NewsBits for August 26, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Virus Probe Extends Into Canada The Royal Canadian Mounted Police said Monday that it was investigating whether the Sobig.F computer virus that flooded computer networks with millions of unwanted e-mails last week originated from a computer in Canada. Sobig.F is the fastest-spreading computer virus of its kind, computer-security experts have said. Companies including FedEx Corp., Starbucks Corp. and AOL Time Warner Inc. and the states of New Jersey, Pennsylvania and North Carolina have found the virus on their computer networks. The RCMP declined to comment on the status of its investigation. The FBI already has begun its own inquiry, and Canadian authorities are working with that agency. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-sobig26aug26,1,7568758.story http://news.com.com/2100-1002-5068382.html FBI seeks publics help to track down virus http://www.gcn.com/vol1_no1/daily-updates/23298-1.html Sobig second wave attack fails to strike The Internet community succeeded in cutting off the links that would have allowed the prolific Sobig-F worm to phone home last weekend. This action prevented the worm downloading new and potentially even more malevolent code onto infected PCs. However, the worm itself is continuing to spread. http://www.theregister.co.uk/content/56/32486.html Experts say money is motive for SoBig virus Computer security experts and law enforcement officials are struggling to understand the motives of a mysterious software author who appears intent on prying open many of the electronic locks on the Internet. The malicious program known as SoBig, which is transmitted as an e-mail attachment and then resends itself widely via the Internet, is actually the sixth variant in an experiment by an unknown attacker. During the past eight months the author or authors have persistently tried to implant a range of secret tools for stealing information and sending unsolicited commercial e- mail messages, or spam, according to security experts. http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2003/08/26/BU249135.DTL http://straitstimes.asia1.com.sg/world/story/0,4386,206565,00.html Viral opportunity http://www.theregister.co.uk/content/55/32491.html SoBig will spawn yet another variant http://www.vnunet.com/News/1143216 Experts: Sixth son of Sobig not the last http://news.com.com/2100-1002_3-5067886.html http://www.cnn.com/2003/TECH/internet/08/26/next.sobig.reut/index.html The aftermath of cyberattacks http://www.cnn.com/2003/US/08/25/nyt.cyberattack/index.html MessageLabs reverses stance on Aust Sobig infection http://www.zdnet.com.au/newstech/security/story/0,2000048600,20277752,00.htm - - - - - - - - - - Hacker who disrupted DCFS hotline, other phone systems arrested A former computer technician for a Manhattan Beach technology company has been arrested on charges that he hacked into and disrupted a Los Angeles County child abuse hot line, authorities said Monday. Walter Wiggs, 44, of Douglasville, Ga., is a former employee of Technology For Business Corp., and allegedly used a computer in his home to illegally access at least 13 computer systems that used the company's automated telephone system services, court papers state. http://www.signonsandiego.com/news/computing/20030825-1722-cnshacker.html - - - - - - - - - - OSI Leader Asks Hacker to Stop SCO Attack A sophisticated denial-of-service attack, which took down the Web site of SCO Group through the weekend and into Monday, was the work of an "experienced Internet engineer," according to Open Source Initiative (OSI) President Eric S. Raymond. The attack has since ended and the SCO Web site is back online. http://www.internetnews.com/dev-news/article.php/3068581 Hackers cut off SCO Web site http://zdnet.com.com/2100-1105_2-5067743.html Fake e-mail parody targets SCO CEO Darl McBride http://computerworld.com/softwaretopics/os/linux/story/0,10801,84402,00.html http://computerworld.com/developmenttopics/websitemgmt/story/0,10801,84405,00.html SCO Web site hit by denial of service attack http://www.idg.com.sg/idgwww.nsf/unidlookup/159B9750BBC0A5BE48256D8E003230F3 http://www.newsfactor.com/perl/story/22167.html - - - - - - - - - - Officials Believe Missing Teen With Man She Met Online A local teenager is missing after vanishing from her Lorain County home, according to officials. NewsChannel5's Debora Lee reported that police believe the Internet may hold the key to her disappearance. Like many 15-year-olds, Aschliee Everett spends a lot of time on the computer. Now, police believe she may be with a 40-year-old man she met online. "I