NewsBits for December 1, 2003 sponsored by,
Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu
************************************************************
Spanish police arrest Raleka worm suspect
Spanish police have arrested a 23-year-old man
in Madrid, who is suspected of being the author
of the W32/Raleka worm which infected more than
120,000 computers in August. The Raleka worm
operated in a similar way to the Blaster worm,
exploiting the Windows RPC Service vulnerability
in versions of Microsoft Windows 2000 and XP
operating systems. Infected machines could then
be used to mount further remote attacks.
http://www.computerweekly.com/articles/article.asp?liArticleID=126855
http://www.theregister.co.uk/content/69/34226.html
- - - - - - - - - -
Police arrest ID thief in Wells Fargo case
Police have arrested a California man for stealing
computers containing the personal information of
thousands of Wells Fargo customers. Edward Jonathan
Krastof, 38, of Concord in California, has confessed
to stealing a computer containing the sensitive
information after breaking into the offices of
a financial analyst hired by Wells Fargo, Reuters
reports. Krastof also stole another computer and
laptop during the same burglary.
hhttp://www.theregister.co.uk/content/55/34234.html
http://news.com.com/2100-7348_3-5112193.html
http://www.sfgate.com/cgi-bin/article.cgi?file=/c/a/2003/11/27/MNGUO3BN101.DTL
http://www.cnn.com/2003/TECH/ptech/11/27/wellsfargo.theft.ap/index.html
http://www.kron4.com/Global/story.asp?S=1542609
http://www.timesheraldonline.com/articles/2003/11/27/news/news05.txt
http://www.cnn.com/2003/TECH/ptech/11/27/wellsfargo.theft.ap/index.html
- - - - - - - - - -
April Fools e-mail freed detained kidnapper
A homeland department employees prank e-mail
prompted the release of an immigration agency
detainee who had been convicted of kidnapping,
according to the departments inspector general.
The detainee, whom the IGs brief report on the
incident did not name, turned himself in to
Immigration and Customs Enforcement deportation
officers two days after his improper release.
http://www.gcn.com/vol1_no1/daily-updates/24302-1.html
- - - - - - - - - -
Man sentenced in child pornography case
A man arrested in Gwinnett earlier this year on child
molestation charges was sentenced this week on federal
charges of interstate transportation of child pornography.
Thomas McLean Hendley, 34, of Carrollton, was sentenced
Tuesday by U.S. District Judge Charles Pannell to serve
six years and six months in federal prison. Hendley will
then serve three years of supervised release, according
to Patrick Crosby, spokesman for the U.S. Attorney's
Office. On Aug. 22, Hendley pleaded guilty to transmitting
child pornography through America Online. Police
investigating a child pornographer in Tampa, Fla.,
discovered another AOL user who was trading images
using the name "bi4you0418" in Carollton. FBI agents
tracked the e-mail address to Hendley, who admitted
to trading child porn.
http://www.gwinnettdailyonline.com/GDP/archive/articleB81B0699A24C446788C666A40A8FCBEA.asp
- - - - - - - - - -
School Finds Child Porn On Coach's Computer
An employee of a local school district faces charges
after police say child pornography was found stored
on the computer he uses. Kevin Ayrhart, 31, a five-
year employee of Lincoln Park Schools, was arrested
and arraigned Tuesday on one count of possession of
sexually abusive material involving a child. During
a routine check of student and employee computers
in September, school officials allegedly found
child pornography downloaded onto one of the
computers used regularly by Ayrhart, according
to The News-Herald.
http://www.clickondetroit.com/news/2673968/detail.html
- - - - - - - - - -
Delmar man faces child porn charges
A 21-year-old Delmar man was being held in a Delaware
jail Friday after allegedly posting child pornography
on the Internet, state police said. Charles L. Tull
was charged Wednesday with 50 counts of sexual
exploitation, said Cpl. Jeff Oldham, a Delaware State
Police spokesman. The charges stem from an allegation
that Tull posted child pornography on a Yahoo! group
site, Oldham said. Oldham also said Maryland State
Police were first told about Tull through the National
Center for Missing and Exploited Children, which was
alerted by an anonymous source.
