NewsBits for August 8, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Hacker accessed customer information, Acxiom reports A computer hacker gained access to private files at Acxiom Corp., one of the world's largest consumer database companies, and was able to download sensitive information about some customers of the company's clients, the company said Thursday. ``The data on the servers was a wide variety of information, some of which was personal, some of which was not,'' Jennifer Barrett, the company's chief privacy officer, said in an interview with The Associated Press on Thursday. The AP was notified of the intrusion by an anonymous caller who would not identify himself or his connection with the company. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6484554.htm http://www.computerworld.com/securitytopics/security/hacking/story/0,10801,83854,00.html http://www.washingtonpost.com/wp-dyn/articles/A31921-2003Aug7.html http://www.usatoday.com/tech/news/computersecurity/2003-08-08-axciom_x.htm - - - - - - - - - - Appeal in bug disclosure case Bret McDanel already served his 16 months in federal prison for violating the Federal Computer Fraud and Abuse Act. Now he wants to clear his record. McDanel was wrongly convicted under the federal computer fraud statute, criminal code 18 U.S.C. 1030, claims a 62-page appeal filed on McDanel's behalf by his new attorney, Jennifer Granick, clinical director for the Center for Internet and Society at Stanford Law School. The criminal code was misinterpreted to bring about his conviction, and McDanel's public defender denied him a fair trial, asserts the brief, filed Wednesday in the Ninth Circuit Court of Appeals. http://www.securityfocus.com/news/6643 - - - - - - - - - - Student died after buying web drugs The mother of a Durham University student who committed suicide while in a "drug-induced" depression, has spoken out against companies who sell prescription drugs on the Internet. Sue Brackell called on the government to address the problem of unregulated websites selling drugs, after an inquest into the death of her son Liam. http://news.bbc.co.uk/2/hi/uk_news/england/3130187.stm http://www.theregister.co.uk/content/6/32242.html - - - - - - - - - - Blue Ridge Thunder nabs three Federal authorities are considering charges against two of the three men arrested since July 19 by Bedford Countys Blue Ridge Thunder Internet investigation team. The three two from Central Virginia and one from the Washington, D.C., suburbs were arrested on different charges of crimes against children. http://www.newsadvance.com/servlet/Satellite?pagename=LNA%2FMGArticle%2FLNA_BasicArticle&c=MGArticle&cid=1031770408853 - - - - - - - - - - Indictments made in Pittsburgh signal wider U.S. attack on porn Two California pornographers were indicted yesterday by a federal grand jury here on charges of selling obscene videotapes, including one that depicted women being raped and murdered. Robert D. Zicari, 29, and his wife, Janet Romano, 26, whose Extreme Associates porn company was featured last year on PBS's "Frontline," are charged with distributing the videos through the mail and over the Internet in Western Pennsylvania. http://www.post-gazette.com/pg/03220/209919.stm - - - - - - - - - - Butler Man turns himself in on child porn charges An Export man turned himself in at District Justice Kevin O'Donnell's office in Butler yesterday, nearly four months after he was accused of transmitting child pornography images to an undercover state trooper. Joseph Raymond Fisher, 22, of Bryer Ridge Court, is charged with three felony counts for the dissemination and possession of child pornography and for using the Internet to transmit the images. http://www.post-gazette.com/neigh_north/20030808nburbs0808p8.asp - - - - - - - - - - Transportation Computers Show Evidence That Child Porn Was Accessed Child pornography was accessed from the Web on computers used by the Transportation Cabinet, according to the state auditor's review. "We have found evidence that convinces us that Transportation computers are being used not only to access, but to view, child pornography sites on Transportation property," Harold McKinney, spokesman for state Auditor Ed Hatchett, said Wednesday. McKinney said evidence gathered by the office has been presented to the U.S. attorney's office and the state attorney general's office for possible criminal investigation. http://www.wave3.com/Global/story.asp?S=1392773&nav=0RZFHLE5 - - - - - - - - - - Court blocks some file-trading subpoenas A Massachusetts court has blocked several recording industry subpoenas that are aimed at college song swappers, saying the universities involved are not immediately required to divulge the alleged file traders' identities. The decision comes after officials at the Massachusetts Institute of Technology and Boston College challenged subpoenas from the Recording Industry Association of America (RIAA), saying the trade group's requests for information had not been legally filed. http://news.com.com/2100-1027_3-5061868.html - - - - - - - - - - Parents liable for