just miss my daughter and I want her home," said Michael Everett, Aschliee's father. Michael Everett hasn't seen his daughter since Monday, and he's worried sick. Police believe Aschliee was corresponding with a man from Pennsylvania, a faceless 40-year-old hanging out in an Internet chat room. http://www.newsnet5.com/news/2428128/detail.html - - - - - - - - - - Man faces child porn charges A Pontiac man could be tried on nine counts of child pornography in September in Livingston County Circuit Court. William J. McCormick, 42, appeared in court Monday to waive his right to a preliminary hearing. McCormick and public defender James Casson asked for a jury trial. The charges accuse him of possessing photographs of girls younger than 18 through using his computer. Some of the nine photos showed the girls depicting sexual acts, authorities said. http://www.pantagraph.com/stories/082603/new_20030826093.shtml - - - - - - - - - - Amazon files 11 lawsuits against alleged e-mail forgers Amazon.com has filed federal lawsuits against 11 e-mail marketers, contending they faked their e-mail addresses to appear as if the messages were sent by Amazon.com, the company said Tuesday. The suits, filed Monday and Tuesday in several U.S. district courts and in the Ontario Superior Court of Justice in Canada, seek injunctions to stop the alleged e-mail forgeries as well as millions of dollars in punitive damages. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6622161.htm http://zdnet.com.com/2100-1105_2-5068032.html http://www.usatoday.com/tech/news/techpolicy/2003-08-26-amazon-sues-spammers_x.htm http://www.wired.com/news/business/0,1367,60191,00.html http://www.msnbc.com/news/957514.asp http://www.washingtonpost.com/wp-dyn/articles/A48023-2003Aug26.html - - - - - - - - - - Court Gives Hollywood a Happy Ending Hollywood has some new ammunition for its battle against digital piracy. The California Supreme Court yesterday ruled that courts can bar people from posting DVD copying codes online. The ruling reversed a lower court's decision that a preliminary injunction against the person who posted the code violated free speech rights. http://www.washingtonpost.com/wp-dyn/articles/A46770-2003Aug26.html - - - - - - - - - - RIAA, studios gain P2P legal aid Hollywood studios and record labels are getting allies in their quest to overturn a court ruling that said file- swapping software companies aren't responsible for the copyright infringement of their users. Several groups, including a list of legal scholars, international copyright organizations, legal music services and other copyright holder groups filed "friend of the court" briefs Tuesday, asking that an April ruling upholding the legality of file-swapping services such as Grokster and StreamCast's Morpheus be overturned. http://news.com.com/2100-1027_3-5068421.html - - - - - - - - - - Netgear flaw triggers 'accidental' DoS attack Network hardware maker Netgear has warned its customers that a flaw in some of its router products that could set off an "accidental" denial of service (DoS) attack. The problem occurs because of a flawed implementation of the Network Time Protocol (NTP), which is a method commonly used by network devices to contact special "time" servers that pass on the correct time and date. This information is important for routers because they generate a variety of time-sensitive logs. http://news.zdnet.co.uk/internet/security/0,39020375,39115911,00.htm - - - - - - - - - - Counterfeit goods on the increase Fakers move in to take advantage of boom in digital products. In a move up from fake perfumes and clothes, counterfeiters are now producing a range of phoney goods from digital cameras to Sony PlayStations. And rather than relying on selling products through market stalls, fakers are increasingly using unsuspecting small retailers to sell them on to consumers. http://www.vnunet.com/News/1143214 - - - - - - - - - - Spam hurts legitimate email marketers Retailers who hawk their wares via email are finding it harder to make a buck from customers, as email inboxes overflow with spam. Although many retailers establish ties with consumers that distinguish them from spam-senders, a study released on Monday showed they earned slightly lower revenue from each email sent out in the second quarter of 2003. US marketers, consumer groups and trade associations are pushing authorities to fight the onslaught of deceptive or vulgar spam messages. For retailers, spam snarls the potential for reaching clients who may want to see their ads. http://news.zdnet.co.uk/internet/ecommerce/0,39020372,39115901,00.htm - - - - - - - - - - U.S. Sponsors