High Tech "NewsBits" for 07/30/03

NewsBits for July 30, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Man charged with stealing Cabinet Office laptop The Cabinet Office has admitted that three laptops have been stolen in recent weeks, amid renewed criticism of government security measures. Police have charged a man with theft after he allegedly stole a laptop from the Cabinet Office on Monday, according to Scotland Yard. The charges come amid fresh criticism that the government is not taking sufficient steps to ensure the security of sensitive computer data. http://news.zdnet.co.uk/hardware/0,39020351,39115371,00.htm Whitehall laptop theft prompts security concerns http://www.theregister.co.uk/content/55/32076.html - - - - - - - - - - Kentucky shakes up systems after large-scale hacking Kentucky officials have reassigned some network management duties after discovering a monstrous systems intrusion in which hackers, apparently from France, used Transportation Cabinet computers to store large quantities of pirated movies, music, games and books. The state has shifted responsibility for the cabinets routers to the Governors Office for Technology. Auditor of Public Accounts Ed Hatchett referred information about the hacking incident, as well his offices discovery of employees use of state computers to access porn sites, to state and federal prosecutors. http://www.gcn.com/vol1_no1/daily-updates/22965-1.html http://www.usatoday.com/tech/news/computersecurity/2003-07-30-french-hack-ky_x.htm http://www.courier-journal.com/localnews/2003/07/30ky/wir-front-hack0730-8810.html State Worker Accused Of Accessing Child Porn A state worker has been accused of using his work computer to look for child pornography on the Internet, WLKY NewsChannel 32 has learned. That's among many findings in a routine review of the State Transportation Cabinet's computer network. The accused worker has not been identified. State Auditor Ed Hatchett said that dozens of Transportation Cabinet computers were used to access 6,000 porn sites, and that was just a random four-day sample that searched for five dirty words, WLKY reported. "I'm not the moral police," Hatchett said. "I'm just the taxpayer police trying to safeguard our money." There are 6,000 Transportation Cabinet workers. The auditors' report also found that the cabinet's system was hacked and used to store pirated movies. Hatchett said it's possible that the hackers may have gotten access to secret information, according to WLKY. http://www.thelouisvillechannel.com/technology/2367441/detail.html - - - - - - - - - - I'm working for the FBI, claims accused hacker Self-styled grey hat hacker Jesse Tuttle is fighting charges that he broke into his local council's computer network with a claim that he only did it as part of his work with the FBI. Tuttle (AKA Hackah Jak), from Camp Dennison near Cincinnati, Ohio, claims the Feds sanctioned him to prowl the Net for sensitive computers as part of a deal he signed two years ago. The Cincinnati Enquirer reports that in August 2001 federal prosecutors agreed to drop charges for cracking into the computer system of a New York brokerage firm in return for his subsequent assistance as an informer. http://www.theregister.co.uk/content/55/32079.html - - - - - - - - - - Rolla man pleads guilty in child porn case A Rolla man pleaded guilty Monday to federal charges of possessing child pornography and a sawed-off shotgun, U.S. Attorney Ray Gruender said. Michael Hudson, 44, of Rolla, faces sentencing Oct. 17. Gruender said that in September, Hudson confessed to police that he accessed child pornography Web sites. A search of his home found CDs containing images of children under the age of 12 engaged in sexually explicit conduct, Gruender said. Investigators also observed a sawed-off shotgun next to one of computers. http://www.waynesvilledailyguide.com/articles/2003/07/30/news/local_news/news03.txt - - - - - - - - - - L.I. DOZEN NABBED FOR CHILD PORN Authorities on Long Island have busted 12 people, including the son of a United Nations official, for allegedly downloading child pornography from the Internet. Suffolk District Attorney Thomas Spota said the alleged dirty dozen were not part of a ring, but all used the computer file-sharing program Kazaa to swap photos and videos of "some of the most horrific child pornography." http://www.nypost.com/news/regionalnews/1890.htm - - - - - - - - - - S. Rockwood chief met teen for sex, attorney says South Rockwood's police chief left a 17-year-old lying on the ground after shooting him during an early-morning rendezvous last week, an attorney said Monday. While Keith Hall of Romulus writhed in pain from a single gunshot wound to the chest early Friday morning, Police Chief Kevin Walters hopped in his Oldsmobile Alero and sped away, according to Paul Swanson, Hall's attorney. Swanson said Hall's friend, Matthew Schieda, 19, of Romulus called 911 and not the chief, as the Monroe County Sheriff's Department reported last week. "He came back 10 or 15 minutes later," Swanson said of Walters. "He got there either at the same time as the Sheriff's Department or just moments before." The shooting stemmed from an Internet chat between the chief and the teens. Monroe