http://www.dailytimesonline.com/news/stories/20031129/localnews/731157.html
- - - - - - - - - -
Police employee's sick sex movies
A POLICE service employee made sickening home sex
movies with two young sisters he had corrupted,
a Brisbane court was told today. Andrew Mark Hugh
Dickeson, 29, pleaded guilty to two counts of
maintaining a sexual relationship with a child
and one count each of indecent treatment and
possessing child abuse computer games, between
January and October last year. Director of Public
Prosecutions Leanne Clare told the District Court
Dickeson was obsessed with pre-pubescent girls,
and had hundreds of pictures of children he had
taken in public places, as well as more than 800
child pornography images stored on his computer.
http://www.theadvertiser.news.com.au/common/story_page/0,5936,8029523%255E1702,00.html
- - - - - - - - - -
.name registry site hacked
The website of the .name registry was hacked over
the weekend through an Apache exploit. London-based
Global Name Registry was updating its Apache and
PHP system when hackers SUr00tIK & GroMx broke into
the system and replaced the frontpage index file.
The hackers didn?t manage to access the system
and no data was lost, GNR?s president Hakon
Haugnes told us, but the hack did some cause some
embarrassment. The site was taken offline and was
back up by Sunday with added security.
http://www.theregister.co.uk/content/55/34273.html
- - - - - - - - - -
Activist Illegally Sold High-Tech Items to China
Gao Zhan, who was freed from a Chinese prison
with U.S. help, pleads guilty to selling goods with
potential military uses. A human rights activist freed
from a Chinese prison after the U.S. government
interceded on her behalf pleaded guilty Wednesday
to illegally selling American high-tech items with
potential military uses to China. Gao Zhan, who
was born in China but is a permanent U.S. resident
living in McLean, Va., pleaded guilty to one count
of unlawful export for selling 80 microprocessors.
(LA Times article, free registration required)
http://www.latimes.com/technology/la-na-prof27nov27,1,770328.story
- - - - - - - - - -
3 Detained Over Internet Postings Reported Freed
China has released three people who were detained
on charges of posting Internet articles critical
of the government, a human rights group reported.
The three were freed Friday, after President Hu
Jintao expressed concern about their cases, the
Hong Kong-based Information Center for Human
Rights and Democracy said. It noted that the move
came just ahead of a visit by German Chancellor
Gerhard Schroeder.
(LA Times article, free registration required)
http://www.latimes.com/technology/la-fg-briefs1.2dec01,1,1212994.story
http://news.zdnet.co.uk/internet/security/0,39020375,39118198,00.htm
- - - - - - - - - -
Vietnam jails online activists
Vietnam has been criticised by Amnesty International
for the jailing of at least 10 'cyberdissidents'
Human rights group Amnesty International has
slammed the Vietnamese government for jailing at
least 10 people for online activitism, saying the
government is using national security legislation
to prosecute government criticism on the Web.
http://news.zdnet.co.uk/internet/security/0,39020375,39118176,00.htm
- - - - - - - - - -
Cybersquatters in rugby domain scrummage
After England's success in the Rugby World Cup,
internet speculators have been scrumming down
to grab websites related to the team. While the
bookies are bringing down the odds on who will be
knighted, speculators are snapping up domain
names associated with those squad members
believed to be first in line to visit Buckingham
Palace following the New Year's Honours list.
http://www.vnunet.com/News/1150619
- - - - - - - - - -
E-commerce targeted by blackmailers
Russia has high net access and low regulation
Law enforcement agencies are investigating an
increasing number of reports of organised criminal
gangs carrying out denial-of-service (DDos) attacks -
with the specific intention of blackmailing companies.
A DDos attack, of the kind that brought down the
WorldPay system earlier this month, floods a
website with computer-generated requests.
http://news.bbc.co.uk/1/hi/technology/3238230.stm
- - - - - - - - - -
Victim advocates want names, addresses, records offline
Heidi McDonald says her abusive ex-husband used the
Internet to stalk and harass her after she left him.
He lurked in online chat rooms she frequented about
1980s musicians. When she posted a message, he
would jump in with an obscene response that
smeared her reputation, she says.
http://www.usatoday.com/tech/news/internetprivacy/2003-12-01-victim-privacy_x.htm
- - - - - - - - - -
Pay attention -- that guy could be a laptop thief
A man walked into an Atlanta office, made chitchat
with two workers and sat down for lunch with them.
