NewsBits for October 28, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Youth held over computer hacking A BRISBANE teenager has been arrested for allegedly hacking into the computer system of an Australian- based internet service provider (ISP). The arrest of the 17-year-old, who lives in west suburban Kenmore, was the first of its kind under the Criminal Code Act 1995. It followed a short investigation by the Australian High Tech Crime Centre (AHTCC) after it received a complaint on October 23 from an ISP that its computer system had been accessed without authority. http://www.theaustralian.news.com.au/common/story_page/0,5744,7697294%255E1702,00.html - - - - - - - - - - Suspected paedophile cleared by computer forensics IT forensics firm Vogon has explained how its work helped clear a man accused of storing child pornography on his computer by proving his PC was contaminated by Trojan horse infection capable of downloading illicit images onto his machine. http://www.theregister.co.uk/content/55/33636.html - - - - - - - - - - Ex-bus driver gets prison term A former substitute teacher and school bus driver in Morris and Sussex counties was sentenced to seven years in state prison for having and distributing child pornography. Newark resident Lawrence Fascia, 50, formerly of Stanhope, was sentenced in state Superior Court Friday to seven years for five counts of second-degree endangering the welfare of a minor by using a computer to distribute child pornography and giving child pornography to a minor under 16 years old. http://www.njherald.com/news/newspro/viewnews.cgi?newsid1067264590,52505, - - - - - - - - - - Adelaide man fined over child porn An Adelaide man has been fined $2,000 for possessing and dealing in child pornography over the Internet. The magistrate said the spread of such material was insidious and corrupted the children involved. Adam Nicholas Newton, 23, trading under the user name Radium XXX, was detected by Interpol on the March 20, 2001. He used the International Relay Chat to set up an "F" server to receive and distribute pornographic material, a large proportion of which was child pornography. http://abc.net.au/news/australia/sa/metsa-27oct2003-4.htm - - - - - - - - - - Internet suspect nabbed A three-week undercover sting operation led to the arrest of George Ford, 28, who police say used the Internet to lure what he thought was a 14-year-old girl into a meeting. Ford actually had been corresponding with a state police agent via e-mail and arranged to meet her in the Clovis area, according to New Mexico State Police. When state police officers arrived at the site, Ford fled on foot but was apprehended after a short chase. http://cnjonline.com/engine.pl?station=clovis&template=storyfull.html&id=2515 - - - - - - - - - - Trail in Child Sex Video Led Halfway Around World It was nearly five years ago when a man recorded a video featuring two young girls, one 10 and the other 11, engaging in sexually explicit acts with him in his apartment on the first floor of a little yellow house here. This month, the local police, with a copy of the video that had been seized in Japan by federal investigators looking into child pornography, were able to trace the recording back to its origins. They arrested both the man suspected of producing the video and a mother who the police say prostituted her two girls to feed the man's obsession. (NY Times article, free registration required) http://www.nytimes.com/2003/10/28/nyregion/28CONN.html - - - - - - - - - - Sober email worm gives Windows users the DTs A virus which poses as a security fix from an AV firm is the latest menace to assault Windows users. Sober typically spreads by email. The viral messages it generates have infectious attachment names such as typically anti_virusdoc.pif, check-patch.bat, playme.exe and variable English and German subject lines. A full list can be found in an advisory from Finnish AV firm F-Secure. Windows users foolish enough to open the infectious attachments get the pox. On infected machines, the worm makes certain registry changes and installs its own SMTP client to further its spread. http://www.theregister.co.uk/content/56/33628.html Sober worm may be slow, but don't be complacent http://www.computerweekly.com/articles/article.asp?liArticleID=126031 Firewalls for Safeguarding Windows Networks http://www.newsfactor.com/perl/story/22571.html - - - - - - - - - - Privacy bill undercuts state law The U.S. Senate is about to take up a bill that would give consumers some additional safeguards. But if it passes, it could significantly undercut the landmark financial-privacy law enacted in California in August. The bill would override a provision of the California law that restricts financial institutions' ability to share customers' personal information with affiliated companies. http://www.siliconvalley.com/mld/siliconvalley/7121447.htm - - - - - - - - - - National spam bill takes teeth out of tough state law After years of doing mostly nothing, Congress has finally decided to step in and do something about spam. Something stupid. A do-not-spam registry? You've got to be kidding. The Senate last week passed a bill that would establish the registry. It seems unlikely that the House will take up the measure