kids' P2P downloads RIAA subpoenas bring file-swapping issue to a 'brisk boil', warn lawyers. US parents could face full liability if their children are discovered to have illegally downloaded copyrighted MP3 files and stored them on home computers, legal experts have warned. http://www.vnunet.com/News/1142890 - - - - - - - - - - Cybercriminals target online gamers South Korea leads the world in its population's enthusiastic approach to the Internet and the latest technology, but cybercrime is a growing problem. With its enthusiastic take-up of technologies such as broadband and the Internet, South Korea is often seen as a flagship country that others such as the UK could learn from. Its transformation into a cybernation is not without its downside, though, according to latest reports. http://news.zdnet.co.uk/internet/security/0,39020375,39115585,00.htm http://times.hankooki.com/lpage/nation/200308/kt2003080718330611980.htm - - - - - - - - - - Net share sting claims UK victims A small Welsh business lost a "substantial amount of money" after buying shares in a non-existent company which lived only online. The fraudsters behind the scam also ensnared a Manchester- based businessman and theire could be many more British and Irish victims, according to the Puget Sound Business Journal. http://www.theregister.co.uk/content/6/32251.html - - - - - - - - - - Mimail supplants Klez as virus spreads Home users have borne the brunt of the latest virus epidemic, according to an antivirus firm. The Mimail worm has snatched prime position away from Klez by becoming the fastest spreading Internet menace, according to mail filtering company MessageLabs. The veteran Klez, which was discovered all the way back in April last year, has slipped to second position in only a week following Mimail's stunning debut as the Internet's new "bad boy" on the block. http://news.zdnet.co.uk/business/0,39020645,39115563,00.htm Mimail replaces Klez at top of virus charts http://zdnet.com.com/2110-1105_2-5061691.html - - - - - - - - - - Windows Vulnerability Scans Increase - Worm Likely To Follow Forrester research director Michael Rasmussen said the high activity surrounding the Windows vulnerability indicates a worm is soon to come. New coded exploits that take advantage of a widespread Microsoft Windows vulnerability have been posted online. By most reports, malicious scans to expose vulnerable systems are running rampant a week after government warnings regarding the flaw. http://www.ecommercetimes.com/perl/story/31296.html - - - - - - - - - - Warning Parents About Internet Predators FBI agents working with Santa Monica's Rape Treatment Center offer informal safety briefings that can help protect children. When FBI Special Agent Douglas Hunt launches into his presentation to teach parents how to protect their children from Internet predators, it isn't long before polite smiles give way to audible gasps and expressions of jaw-dropping disbelief. He begins with the case of a Santa Clarita man who contacted a 13-year-old boy in an online chat room. After graduating to instant-message exchanges, the man told investigators, he began sending the boy e-mails with sexually explicit attachments. (LA Times article, free registration required) http://www.latimes.com/technology/la-me-onthelaw8aug08,1,1681018.story - - - - - - - - - - NSA Proposes Backdoor Detection Center Declaring hidden malware to be "a growing threat," the National Security Agency's cybersecurity chief is calling on Congress to fund a new National Software Assurance Center dedicated to developing advanced techniques for detecting backdoors and logic bombs in large software applications. In prepared testimony before the House Select Committee on Homeland Security's cybersecurity subcommittee last month, NSA information assurance director Daniel Wolf bemoaned an absence of tools capable of scouring program source code and executables for evidence of tampering. http://www.securityfocus.com/news/6671 - - - - - - - - - - Anti-scam website pressured by scammer A website set up to advise small businesses about how not to get caught up in a European directory scam has come under increasing pressure from the company it exposes, European City Guide. StopECG.org has received lawyers' letters from St Louis in the US insisting its domain name infringes the European City Guide's ECG trademark and that unless it hands over the domain an injunction will be sought to seize the URL. http://www.theregister.co.uk/content/67/32254.html - - - - - - - - - - Do Not Spam list and filtering firms join hands A company that runs a Do Not Spam list and a spam filtering firm this week launched a reciprocal discount scheme. Global Removal and DAIR Computer Systems, the publisher of spam filter SpamAI, said their discount scheme gives their customers "two forms of spam protection for the price of one". The Do Not Spam List, from Global Removal, "removes customer email addresses from the lists used by mass-emailers" for a one-time fee of $5. http://www.theregister.co.uk/content/55/32256.html - - - - - - - - - - Software patching gets