County Prosecutor Mike Weipert confirmed last week that Walters met them over the Internet but would not say for what purpose. http://www.freep.com/news/mich/rock29_20030729.htm - - - - - - - - - - Florida man charged with Milford sex abuse Members of the Milford Police Department said they have concluded their investigation into a sexual abuse case involving a Florida man who is accused of meeting a 13-year-old through the Internet and luring the juvenile to a local motel. Vicente R. Abad, 25, Hialeah, Fla., has resided in Dickinson County and recently worked as an employee at a children's hospital in Miami according to court records. Police say he became acquainted with an area juvenile through an Internet teen chat room. Abad and the teen-ager continued their relationship over the phone and Internet, according to police. "Abad then made arrangements with the victim to meet," a police statement said. "Abad proceeded to travel from Florida to Milford." http://www.zwire.com/site/news.cfm?newsid=9922430&BRD=1406&PAG=461&dept_id=180083&rfi=6 - - - - - - - - - - Ex-Teacher Admits To Sex Acts With Underage Girls A former high school teacher admitted in court that he engaged in sex acts with a 13-year-old girl twice and a 14-year-old girl once. James F. Jetter, who taught Spanish at Springfield High School in Delaware County from Sept. 27 until he resigned on Dec. 27, made the admissions Tuesday in Carbon County Court. Jetter said he met both of the girls online. He traveled to Lehighton to meet the 13-year-old girl and to Gloucester County, N.J., to meet the 14-year old girl from Camden County. http://www.wnbc.com/education/2368289/detail.html - - - - - - - - - - Witness Jailed In Lying About E-mail A key government witness in a case of alleged environmental terrorism and arson on Long Island three years ago was jailed Tuesday for lying to federal agents about an e-mail conversation. U.S. District Judge Thomas Platt ordered Jared McIntyre, 20, of Coram imprisoned immediately after a hearing in which a federal prosecutor argued that McIntyre had violated the terms of his bail by denying to FBI agents that he had a lengthy e-mail conversation 2 1/2 years ago about the case with a person identifying himself as a member of the Earth Liberation Front, which the FBI considers an environmental terrorist group. http://www.newsday.com/news/local/longisland/ny-lielf0730,0,5031432.story - - - - - - - - - - MSN Users Warned of Malicious Virus Ahnlab, an Internet security firm, yesterday issued an alert to MSN Messenger users about infection by the malicious computer virus called ``Trojan Horse. The virus is spreading across the Internet through the instant messaging service, which has some 5 million users. The virus becomes activated when the user downloads a file contained in a message which reads, ``I would like to send you the file, sins.exe. http://times.hankooki.com/lpage/tech/200307/kt2003073016295412350.htm - - - - - - - - - - ACLU sues Justice, FBI over broader surveillance powers The American Civil Liberties Union on Wednesday sued the Justice Department and FBI over a provision of a 2001 anti-terrorism law that gives law enforcement easier access to a range of business records, including those of libraries, bookstores, and hospitals. http://www.govexec.com/dailyfed/0703/073003td1.htm - - - - - - - - - - Judge limits banks on sharing customer data In a closely watched privacy case, a federal judge in Oakland said Tuesday that California cities and counties can require banks to get customer approval before sharing their financial information with third parties. http://www.siliconvalley.com/mld/siliconvalley/6416752.htm - - - - - - - - - - 'Over-enthusiastic' agent spams mobiles A real estate agent in Queensland, Australia, has been reprimanded for spamming mobile phones, waking many people at 4 a.m. The Surfers Paradise office of Ray White real estate has apologised for blanket spamming mobile phone users, and has told ZDNet Australia it will "severely discipline" the employee responsible. http://news.zdnet.co.uk/communications/0,39020336,39115362,00.htm - - - - - - - - - - Net phone service worries FBI With the spread of Internet phone calling, the FBI worries that federal plans to deregulate broadband will hamper its ability to track criminals and terrorists. The concern stems from: the increasingly blurry line between data and voice traffic, the Federal Communications Commission's desire to keep broadband free of regulation and the wording of a federal law. http://www.usatoday.com/tech/news/techpolicy/2003-07-30-fbi2_x.htm - - - - - - - - - - Legislation takes aim at spyware A resolution introduced in Congress would force companies to lift the cloak on their use of spyware, a kind of software that can secretly collect information from Internet users. The Safeguard Against Privacy Invasions Act would require companies to inform Internet surfers that they use spyware and get permission before the software is installed on a hard drive. http://www.securityfocus.com/news/6563 - - - - - - - - - - FTC warns about file trading, spyware The Federal Trade Commission issued a brief consumer warning Wednesday about potential privacy concerns surrounding file-swapping software