Nobody noticed when he left with four stolen laptops.
In another incident, police officers stopped a pregnant
woman as she left an Atlanta-area workplace and found
a laptop strapped to her belly. In yet another case,
a thief walked into San Francisco-based Aligo Inc.
during business hours, hid until everyone left and
then took about a dozen devices worth at least $7,000,
including laptops and personal digital assistants.
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7369019.htm
http://seattlepi.nwsource.com/business/150472_laptoptheft01.html
http://www.nj.com/business/ledger/index.ssf?/base/business-5/1070260519214470.xml
- - - - - - - - - -
Fraudulent e-commerce site proves hard to close
A convincing e-commerce site is still up six weeks
after the discovery that it is fraudulently using
fake security certificates and the details of another,
legitimate, Web site. A Web site that purportedly
offers cheap mobile phones is still online more than
six weeks after efforts began to close it down for
what is believed to be fraudulent activity.
http://news.zdnet.co.uk/0,39020330,39118208,00.htm
- - - - - - - - - -
Hackers haunting Europe now
Hackers, it appears, are now forsaking North America
in favour of European targets. In November, said
a report from British Internet security specialists
at mi2g, Europe overtook North America as the most
attacked continent in cyberspace.
http://www.globetechnology.com/servlet/story/RTGAM.20031128.gthacknov28/BNStory/Technology/
- - - - - - - - - -
Sobig.F lingers as cure backfires
One of the IT sector's biggest threats in 2003 is
still out there. The blame lies partly with PCs that
don't know the time, but also with action that was
taken to minimise damage done by the worm. Sobig.F
is still rampaging around the Internet, two months
after the virus was supposed to have terminated
itself.
http://news.zdnet.co.uk/internet/security/0,39020375,39118188,00.htm
http://zdnet.com.com/2100-1104_2-5112207.html
- - - - - - - - - -
Debian attacker may have used new exploit
An as-yet-unknown security hole allowed the
recent hack attack on the Debian GNU/Linux
operating system project. An as-yet-unknown
security exploit in Linux may have been
responsible for a recent compromise of
Debian.org's servers, according to a system
administrator with the Debian operating
system project.
http://news.zdnet.co.uk/0,39020330,39118183,00.htm
- - - - - - - - - -
Nigeria renews efforts to stop 419 scammers
New legislation could be introduced in Nigeria
to combat the notorious 419 spam scams that flood
inboxes worldwide. The Nigerian government has
launched a new crackdown on organised criminals
who attempt to con email users with get-rich-quick
schemes. According to BBC News Online, President
Olusegun Obasanjo, Nigeria's political leader,
announced an inquiry into the problem on Wednesday,
vowing to "step up measures against these criminal
activities."
http://news.zdnet.co.uk/internet/security/0,39020375,39118141,00.htm
http://news.bbc.co.uk/2/hi/africa/3241710.stm
http://www.news.com.au/common/story_page/0,4057,8002290%255E15318,00.html
- - - - - - - - - -
Business flourishes on Web's seedy side
The Internet can be a great tool: It can help
friends across the world communicate; it can
seek out cheap travel deals; it can educate
patients about prescription drugs. But there's
another side of the Web, one that schemers such
as con artists and pedophiles have latched onto,
drawing victims into the darkest caverns of
cyberspace and leaving law enforcement agencies
scrambling to keep up. Internet scams, child
pornography sites and cyber-stalking are all
part of the seedy side of the Web.
http://www.sun-sentinel.com/business/local/sfl-sbnetdark30nov30,0,4125630.story
- - - - - - - - - -
Launch agreed for Euro tech-crime team
European cyber-crime unit set for January start
after compromise agreed on membership. A European
high-tech crime unit is to launch in January
following a compromise brokered between the
European Parliament and the Council of Ministers.
http://www.vnunet.com/News/1150848
- - - - - - - - - -
Microsoft decries overseas Longhorn rustling
Malaysia's brazen software pirates are hawking the
next version of Microsoft Windows operating system
years before it is supposed to be on sale. Underscoring
the scale of U.S. companies' copyright problems
in Asia, CDs containing software that Microsoft has
code-named Longhorn are on sale for 6 ringgit ($1.58)
in southern Malaysia. Microsoft's current version
of Windows, XP, sells for more than $100 in the
United States.
