High Tech "NewsBits" for 11/19/03

NewsBits for November 19, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Aussie students escape jail for online music piracy Australia's first criminal trial for online music piracy has ended with two students each receiving suspended 18- month jail sentences. Charles Kok Hau Ng, 20, and Peter Tran, 19, ran a music-swapping site called MPW3/WMA Land. Available for download were 390 CDs, some 1,800 tracks. The pair charged no money for their service, but were responsible for big losses to the record companies. According to the Prosecution, the losses to piracy attributable to the site was AUS$60m. According to the Australian music industry the loss was somewhat higher - AUS$200m. Hmm. Not very scientific, is it? http://www.theregister.co.uk/content/6/34074.html - - - - - - - - - - Massive Taiwanese fraud case shocks U.S. tech company Eddie Liu worked at Lee and Li Attorneys-at-Law for 14 years and was trusted enough to handle key financial documents at the Taiwanese firm whose long list of clients has included IBM, Sony, McDonald's, Ford and Siemens. But Liu shocked the firm last month, disappearing after allegedly cashing in about $83.3 million in stock in one of Taiwan's biggest corporate fraud cases. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7301610.htm - - - - - - - - - - Austin man pleads guilty to criminal sexual contact with granddaughters A 57-year-old Austin man pleaded guilty to charges that he molested and photographed his grandchildren and posted the pictures on the Internet. Larry Underhill's family turned him in after his son found the photos when he signed on to his father's computer. Under the plea agreement, prosecutors recommended that Underhill be sentenced to 19 1/2 years in prison. http://www.twincities.com/mld/twincities/news/local/7294780.htm - - - - - - - - - - Legally Blind Man Pleads Guilty To Downloading Child Porn A legally blind man pleaded guilty to collecting more than 1,000 child pornography images on his home computer. Mark Shleifer, 48, of Lower Southampton, wearing dark sunglasses and carrying a cane, pleaded guilty Tuesday before county Judge Kenneth Biehn to 100 counts of sexual abuse of children through film or photography. Shleifer, whose sight is fading due to a degenerative disease, used a special viewing device attached to his computer to enlarge sexually explicit photos of children, court records alleged. http://pennlive.com/newsflash/pa/index.ssf?/base/news-9/1069244342228590.xml - - - - - - - - - - LSU student booked on child pornography charge A student at Louisiana State University has been accused of possessing child pornography after his name surfaced on a computer seized by state police in Kentucky, authorities said. Bruce Henry Perrin, of Lafayette, was freed on $15,000 bond after he was booked on three counts of having pornography involving children. Kentucky authorities found Perrin's data files and chat logs on a computer belonging to Ben Wallace, who was arrested on similar charges. http://www.whas11.com/sharedcontent/APStories/stories/D7UTRAT00.html - - - - - - - - - - Net Porn addict claims unfair dismissal A German man fired for running up a 10,000 bill surfing porn at work claims he was treated unfairly because his employers failed into account his addiction to Net porn before giving him the boot. The unnamed former civil servant claims unfair dismissal against the German state of Lower Saxony. "I am an addict and as such am unaccountable for my actions," he told the court yesterday. "I need therapy and understanding, not dismissal from my job." http://www.theregister.co.uk/content/6/34075.html - - - - - - - - - - 'Mischievous' e-mail to Kiwis: cafe located -- Detail Story The authorities have traced the Internet cafe, which is thought to be the possible location for sending the mischievous e-mail to the New Zealand cricket team last week. Four leading players of New Zealand cricket team including Scot Stayris, MacMillan, Kayal Mills and Ian Buttler refused to travel to Pakistan on the security grounds after they reported to their cricket authorities about receiving threatening e-mail message which read If you continue with your tour schedule to Pakistan you will have to face dire consequences. http://www.hipakistan.com/en/detail.php?newsId=en45616 - - - - - - - - - - INTERNET PREDATORS Warning about the dark and disturbing world of Internet sexual predators. If you have children or a simple credit card, these cyber-criminals can ruin your life. There are a few things one can do to protect their family from these truly disturbing crimes. These perverted criminals hide behind their computer screens, in hopes of staying anonymous. But these cyber-criminals are being busted by cyber-cops. http://www.wiat.com/servlet/Satellite?pagename=WIAT%2FMGArticle%2FIAT_BasicArticle&c=MGArticle&cid=1031772179292&path=!news!localnews - - - - - - - - - - Phishing for Online IDs Spam and viruses are enough to worry about, but now online fraud is reaching epidemic proportions. Consumers logged over 100,000 Internet fraud complaints last yeardouble those of 2001 according to the FTC. And identity theft jumped almost 80 percent from June 2002 to June 2003, says research firm Gartner. The total cost of identity theft over the past five years equals a cool $60 