and spyware. In the latest of a series of consumer privacy alerts, the agency stopped short of warning consumers not to use free file-trading software, but it said computer users should take care to understand and prevent a range of potentially unpleasant consequences for doing so. "Make sure that you consider the trade-offs," the agency wrote. "File sharing can have a number of risks." http://zdnet.com.com/2100-1105_2-5057814.html - - - - - - - - - - Labels win round in piracy crackdown Sydney University can't hide behind claims that file-swapping data sought by record labels was deleted from its system, an Australian federal judge has ruled. The decision is a setback to alleged copyright infringers that hope to delay or deflect threatened lawsuits from the recording industry, which has filed a wave of subpoenas against universities and Internet service providers in recent weeks. http://news.com.com/2100-1029_3-5057849.html Leave P2P users alone, says publisher A leading music publisher has claimed that internet file sharing could actually improve the quality of music in the long term. Ellis Rich, chairman of the Independent Music Group, suggested that the music industry is making a mistake by equating piracy with downloading by peer-to-peer users. http://www.vnunet.com/News/1142697 - - - - - - - - - - Hormel fights to defend Spam name Hormel Foods has a message for a Seattle software company: Stop, in the name of Spam! The canned-meat company filed two legal challenges with the U.S. Patent and Trademark Office to try to stop SpamArrest from using the decades-old name Spam, for which it holds the trademark. SpamArrest, which specializes in blocking junk e-mail or ``spam,'' filed papers to trademark its corporate name early this year. Hormel then sent the company a warning to drop the word ``Spam.'' SpamArrest refused. http://www.bayarea.com/mld/mercurynews/6418527.htm http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6419416.htm http://www.wired.com/news/business/0,1367,59827,00.html - - - - - - - - - - Suit could squash do-not-spam lists Even as the idea of a national do-not-spam registry gains traction among e-mail users and on Capitol Hill, a lawsuit against the proposed federal do-not-call list could nip the idea in the bud, legal experts warn. The National Do Not Call Registry was a hit with the public when it launched last month, and the site that takes phone numbers for the plan staggered under heavy demand. As of Monday, 28.7 million numbers were registered with the list. http://zdnet.com.com/2100-1105_2-5057313.html http://news.zdnet.co.uk/internet/0,39020369,39115367,00.htm Do not e-mail site hawked in spam http://www.msnbc.com/news/946003.asp - - - - - - - - - - Air France awarded victory over 'typosquatter' The French airline will take over a Web site that redirects poor typists to other travel firms. French carrier Air France on Wednesday won the right to take over a Web site that uses a garbled version of its name apparently to steer business toward other travel firms and some finance companies. http://news.zdnet.co.uk/internet/ecommerce/0,39020372,39115374,00.htm http://news.com.com/2100-1032_3-5057834.html - - - - - - - - - - ID theft a growing problem, survey finds Credit cards were most frequently targeted in such crimes. The number of Americans who fell victim to identity theft in 2002 grew 81% over the year before. And incidents reported so far in 2003 suggest a major rise over last year, according to a just-released survey funded by Privacy & American Business and conducted by Rochester, N.Y.-based Harris Interactive Inc. http://computerworld.com/securitytopics/security/privacy/story/0,10801,83587,00.html - - - - - - - - - - Internet sex crimes aggressively attacked by DA's office The Internet Crimes Against Children (ICAC) task force reveals startling local statistics. There have been 65 arrests of those who commit crimes on the Internet involving children in Delaware County from January 2000 to July 2003. There are a total of 16 arrests so far this year. There are 56 cases being investigated. Some are in Montgomery County, but most are in Delaware County, according to Kathy DeRosa, administrative assistant for the Delaware County ICAC task force. Since January 2000, there have been 548 cases involving children and the Internet investigated in Delaware and Montgomery counties. The Delaware County ICAC task force, also known as Operation Triad, have been aggressively pursuing anyone that commits a crime on the computer or Internet involving children since the beginning of 2000. http://www.zwire.com/site/news.cfm?newsid=9923740&BRD=1725&PAG=461&dept_id=45529&rfi=6 - - - - - - - - - - Virus writers turn to spam Clicking on spam could give you a virus. Britain's technology managers have issued a warning about spam e-mails that act as a new way for Windows viruses to penetrate organisations. The spam message tricks people into clicking on a link that takes them to a website but also, unseen, delivers a virus too. Versions of the virus-bearing spam let people unsubscribe from bogus newsletters or claim to give away electronic greetings cards. http://news.bbc.co.uk/1/hi/technology/3107613.stm - - - - - - - - - - Government IT security 'worryingly