http://zdnet.com.com/2100-1104_2-5112229.html
http://money.cnn.com/2003/12/01/technology/microsoft_piracy.reut/index.htm
http://www.usatoday.com/tech/news/2003-12-01-longhorn-pirated_x.htm
http://computerworld.com/softwaretopics/os/story/0,10801,87707,00.html
Microsoft investigates IE holes
http://news.zdnet.co.uk/internet/security/0,39020375,39118197,00.htm
http://www.cnn.com/2003/TECH/internet/12/01/explorer.holes.reut/index.html
http://www.wired.com/news/business/0,1367,61416,00.html
- - - - - - - - - -
A Web of drugs
Online 'rogue pharmacies' offer quick access to
prescription drugs, many of them addictive and
dangerous. Along the Internet's Main Street and
its various side streets and alleys they are
everywhere, promising easy access to the pills that
pump you up, chill you out, slim you down and shift
your sex life into overdrive. They are, to some
Americans, a medicine chest of fun, purveyors of all
the stuff that addicts need and the adventurous want
to try but are afraid to request from their doctor.
(LA Times article, free registration required)
http://www.latimes.com/technology/la-he-internetdrug1dec01,1,6285987.story
Google to Limit Some Drug Ads
http://www.washingtonpost.com/wp-dyn/articles/A23588-2003Nov30.html
- - - - - - - - - -
Local companies battle cyber crime
Boeings Bob Jorgensen likes to talk about how
well the aerospace giant protects its computer
systems from cyber attacks. Such comments
reassure customers and investors. But they also
can hurt the company if made too often and too
public, he said.
http://www.dailybreeze.com/content/business/nmcybr30i.html
- - - - - - - - - -
Single bug or virus attack could cost your business PS66,000
The cost to businesses of a single bug or virus
attack can be as much as PS66,000, research has
revealed. The estimate, contained in a report from
analyst firm Datamonitor, comes as users face
threats from the latest flaw in Microsoft Internet
Explorer and the "Mary" e-mail bug which tempts
users with porn.Users are still waiting for a patch
from Microsoft to prevent Explorer from downloading
damaging code from hacked websites. This code, in
turn, allows users desktops to be hacked remotely.
http://www.computerweekly.com/articles/article.asp?liArticleID=126908
Swen fends off Mimail to top viral charts
http://www.theregister.co.uk/content/56/34261.html
Sysbug-A Virus On the Prowl
http://www.pcworld.com/news/article/0,aid,113680,00.asp
- - - - - - - - - -
Viruses may jeopardize power supplies, official
FINNISH MAGAZINE Helsingin Sanomat said that large
corporations have received official notices from
the government to keep a close eye on their networks.
In particular, the Finnish government seems concerned
about comms and electricity distributors suffering
from viruses and worms. The paper said that a virus
forced the Nordea Bank in Finland to shut down some
of its branches. The government is worried not about
viruses and worms affecting the distribution of
electricity, but delays in carrying out repairs
if necessary.
http://www.theinquirer.net/?article=12916
Top viruses for November
http://www.pcpro.co.uk/news/news_story.php?id=50938
Top 10 viruses and hoaxes reported to Sophos in November 2003
http://www.itweb.co.za/sections/internet/2003/0312010750.asp
- - - - - - - - - -
The Object of This Game: Sink the Music Pirates
Hey, kids! Want to join the FBI and chase music
pirates? That would be the Funny Bureau of
Investigations, and the chase would take place
in the make-believe world of a computer game based
loosely on Robert Louis Stevenson's "Treasure
Island." But the underlying message is serious:
Don't bootleg music.
(LA Times article, free registration required)
http://www.latimes.com/technology/la-fi-piracy29nov29,1,2184614.story
Ukraine Takes War on Pirated Copies
http://www.crime-research.org/news/2003/11/Mess2704.html
- - - - - - - - - -
EU internet privacy laws tightened
Norway's Data Inspectorate says it is ready to go
after people who publish embarrassing pictures of
others without their permission, the Norwegian
daily paper Aftenposten reports.
http://www.theregister.co.uk/content/6/34231.html
- - - - - - - - - -
SMEs to be offered IT security guidelines
The police and leading businesses have asked IT
professionals for their feedback on new IT security
guidelines for small and medium-sized companies.
