NewsBits for December 4, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Online Drug Ring Bust in Va. Charges 10 People in 3 States Federal officials in Alexandria yesterday said they broke up a major ring that sold weight-loss drugs and other controlled substances over the Internet and announced charges against 10 people in three states. http://www.washingtonpost.com/wp-dyn/articles/A33346-2003Dec3.html http://www.cnn.com/2003/US/South/12/03/internet.pharmacy.bust/index.html Pot: Next frontier for online profit http://www.msnbc.com/news/1001361.asp - - - - - - - - - - Man Confesses to Eating Internet Acquaintance A German computer expert charged with killing an Internet acquaintance and eating his flesh made a detailed confession at the opening of his murder trial in Kassel, Germany. Armin Meiwes, 42, described how Bernd Juergen Brandes, 43, traveled from Berlin in March 2001 in reply to an Internet ad seeking a young man for "slaughter and consumption." He said he got more than 400 responses. Evidence includes a videotape of Brandes' slaying. (LA Times article, free registration required) http://www.latimes.com/technology/la-fg-briefs4.3dec04,1,3375689.story - - - - - - - - - - Heckenkamp Challenges Computer Ban Accused eBay hacker Jerome Heckenkamp is back in federal court in California this month, but it isn't for his ever-slipping trial date. His attorneys are mounting a constitutional challenge to court-ordered pre-trial restrictions that have kept him from computers and the Internet since his indictment nearly three years ago. http://www.securityfocus.com/news/7576 - - - - - - - - - - Phone scam warning exposed as hoax An email warning people to beware of a phone scam that could cost them PS20 a minute is a hoax. The email warns people about receiving a recorded message which tells them they've won a prize, and then asks them to press '9' to hear further details. http://www.theregister.co.uk/content/6/34349.html - - - - - - - - - - Hacked Gentoo Linux server taken offline Hackers have forced the Gentoo Linux project to take a server offline. The attack and subsequent compromise comes after several machines belonging to the Debian Linux project were breached by attackers last month. A forensic analysis of the Debian machines revealed that no software packages or source code offered for download were affected --a claim now being made by Gentoo. http://news.com.com/2100-7349_3-5113227.html Linux Security Expert Defends Debian http://www.internetnews.com/dev-news/article.php/3116231 - - - - - - - - - - Bush Signs ID Theft Legislation President Bush on Thursday signed legislation giving consumers new protections against identity theft, including free credit reports and a national fraud- alert system to minimize damage once a theft has occurred. The measure also requires that receipts omit the last digits of credit cards. http://www.washingtonpost.com/wp-dyn/articles/A35173-2003Dec4.html - - - - - - - - - - RIAA Files 41 More File-Sharing Suits The Recording Industry Assn. of America filed 41 new lawsuits against Internet users who trade songs online, saying the legal campaign was producing a growing number of settlements and drawing greater public support. The trade group filed its third wave of lawsuits since September in federal courts across the United States. The RIAA planned to warn an additional 90 users that they could be sued. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7406625.htm http://www.latimes.com/technology/la-fi-rup4.4dec04,1,4922006.story http://zdnet.com.com/2100-1105_2-5113188.html http://www.msnbc.com/news/1001335.asp http://www.cnn.com/2003/TECH/internet/12/04/downloading.music.ap/index.html http://www.usatoday.com/tech/news/2003-12-03-music-downloading_x.htm - - - - - - - - - - Australia hits back at spammers Senders of electronic junk mail or spam face fines of hundreds of thousands of dollars in Australia under a new law approved by parliament. But the law, which was passed late Tuesday, is not expected to stop the massive influx of overseas-sourced spam. http://www.cnn.com/2003/TECH/internet/12/02/spam.australia.reut/index.html - - - - - - - - - - Judge dismisses Streisand's $10M suit A Los Angeles judge Wednesday dismissed a $10 million lawsuit filed by Barbra Streisand against a multimillionaire who posted photos of her Malibu estate on a Web site documenting erosion along the California coast. http://www.cnn.com/2003/SHOWBIZ/Music/12/04/ple.streisand.reut/index.html