Anti-Censorship Web Service A pact between the U.S. government and the electronic privacy company Anonymizer, Inc. is making the Internet a safer place for controversial websites and subversive opinions -- if you're Iranian. This month Anonymizer began providing Iranians with free access to a Web proxy service designed to circumvent their government's online censorship efforts. http://www.securityfocus.com/news/6807 - - - - - - - - - - Net surfers flock to anti-virus sites With computer users under siege from a variety of worms, Internet buffs are rushing to Microsoft's anti-virus site to search for ways to combat the problem. Traffic to Microsoft TechNet from surfers logging on at home skyrocketed more than 1 100% during the week ending 17 August, Internet audience measurement service Nielsen/NetRatings said yesterday. http://www.itweb.co.za/sections/internet/2003/0308260850.asp - - - - - - - - - - Symantec arms next Norton with spyware detection Symantec took the wraps off its upcoming Norton Antivirus 2004, pitching the updated security software as an antidote to complex viruses such as the MSBlast worm. The next version of the flagship security application, set for release in September, will include more powerful scanning tools, the company said on Monday. These are designed to address nonvirus computing hazards such as spyware, as well as take on a generation of viruses that use multiple points of entry to victims' PCs and carry multiple payloads. http://news.zdnet.co.uk/internet/security/0,39020375,39115906,00.htm Symantec adds product activation http://news.com.com/2100-1046_3-5068370.html - - - - - - - - - - There are no compromises in the Internet... Lately hackers of the East Europe have cracked not less than 1 million credit cards' numbers of 40 US financial companies. Hackers damage about 64 % of large companies. According to the experts, the piracy copying music, video and texts from the Internet will make benefits of 112 billion dollars by 2005. The credit cards fraud is one of the most widespread computer crimes in the world. Now swindlers don't steal credits cards from pockets and wallets of their owners. It is much more safe and favourable to crack computer systems and get the information necessary for manufacturing of counterfeit cards. http://www.crime-research.org/eng/news/2003/08/Mess2603.html - - - - - - - - - - Security pros: Be wary of tech analysts Established analysis houses have been attacked by security professionals who claim the companies don't have the specific expertise required to deliver a meaningful insight into security technologies. Chief technology officer of the U.S. based security research and consulting firm Neohapsis, Greg Shiply, told ZDNet Australia most analysts are simply getting it wrong these days. "While their information may be well backed generally... some of their recent observations on security seem to be driven from angles other that practical experience and know- how," he said. http://www.zdnet.com.au/newstech/security/story/0,2000048600,20277754,00.htm - - - - - - - - - - SuperGlue gets grip on data New integration software from Informatica aims to help firms comply with data laws by tracking data movements. Business intelligence (BI) specialist Informatica has unveiled a metadata management system that creates data audit trails that could help firms comply with governance regulations such as Basel II, as well as data protection law. http://www.vnunet.com/News/1143204 - - - - - - - - - - PC viruses are SoBig business for Adventi ADVENTI, the Edinburgh-based IT support company, has reported a surge in activity following the emergence of new computer viruses. The Blaster worm and SoBig virus have been causing havoc in businesses throughout Scotland and further afield, while new bugs - such as Lemur, Cult and Lastras - are appearing almost daily. http://www.business.scotsman.com/technology.cfm?id=939442003 - - - - - - - - - - Fighting hackers: Turn off services US software giant Microsoft Corp, whose operating systems are the favourite targets of hackers and viruses, said that one of the best security measures any organisation can take to stave off such threats would be to turn off services in Windows 2000 Server that are not being used. http://star-techcentral.com/tech/story.asp?file=/2003/8/26/technology/6144342 - - - - - - - - - - Worm, virus threat grows The University of Toronto has invested heavily in anti-virus software and firewalls so it can safely use the Internet as have many companies and institutions. But a rash of worms and viruses in the past two weeks underscored just how vulnerable Web users remain to