The guidelines, put together by police, business and
government experts in the IT lobby group Eurim,
aims to provide small firms with a one-stop source
of advice on IT security. The move follows concerns
in the industry that security weaknesses in small
firms can place larger supply chains at risk.
http://www.computerweekly.com/articles/article.asp?liArticleID=126903
Pentagon's IT Overhaul Gets Boost
http://www.washingtonpost.com/wp-dyn/articles/A16955-2003Nov27.html
NamITech moves into information security training
http://www.itweb.co.za/sections/business/2003/0311270757.asp?A=HOME&O=FPIN
Internet Security & Fraud: The Wild, Wild West Online
http://www.financetech.com/story/enews/showArticle.jhtml?articleID=16400573
Criminals in Computer Related Crimes
http://www.crime-research.org/library/Golubev_nov1.html
- - - - - - - - - -
Rules to Address Holes in Software
As the cost of securing data against malicious
attacks continues to escalate, big technology
companies and security researchers are stepping
up efforts to control the spread of information
about software holes that make computers
vulnerable to hackers.
(LA Times article, free registration required)
http://www.latimes.com/technology/la-fi-hackers28nov28,1,1845462.story
- - - - - - - - - -
Smart-card crypto engine gets certification
A flash-based secure cryptographic controller for
smart cards from Atmel Corp. of San Jose, Calif.,
has been granted a Common Criteria Evaluated
Assurance Level 4+, augmented to Assurance
Vulnerability Assessment-Vulnerability Analysis.4.
The AVA-VLA.4 augmentation represents a high
level of assurance against sophisticated attacks,
according to the National Institute of Standards
and Technologys Computer Security Resource Center.
http://www.gcn.com/vol1_no1/daily-updates/24301-1.html
UK to consider national biometric ID cards, database
http://computerworld.com/governmenttopics/government/policy/story/0,10801,87642,00.html
- - - - - - - - - -
Readers Wouldn't Buy Security Products From Microsoft
Microsoft's latest security initiative, "Securing the
Perimeter," shows it hasn't given up in its battle
against hackers and virus writers. But it appears
the software giant has a long ways to go to win
the trust of InternetWeek readers.
http://www.internetweek.com/breakingNews/showArticle.jhtml%3Bjsessionid=BQIYOAZGIF3JWQSNDBCCKHQ?articleID=16401039
- - - - - - - - - -
Reseller touts home WLAN pack with easy to use security
UK reseller Dabs has launched a Wi-Fi offering that
it claims will deliver a fully secure environment
yet retain plug-and-play access to home WLANs. Dabs
is essentially bundling services provided by hotspot
aggregator MyZones with Netgear's ME103 ProSafe
Wireless Access Point and the vendor's MA111
Wireless USB Adaptor for PS99 excluding sales tax.
Essentially, MyZones allows you to manage your
WLAN's security through its web page - or in this
case, a Dabs-branded one. The Wi-Fi hardware is
preconfigured to operate with MyZones.
http://www.securityfocus.com/news/7534
- - - - - - - - - -
Finding the Missing Piece in Corporate Security Puzzle
Corporations are spending millions on advanced
technologies to protect important computer
networks, but assessing the effectiveness of
those safeguards can be a challenge in itself,
said Elizabeth A. Nichols, founder of a software
firm that analyzes security products.
http://www.washingtonpost.com/wp-dyn/articles/A23637-2003Nov30.html
- - - - - - - - - -
A two-pronged approach to cybersecurity
In September, Amit Yoran became the United States'
top cybersecurity defender. Against a backdrop
ofnew challenges from increasingly sophisticated
hackers, Yoran is responsible for preparing the
government's response to any major cyberattacks.
http://news.com.com/2008-7355-5112350.html
Yoran Steps Down from Digital Sandbox Board; More Headlines...