before it recesses for the year in November, but it wouldn't matter if it passed the bill with flying colors. http://www.siliconvalley.com/mld/siliconvalley/7121446.htm http://www.vnunet.com/News/1146086 - - - - - - - - - - Hackers defence: the computer did it Prosecutors looking to throw the book at accused computer hackers have come across a legal defence expected to become even more widespread in an era of hijacked PCs and laptops that threatens to blur the lines of personal responsibility: the computer did it. In one case that was being watched as a bellwether by computer security experts, Aaron Caffrey, 19, was acquitted earlier this month by a London court on charges of hacking into the computer system of the Houston Pilots, an independent contractor for the Port of Houston, in September 2001. http://uk.news.yahoo.com/031028/80/ecbh4.html http://www.cnn.com/2003/TECH/internet/10/28/hacker.defense.reut/index.html http://www.theregister.co.uk/content/55/33622.html - - - - - - - - - - Companies warned over corporate identity theft Individuals have been warned about the threat of identity theft for years. Now it's the turn of businesses. Police say companies need to be more aware of the growing risk of corporate identity theft, following a recent spate of frauds that targeted customers of several high street banks. http://news.zdnet.co.uk/internet/security/0,39020375,39117444,00.htm - - - - - - - - - - Diebold issues threat to publishers of leaked documents Despite lawsuit threats from one of the nation's largest electronic voting machine suppliers, some activists are refusing to remove from Web sites internal company documents that they claim raise serious security questions. http://www.detnews.com/2003/technology/0310/28/technology-308992.htm - - - - - - - - - - Justice renews Web use monitor The Justice Department will continue to monitor employee Internet use with Wavecrest Computing's Cyfin Reporter software. For the second year, DOJ officials will use the software to try to stop misuse of the Internet by the department's 100,000 users. Justice first purchased the software in 2002 through a General Services Administration schedule. The renewal cost the department $36,000, according to the company. http://www.fcw.com/fcw/articles/2003/1027/web-doj-10-28-03.asp - - - - - - - - - - IBM looks to secure online data IBM has partnered with Watchfire, a provider of online business management services, to help companies adhere to new privacy standards and data-handling regulations. With the arrangement, IBM said Monday that it will be able to help businesses protect customer privacy and shield themselves against liability. Big Blue will base the service on Watchfire's technology to automatically spot threats to identity information. http://zdnet.com.com/2100-1105_2-5097913.html - - - - - - - - - - ID management--simple, cheap security Safelite Glass had a common business problem: Its information systems were a morass of products from different manufacturers, requiring the company to employ nearly a dozen administrators for security alone. A glass-replacement services contractor for insurance companies, Safelite used Siebel Systems products to manage customer relations, Cognos technology to organize its data warehouse, Oracle systems to arrange its financial records and a half dozen other applications to run the business. http://zdnet.com.com/2100-1105_2-5098008.html - - - - - - - - - - Introduction to Nessus Nessus is a great tool designed to automate the testing and discovery of known security problems. Typically someone, a hacker group, a security company, or a researcher discovers a specific way to violate the security of a software product. The discovery may be accidental or through directed research; the vulnerability, in various levels of detail, is then released to the security community. Nessus is designed to help identify and solve these known problems, before a hacker takes advantage of them. Nessus is a great tool with lots of capabilities. http://www.securityfocus.com/infocus/1741 - - - - - - - - - - Make sure your wireless network can't be sniffed, warns DataPro As wireless networks are becoming more popular, companies need to understand that they also need to be protected from intrusions because people with the right technology will be able to gain access to their networks, said Gary Sweidan, operations director of premier Internet service provider (ISP), DataPro. "One of the biggest problems," said Sweidan, "is the capability of the people with the right technology to detect, or 'sniff', a wireless network. http://www.itweb.co.za/sections/techforum/2003/0310280902.asp Wireless LAN security: X marks the spot http://www.itweb.co.za/sections/techforum/2003/0310280927.asp - - - - - - - - - - Spam Pitches Are Mutating Faster While Hormel's Spam never changes, e-mail spam mutates nearly every hour like a freakish germ. Spammers tout Vicodin when the Viagra market goes flaccid. They misspell the word "diploma" every way possible to get you to buy a master's. And they insert invisible HTML tags in between letters of words to sneak snake-oil penis-pill pitches past keyword filters. http://www.wired.com/news/infostructure/0,1377,60941,00.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.