http://www.usatoday.com/tech/news/techpolicy/2003-12-04-streisand-suit_x.htm - - - - - - - - - - ASA slaps Nodots scam Denmark-based Net naming outfit Nodots has received a slap on the wrist from the UK's advertising watchdog for sending junk mail that resembles and invoice. The company tried to get companies to cough up PS500 to register for its "Qname" service by sending out misleading-looking letters that looked like invoices. http://www.theregister.co.uk/content/6/34339.html - - - - - - - - - - Net unprepared for cyberterrorism - US officials US homeland security officials say the Internet represents an 'attractive target for terrorists' but defences remain 'unacceptable'. This year's Blaster computer virus wreaked havoc on half a million computers. But that's child's play compared to what a real terrorist cyberattack would do, US homeland security officials said on Wednesday. http://news.zdnet.co.uk/internet/security/0,39020375,39118284,00.htm A Case of Internet Security Anxiety http://www.washingtonpost.com/wp-dyn/articles/A34815-2003Dec4.html Fed cybersecurity chiefs get a council http://www.fcw.com/fcw/articles/2003/1201/web-council-12-04-03.asp Homeland Security science division will also tackle cybersecurity http://www.govexec.com/dailyfed/1203/120403tdpm2.htm IT security pros confident of defenses http://computerworld.com/securitytopics/security/story/0,10801,87800,00.html Lieberman accuses DHS of violating E-Gov Act http://www.gcn.com/vol1_no1/daily-updates/24349-1.html http://www.fcw.com/fcw/articles/2003/1201/web-usvisit-12-04-03.asp - - - - - - - - - - The growing problem of identity theft According to the 2003 Computer Crime Survey conducted by the Computer Security Institute in conjunction with the FBI, nearly 13 per cent of respondents were the victim of identity theft in the past year in the US, writes Fran Howarth OF Bloor Research. In total, losses from identity theft in the US in the past year are estimated to have amounted to around $50 billion. http://www.theregister.co.uk/content/55/34336.html - - - - - - - - - - Trojans on the Rise, Say Computer-Security Experts What Belthoff found most disturbing were signs of a coalition between spammers and Trojan programmers. Recent Trojans like Regate-A and Dmomize-A infect and essentially hijack computers, using them as bases from which to launch reams and reams of spam. The Greeks are at the door, according to Internet- security company Sophos, which has sounded the warning of a sharp increase in the number of Trojans being used to infect and attack computers. http://www.newsfactor.com/perl/story/22801.html - - - - - - - - - - MS exec: Virus authors are winning big Creators of computer viruses are winning the battle with law enforcers and getting away with crimes that cost the global economy some $13 billion this year, a Microsoft official said Wednesday. Counterfeit centers are shifting from California and Western Europe to countries including Paraguay, Colombia and Ukraine said David Finn, Microsoft's director of digital integrity for Europe, the Middle East and Africa. http://zdnet.com.com/2100-1105_2-5113222.html - - - - - - - - - - Fight against Internet sex crimes working A University of New Hampshire study says police are doing well in the fight against Internet-related sex crimes against children. The study points to more than 2,500 arrests a year, cooperation between local state and federal agencies and the effective use of undercover sting operations as some indicators of success. The study also found prosecutions of Internet-related crimes appear to be more successful than prosecutions for other child sex crimes. http://www.wmtw.com/Global/story.asp?S=1549359 - - - - - - - - - - Paedophiles will be detected through the psychological portrait Four-day conference on fighting on-line paedophilia has been held in headquarters of Interpol in Lion (France). International Center for Missing and Exploited Children (ICMEC) was organizer of the conference. Police officers from 36 countries and representatives of tech firms have gathered at the conference. They will be submitted the training program for law enforcement bodies on fighting sexual predators in the Internet. http://www.crime-research.org/news/2003/12/Mess0404.html - - - - - - - - - - Pirated Movies Flourish Despite Security Measures The more studios try to stifle bootlegging, the more technology works to undermine them. Hollywood's all-out war against movie piracy is turning into a big-budget bomb, with