http://www.washingtonpost.com/wp-dyn/articles/A20358-2003Mar13.html
- - - - - - - - - -
Tips on locking down your WLAN
In August, engineers with AirDefense Inc., a wireless
LAN security software vendor, made war drives in Atlanta,
Chicago and San Francisco, using scanners to find WLAN
access points around downtown office buildings. The
drivers discovered more than 1,100 access points. Of
these, 57% weren't using any form of data encryption,
although most of the actual data traffic in Chicago
and San Francisco was encrypted by other means, such
as a VPN.
http://computerworld.com/securitytopics/security/story/0,10801,87705,00.html
- - - - - - - - - -
Password hint: Think whether yours is good enough
Recent website security scares have brought home
the importance of a sensible approach to passwords,
at both the personal and corporate levels. Tony
Hallett reports on what the industry is saying -
and whether passwords are enough. Tricky things,
passwords. They are our most common way of
safeguarding digitally stored information over
shared media but they are fraught with contradictions.
Most obviously, the safer they look - in terms
of length and mix of characters - the harder
they often are to remember, making them dangerous
when end users write them down.
http://www.silicon.com/software/security/0,39024655,39117138,00.htm
- - - - - - - - - -
Wi-Fi arrest in Toronto highlights security dangers
Wireless security for home networks is in the
spotlight following an unusual arrest in Canada,
where a man stands accused of downloading child
pornography over a hijacked Wi-Fi connection.
Toronto police said they stopped a car last week
for a traffic infraction when they found the driver
naked from the waist down with a laptop computer
on the front seat, playing a pornographic video
that had apparently been streamed over a
residential wireless hot spot.
http://zdnet.com.com/2100-1105_2-5112000.html
Top-down security
http://www.infoworld.com/article/03/11/26/47secadvise_1.html
Cyber watchdogs to get stronger teeth
http://economictimes.indiatimes.com/articleshow/msid-326859,Curpg-2.cms
Secure remote access - the way to go
http://www.silicon.com/comment/0,39024711,39117105,00.htm
- - - - - - - - - -
Security worries keep many from banking online
Alma Villalpando, a program director at Eastfield
College in Mesquite, Texas, says she's comfortable
using a computer. She even offers training programs
on cybersecurity. But when it comes to online
banking, it's a firm, ``No.''
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7388475.htm
The Wells Fargo Example
http://www.securityfocus.com/columnists/201
Spam fears dampen online Christmas shopping
http://news.zdnet.co.uk/internet/ecommerce/0,39020372,39118212,00.htm
Pa. company has e-mail you want to read
http://www.usatoday.com/tech/news/2003-12-01-not-spam_x.htm
- - - - - - - - - -
Exploiting Cisco Routers: Part 2
Access Granted -- Now What? Welcome back! The first
article in this two-part series covered a few different
methods of getting into the target router. This article
will focus on what we can do once we've gotten in. For
the remainder of this article, we'll assume that the
only progress we've made is that we've gotten the below
router config via the vulnerable HTTP server. At this
point, Access Control Lists (ACLs) prevent us from
logging in directly to the router.
http://www.securityfocus.com/infocus/1749
- - - - - - - - - -
Insurer taps voice analysis tech to detect fraud
Online insurer Esure is to use technology that
recognises when a speaker is under stress in
a bid to detect fraud.
http://www.theregister.co.uk/content/4/34248.html
- - - - - - - - - -
USC to study terrorism and economics
The University of Southern California will receive
$12 million in federal funding over the next three
years to study economic risks from potential
terrorist threats and events to targets, such as
critical infrastructure systems, and develop tools
for planning responses and emergencies.
http://www.fcw.com/geb/articles/2003/1201/web-usc-12-01-03.asp
***********************************************************
Computer Forensics Training - Online. An intense, 150 hour,
instructor lead program that teaches you computer forensics
and helps prepare you for the Certified Computer Examiner
exam. For more information see; www.cybercrime.kennesaw.edu
***********************************************************
Search the NewsBits.net Archive at:
http://www.newsbits.net/search.html
***********************************************************
The source material may be copyrighted and all rights are
retained by the original author/publisher. The information
is provided to you for non-profit research and educational
purposes. Reproduction of this text is encouraged; however
copies may not be sold, and NewsBits (www.newsbits.net)
should be cited as the source of the information.
Copyright 2000-2003, NewsBits.net, Campbell, CA.