billion. http://www.pcmag.com/article2/0,4149,1382044,00.asp?kc=PCRSS02129TX1K0000530 - - - - - - - - - - 'Spyware' steps out of the shadows Late in July, an e-mail that hit employee in-boxes at a British credit card and finance company carried a secret payload--"spyware" capable of recording confidential corporate data and sending it over the Net. Labeled "Wedding Invitation," the e-mail looked at first like spam or an ordinary worm. But consultants at security company Clearswift now believe that the e-mail was part of a targeted attack on the victim company aimed at extracting specific information-- a nightmare scenario in the corporate security world. http://zdnet.com.com/2100-1104_2-5108965.html Think Tank Wants Public's Help in 'Spyware' Fight http://www.washingtonpost.com/wp-dyn/articles/A58655-2003Nov18.html 'Spyware' would be tricky to outlaw, group says http://www.cnn.com/2003/TECH/biztech/11/19/spyware.law.reut/index.html http://www.usatoday.com/tech/news/internetprivacy/2003-11-18-cdt-re-spyware_x.htm - - - - - - - - - - Another virus attacks PayPal users A new virus attacking PayPal customers is spreading rapidly across the Internet. The Mimail.j worm typically arrives in an email from the address Do_Not_Reply@paypal.com, carrying the subject line of IMPORTANT and an attachment called either infoupdate.exe or www.paypal.com.pif. http://www.internet-magazine.com/news/view.asp?id=3822 http://news.bbc.co.uk/1/hi/technology/3281307.stm http://www.detnews.com/2003/technology/0311/19/technology-329124.htm http://www.msnbc.com/news/995185.asp - - - - - - - - - - Court to FBI: No spying on in-car computers The FBI and other police agencies may not eavesdrop on conversations inside automobiles equipped with OnStar or similar dashboard computing systems, a federal appeals court ruled. The 9th Circuit Court of Appeals said Tuesday that the FBI is not legally entitled to remotely activate the system and secretly use it to snoop on passengers, because doing so would render it inoperable during an emergency. http://news.com.com/2100-1029_3-5109435.html - - - - - - - - - - Wiretapping of CDMA Phone Calls Possible The chairman and chief executive of Qualcomm Inc., a U.S. wireless technology giant that developed and holds various licenses for code division multiple access (CDMA) technology for mobile telecommunications, admitted the technological possibility of wiretapping phone calls made via CDMA mobile systems. http://times.hankooki.com/lpage/biz/200311/kt2003111918034011860.htm Encrypted cell phone foils eavesdroppers http://zdnet.com.com/2100-1105_2-5109327.html Limit mobile risks--a security checklist http://zdnet.com.com/2100-1107_2-5108423.html - - - - - - - - - - Critics delay vote on EU intellectual property law A far-reaching proposed directive covering the enforcement of intellectual property rights has been delayed again amid ongoing controversy. A proposed European Union law strengthening law-enforcement capabilities against intellectual-property violations has been delayed again, amid ongoing criticism that its implementation would criminalise many innocuous activities and harm European competition. http://news.zdnet.co.uk/0,39020330,39117998,00.htm Bush backs international cybercrime plan http://news.zdnet.co.uk/business/legal/0,39020651,39117978,00.htm EU sets up Euro-security agency http://www.theregister.co.uk/content/55/34086.html - - - - - - - - - - Hackers Did Not Cause Blackout - Report There is no evidence that the blackout that struck the northeastern United States and southern Canada on August 14 was caused by hackers, but the power grid's reliance on the Internet makes it vulnerable to potentially devastating online attacks, according to a report issued Wednesday. http://www.washingtonpost.com/wp-dyn/articles/A62990-2003Nov19.html - - - - - - - - - - Hackers Already Exploiting Microsoft Vulnerabilities Hackers are beginning to successfully develop software that can be used to attack systems vulnerable to security holes Microsoft disclosed last week. Less than 24 hours after Microsoft published its monthly roundup of security patches on Nov. 11, exploit code, a small app that can be used to attack a software vulnerability, began to surface on security mailing lists. http://www.internetweek.com/breakingNews/showArticle.jhtml%3Bjsessionid=Z03WTKVUJM3P4QSNDBCCKHQ?articleID=16101139 Net attacks 'getting faster' http://news.zdnet.co.uk/internet/security/0,39020375,39117988,00.htm - - - - - - - - - - Cisco and antivirus firms unite against worm threat Networking equipment maker Cisco Systems has announced licensing agreements with three leading antivirus software companies and a program claimed to protect computer networks from worms and viruses. The Cisco Network Admission Control program will enable Cisco routers to evaluate information, such as whether a particular computer's antivirus definitions are up to date and its operating system is adequately patched, before allowing it to connect to a network. http://www.securityfocus.com/elsewhere http://news.zdnet.co.uk/communications/networks/0,39020345,39117990,00.htm http://zdnet.com.com/2100-1105_2-5108883.html http://www.vnunet.com/News/1149605 http://www.newsfactor.com/perl/story/22725.html http://computerworld.com/securitytopics/security/story/0,10801,87282,00.html - - - - - - - - - - MI5 takes charge of online terror tips MI5, Britain's internal