install the GPS tracker. http://www.wired.com/news/privacy/0,1848,58948,00.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.