automated Whenever the Defense Departments Computer Emergency Response Team Coordination Center sends out a vulnerability alert, each DOD systems administrator must acknowledge it and respond with a plan for closing the hole. The notification and response is becoming more automated, said a security manager at a DOD software development shop, who contacted GCN and asked that neither he nor his agency be named in print. The problem is that the remediation is manual. When you get two or three alerts an hour, it gets out of control. http://www.gcn.com/vol1_no1/daily-updates/23082-1.html - - - - - - - - - - Security spending set to soar Companies will spend $13.5bn on security products in 2006, up from $7.1bn last year, according to analyst Datamonitor. Much of the spending will go on intrusion detection systems, vulnerability assessment solutions and security management tools, with security spending in EMEA growing at a compound annual growth rate of 18 per cent. http://www.vnunet.com/News/1142897 Intrusion detection grabs the attention http://www.vnunet.com/News/1142888 - - - - - - - - - - OU turns to Sybari to block viruses and spam Students may live on spam but university staff can do without it. The Open University has turned to Sybari Software to protect its staff's email from spam and viruses. One of the world's largest virtual learning organisations - even before the web took education onto another level - the OU will roll out the technology to 6,500 users, who deal with over 200,000 students. http://www.silicon.com/news/165/1/5518.html - - - - - - - - - - 3G, security drive smart card sales The advent of 3G and various credit card security programmes will enable smart card manufacturers to leave behind a troubled 2002 and look to a period of sustainable growth. Fierce competition in the low-end SIM market dampening revenue growth in 2002. But the expansion of 3G will create brisk demand for high-end 32k and 64k SIM cards this year, analyst firm Frost & Sullivan forecasts. At the same time, financial and identification applications are offering opportunities for vendors to expand their markets. http://www.securityfocus.com/news/6669 - - - - - - - - - - Survey: Insecure passwords can be costly for companies Users not only write down their passwords; they sometimes share them, too. A recent survey by Rainbow Technologies Inc. indicates that the use of insecure passwords can be costly -- and potentially risky -- for corporate data. According to the survey, based on responses from 3,000 IT administrators, executive managers and security professionals, the problem stems from the sheer number of inherently insecure user names and passwords in use -- along with the fact that many users write down their passwords, according to the Irvine, Calif.-based security vendor. http://computerworld.com/securitytopics/security/story/0,10801,83839,00.html - - - - - - - - - - Cyber rights... and wrongs I can't remember a single person worrying about cyber rights when I was in college. Maybe it was because the Internet heyday hadn't yet arrived; maybe it was because the thought never crossed our minds; maybe we didn't know they were important. Just a few years later, the rules have changed. Technology writer Annalee Newitz looked at the best and worst when it comes to campus cyber rights for Wired Magazine. What she found surprised me. http://www.cnn.com/2003/TECH/08/06/hln.wired.cyber.rights/index.html - - - - - - - - - - Claim: RFID Will Stop Terrorists Facing increasing resistance and concerns about privacy, the United States' largest food companies and retailers will try to win consumer approval for radio identification devices by portraying the technology as an essential tool for keeping the nation's food supply safe from terrorists. The companies are banding together and through an industry association are lobbying to have the Department of Homeland Security designate radiofrequency identification, or RFID, as an antiterrorism technology. http://www.wired.com/news/privacy/0,1848,59624,00.html - - - - - - - - - - Jamaica's Police Get More 'Mules' to Cough Up Drugs Illicit air couriers who deliver narcotics by swallowing them are nabbed by technology funded by Britain -- their main destination. Little more than a year ago, so many poor Jamaicans were swallowing sealed drug packets before boarding planes to Britain that at least 60 a week were being arrested at Heathrow Airport and a London tabloid branded Jamaica's national airline "Cocaine Air." (LA Times article, free registration required) http://www.latimes.com/technology/la-fg-mules8aug08,1,3836758.story - - - - - - - - - - Email blunder leaves councillor in tight spot A Tory councillor has quit his party after sending photos by email that were far from conservative. A Conservative councillor resigned from the party on Thursday after emails that he sent containing photographs of him wearing a suspender belt, tights, and no underwear were forwarded to his colleagues. http://news.zdnet.co.uk/business/legal/0,39020651,39115569,00.htm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.