illegal copies of virtually every new release and even some films that have yet to debut in theaters turning up on the Internet. (LA Times article, free registration required) http://www.latimes.com/technology/la-et-piracy4dec04,1,6779001.story - - - - - - - - - - Leave your handhelds at home Leave your laptop or personal handheld at home when you join the Christmas rush and revelry or risk losing your mobile device and all the information that resides on it. This is the advice that mobile security expert Pointsec Mobile Technologies offers corporate clients, based on research that it conducted this year in the "Mobile Usage Survey". http://www.itweb.co.za/sections/hardware/2003/0312040749.asp - - - - - - - - - - Yahoo Instant Messenger has security flaw A security hole in Yahoo's Messenger could allow attackers to run their own code on computers using the program. The buffer overrun vulnerability was found in a file named "yauto.dll," which is an ActiveX component of Messenger software versions up to 5.6.0.1347, according to a security alert released by Copenhagen security company Secunia. Yahoo is working to verify the report and develop a patch for Messenger. http://www.computerweekly.com/articles/article.asp?liArticleID=127018 - - - - - - - - - - Cisco airs out Wi-Fi vulnerability Cisco Systems is warning of a vulnerability in some of its Aironet Wi-Fi access points that could allow attackers to snoop on corporate networks. Vulnerable access points transmit security keys over the air in unencrypted text, meaning that an eavesdropper could intercept them. With the keys, an attacker could easily break the encryption protecting Wi-Fi transmissions. Wi-Fi is a wireless standard commonly used in corporate and personal local-area networks. http://zdnet.com.com/2100-1105_2-5113232.html http://www.vnunet.com/News/1151249 http://www.computerweekly.com/articles/article.asp?liArticleID=127008 Former Intel exec sets Wi-Fi crowd straight http://computerworld.com/securitytopics/security/story/0,10801,87787,00.html - - - - - - - - - - China orders wireless networks to use domestic encryption standards China has ordered computer makers, both at home and overseas, to use its own encryption standard for wireless local area networks, ensuring stronger government control and giving domestic manufacturers a slight respite from some foreign competition. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7412296.htm - - - - - - - - - - Sex and gambling drive mobile content sales Gambling services and adult content delivered via mobile phones could generate combined revenues of $6.5 billion by 2006, according to two new studies. The projected growth in these new mobile content industries, however, will only take place if "the right operating conditions" are set by industry and regulators, said UK-based consultancy Juniper Research. http://www.theregister.co.uk/content/64/34334.html - - - - - - - - - - Why network security should go further than Sarbanes-Oxley There is one good thing about the Sarbanes-Oxley Act: It's a step in the right direction toward getting companies to close the gap between actual behavior and corporate policy. While this ambitious initiative is intended to restore the public's confidence in corporate governance, there is little guidance that is useful to CIOs and their staffs. This initiative is subject to such broad interpretation as to make its implementation and enforcement in the IT world a nightmare. http://computerworld.com/securitytopics/security/story/0,10801,87704,00.html - - - - - - - - - - One size does not fit all Each week vnunet.com asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week Mark Kelly, PKI product marketing manager at Baltimore Technologies, reviews some of the primary authentication options available to financial institutions, and considers their merits and limitations. http://www.vnunet.com/News/1151248 - - - - - - - - - - Critics belittle car-buying safeguards With the rise of online auto buying making it far more difficult for consumers to kick the tires of vehicles prior to purchase, sales sites and third- party providers have rolled out an array of safeguards to assure would-be customers that they can bid or buy with confidence. But critics charge that the protections arent all theyre cracked up to be and give buyers a false sense of security that is being exploited by crooks and cons. http://www.msnbc.com/news/1000753.asp *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.