virulent Web attacks. http://www.usatoday.com/tech/news/computersecurity/2003-08-26-virus_x.htm http://www.newsfactor.com/perl/story/22163.html - - - - - - - - - - How to stop spam and viruses I have what many of you will consider to be bad news: the only way to stop unsolicited commercial email and the viruses, worms, Trojan horses, and other scourges of the Internet will be to get a new one. A new Internet, that is. Oh, and while we're at it, we'll need new computers and operating systems, too. http://comment.zdnet.co.uk/davidcoursey/0,39020667,39115914,00.htm - - - - - - - - - - Email gossips put employers at risk Gossiping or slating colleagues behind their backs might be a common, if unfortunate, workplace occurrence but doing it on email could have serious repercussions, as one employer found out last week. A woman who discovered nine of her colleagues had circulated offensive emails about her has received PS10,000 compensation after settling a sexual harassment case against her former employer. http://www.theregister.co.uk/content/67/32489.html - - - - - - - - - - A legal fix for software flaws? Thomas Leavitt, a system administrator and veteran of three Silicon Valley start-ups, has dealt with computer worms and viruses before. But the severity of last week's Sobig.F and MSBlast.D attacks got him thinking harder than ever about a cure. Finding and punishing their anonymous authors would be a start. But shouldn't Microsoft also be partly to blame? "Civil engineers very rarely make a mistake, and when they do it's a career-ending one," Leavitt said. "The software we're using at this point has the potential to create damage as bad or worse." http://zdnet.com.com/2100-1104-5067873.html - - - - - - - - - - Q&A Part 2: Microsoft's Jim Allchin on Blaster, security efforts 'We've got to do better,' he said about security. The aftereffects of the W32.Blaster worm that have been felt by Microsoft Corp. during the past two weeks have been particularly painful for Jim Allchin, a self-described perfectionist. The vice president of Microsoft's platforms group spoke last week with Computerworld about security matters and his belief that the company has to come up with a "new approach." http://computerworld.com/securitytopics/security/story/0,10801,84408,00.html - - - - - - - - - - Critics Wary of New Traveler Profile System An amalgam of liberal and conservative groups warns the computerized program could flag millions of airline passengers for searches. Millions more travelers could be flagged for intensive airport searches under a new computerized profiling system planned by the government, an unusual coalition of conservative and liberal critics warned Monday. (LA Times article, free registration required) http://www.latimes.com/technology/la-na-privacy26aug26,1,5107239.story - - - - - - - - - - Vietnam cuts cyber dissident's jail term A Vietnamese writer jailed for ten years in June for publishing an essay about democracy on the Internet has had his sentence halved. The Supreme Court of Appeal in Hanoi cut 35 year-old Pham Hong Son's jail term following pressure from the international community including Governments and human rights groups. Despite this many onlookers insist the sentence is too severe and have described the whole episode as a "sham". http://www.theregister.co.uk/content/6/32494.html - - - - - - - - - - Syracuse cops go wireless The Syracuse, N.Y., Police Department is moving toward a wireless infrastructure so officers and civilian employees have easier and quicker access to information. Syracuse police began upgrading their laptops with wireless access cards and installed access points in certain areas. The department is testing wireless thin clients and planning to provide better wireless access for officers in patrol cruisers. http://www.fcw.com/geb/articles/2003/0825/web-syr-08-26-03.asp - - - - - - - - - - Bahrain Takes Swipe Into The Future With New Smart ID Cards Residents of the Gulf kingdom will be able to use the cards for business and politics, including voting in municipal and parliamentary elections. The Gulf kingdom of Bahrain is planning a giant swipe into the future with a new smart ID card that citizens can use for business and politics. The tender for the project was launched Tuesday. Bahraini officials envision a photo ID card with a 64-kilobyte microchip holding the card holder's name, address, national identification number, digital fingerprints and driver's license, passport, medical, financial and educational data. http://www.informationweek.com/story/showArticle.jhtml?articleID=13900098 *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.