security and counter-espionage agency, is to play a greater role in informing the UK public about terror alerts. The agency will next year set up a web site dedicated to informing the UK public about terrorism threats. This will replace a Home Office site as the hub of government anti-terrorism activities online, Reuters reports. Currently, the MI5 site refers surfers to the Home Office portal for information on terrorism threats. http://www.theregister.co.uk/content/55/34081.html http://news.zdnet.co.uk/internet/security/0,39020375,39117995,00.htm - - - - - - - - - - IT leaders question US security mandates US companies need to work together to improve their cybersecurity before a major cyberattack forces hasty legislation, the chairman of a cybersecurity-focused subcommittee has told IT industry leaders. Earlier this month, representative Adam Putnam, chairman of the House Committee on Government Reform's Subcommittee on Technology, Information Policy Intergovernmental Relations and the Census, decided not to introduce a bill that would require public companies to report their cybersecurity initiatives to the US Securities and Exchange Commission. http://www.computerweekly.com/articles/article.asp?liArticleID=126642 - - - - - - - - - - Wi-Fi Starts Leaping Security Barriers Six months ago, Al Fitzpatrick sat at his desk in a skyscraper in Atlanta's Buckhead district and wondered what his wireless-enabled neighbors were up to. He had no evidence that anyone was trying to hack into the wireless networks at the Atlanta headquarters of S1 (SONE), a financial- services software company where Fitzpatrick is chief security officer. http://www.newsfactor.com/perl/story/22724.html - - - - - - - - - - IBM Upgrades Improve Security, Migrations IBM is upgrading parts of its ThinkVantage technology suite to improve security and migration capabilities for PC users. At Comdex in Las Vegas this week, IBM officials announced a software developer's kit for its embedded security subsystem. The kit, available as a free download, should eventually give ThinkPad users even greater security options, said Bob Galush, vice president of product marketing for IBM's Personal Computing Division. http://www.eweek.com/article2/0,3959,1389036,00.asp Comdex Panel Debates Security Needs http://www.internetweek.com/breakingNews/showArticle.jhtml%3Bjsessionid=Z03WTKVUJM3P4QSNDBCCKHQ?articleID=16101239 Comdex 2003 - series of stories http://zdnet.com.com/html/z/sr/comdex.html Symantec CEO to Comdex: New security threats need new tack http://computerworld.com/securitytopics/security/story/0,10801,87347,00.html Security Researcher Calls for Vulnerability Trade Association http://www.eweek.com/article2/0,3959,1388379,00.asp - - - - - - - - - - The enemy within Each week vnunet.com asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week Sarah Saltzman, technology manager of Compuware, warns of the dangers of hidden dormant code in sensitive financial systems that can be activated by former employees to commit fraud. http://www.vnunet.com/News/1149614 - - - - - - - - - - Hackers Live by Own Code Sure, they break into computer systems, but not always with bad intent. And these tech whizzes do have certain quirky rules of etiquette. It wasn't Mary Ann Davidson's worst nightmare, but it was close. A fax from a hacker in the Middle East landed on her desk at Oracle Corp., proclaiming the discovery of a hole in the company's database software through which he could steal crucial information from such customers as Boeing Co., Ford Motor Co. and the CIA. The fax warned Davidson, the company's chief security officer, to contact the hacker immediately or else. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-hackers19nov19001430,1,1201505.story - - - - - - - - - - Home User Security: Your First Defense It used to be that an anti-virus program was a home user's first (and perhaps, only) line of defense against the spread of viruses, worms, trojans, and other malicious code. Times have changed. In the era of pervasive, always-on broadband connections, today simply having your Microsoft (R) Windows (TM) computer turned on is enough for it to get infected with the latest virus or worm. Have you applied your weekly set of critical Microsoft security patches, or your monthly Microsoft mega-patch? What if you've been on vacation for the past few weeks? http://www.securityfocus.com/infocus/1746 - - - - - - - - - - Interrogation of Suspects in Investigating Computer Crime Interrogations during computer crimes investigation are carried out according to tactical recommendations developed in criminalistics. http://www.crime-research.org/library/Polivan1003eng.html - - - - - - - - - - I Was Stalked on Amazon.com A screenwriter-turned-first novelist let his good customer feedback go to his head. So there was only one option when someone started campaigning against his book on the site: Fight back. I began that day as all serious authors begin their days: I brewed some coffee then lunged at the computer to check my Amazon.com sales rank. Since the publication of my first novel, Christopher, a few months before, I had become increasingly hooked on the online bookseller's sales data, updated hourly, to tell me how my book was doing. http://www.mediabistro.com/articles/cache/a926.asp *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.