poor' Citizens' data at considerable risk as IT systems fail practically every test in the book. UK government IT security is "worryingly poor" and needs significant improvement, according to research by a security testing firm. http://www.vnunet.com/News/1142688 Security pros talk, but can they walk? http://zdnet.com.com/2100-1105_2-5057566.html http://news.com.com/2100-1009_3-5058058.html http://news.com.com/2100-1002_3-5057914.html Zimmermann: Public too slow to adopt encryption http://www.gcn.com/vol1_no1/daily-updates/22974-1.html When three-factor security isn't enough http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2914391,00.html HSD to develop information sharing procedures http://www.gcn.com/vol1_no1/daily-updates/22982-1.html Report: Privacy compliance is uneven http://www.fcw.com/fcw/articles/2003/0728/web-gao-07-30-03.asp http://www.washingtonpost.com/wp-dyn/articles/A3787-2003Jul30.html - - - - - - - - - - Grants for CERT security training AUSTRALIA is pushing for the Russian Federation and South American countries to establish Computer Emergency Response teams along the lines of AUSCERT, in an effort to combat hacking and virus attacks. An Australian-led initiative to provide CERT training to the countries has resulted in a $150,000 Asia-Pacific Economic Co-operation grant, with the training expected to be carried out by CERTs in North America and Japan. http://www.news.com.au/common/story_page/0,4057,6813484%255E15317,00.html - - - - - - - - - - As cyberaffairs increase, some spouses resort to online surveillance Suspicious husbands and wives who once might have hired a private eye to find out if their spouses were cheating are now using do-it-yourself technology to check on an increasingly popular hideaway for trysts -- the Internet. Divorce lawyers and marriage counselors say Internet- abetted infidelity, romance originating in chat rooms and fueled by e-mails, is now one of the leading factors in marital breakdowns. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6419917.htm http://www.usatoday.com/tech/news/internetprivacy/2003-07-30-married-surveillance_x.htm - - - - - - - - - - Web site offers users a chance to bet on almost anything People for years have joked about being able to bet on just about anything in Las Vegas. Now, for online gamblers, the old joke could be coming true. UBetWhat.com, a gambling site that was launched Tuesday, lets you wager on just about anything that's legal -- as long as you can find someone else to take the bet. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6419437.htm - - - - - - - - - - Panel Probes the Half-life of Bugs Software security holes never die, they fade from the Internet at a rate of 50% every thirty days after a patch is released, according to the results of a study released at the Black Hat Briefings security conference here Wednesday. Researchers at the California-based security company Qualys analyzed the results of 1.5 million vulnerability scans conducted since January 2002 by the company's free and commercial vulnerability scanning services. http://www.securityfocus.com/news/6568 - - - - - - - - - - Court motions go digital DAs once buried in paper never miss a hearing now that IT's on the case. Lawyers don't like to look bad in court. They don't want to appear before the judge without the right documents, or worse, fail to show up at all because they didn't get a notice about a hearing. But that used to happen frequently at the Clark County Courthouse in Las Vegas, which gets 40 to 50 legal motions each day from defense attorneys. The documents are supposed to be delivered to the right district attorney in time for court hearings, but sometimes they never arrived or were misrouted or sat in someone's in-box too long. Pleading ignorance, a district attorney would have to request a continuance (a deadline extension) from the judge. http://computerworld.com/databasetopics/data/story/0,10801,83408,00.html - - - - - - - - - - MCI denies national security 'compromised' Scandal-smeared MCI has insisted that all US government secure calls on MCI networks have been handled properly and denied that national security was compromised at any time. The firm stand follows a fresh round of allegations that the telecoms outfit improperly rerouted long- distance calls in the US and Canada in order to avoid paying hundreds of millions of dollars in access fees to other phone companies. http://www.theregister.co.uk/content/5/32074.html - - - - - - - - - - Pentagon pulls Kill-An-Arab futures trading website A Pentagon-funded website which invited participants to join a "futures exchange" speculating on the assassination of Middle Eastern heads of state, nuclear attacks on Israel, and similar catastrophes, was abruptly axed yesterday. The scheme was devised with the help of The Economist magazine's "Business Intelligence Unit" - which has at last secured itself a historical footnote - and was funded by DARPA, the United States military's R&D division, along with a derivates software company. http://www.theregister.co.uk/content/6/32065.html http://zdnet.com.com/2100-1105_2-5057616.html http://www.wired.com/news/politics/0,1283,59818,00.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.