NewsBits for February 5, 2004 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ PayPal virus writing scammer scumbag pleads guilty A Minnesota man who tried to defraud PayPal customers through a phishing scam has pleaded guilty to wire fraud. Alec Scott Papierniak, 20, of Mankato in Minnesota, also admitted using viral code to further his fraudulent activities at an appearance in a federal court in San Jose on Tuesday. http://www.theregister.co.uk/content/55/35365.html - - - - - - - - - - Suspected hacker held over Web site breach A Kyoto University researcher was arrested Wednesday for allegedly hacking into the Web site of a computer software association in November to steal personal information. Kazuho Kawai, 40, is suspected of stealing the personal information of 1,200 people, including their names, addresses and phone numbers, from the Association of Copyright for Computer Software Web site between Nov. 6 and 8. http://www.japantimes.co.jp/cgi-bin/getarticle.pl5?nn20040205a2.htm - - - - - - - - - - Judge orders Belgrade man held until trial in porn case U.S. Magistrate Richard Anderson on Wednesday ordered a Belgrade man charged in an Internet child porn case to be held in jail while awaiting trial. Donald Lynn Steindorf, 45, pleaded not guilty Tuesday to an indictment charging him with distributing, receiving and possessing child porn. He also faces a forfeiture count for computer equipment he allegedly used to commit the crimes. Steindorf, a registered sex offender, was the only Montanan charged in Operation Candyman, a nationwide FBI investigation of an Internet-based child pornography ring. The investigation targeted members of three Internet discussion groups on a Yahoo! Inc. Web site, including one called Candyman. In March 2002, criminal charges were filed against 86 people in 26 states. http://www.billingsgazette.com/index.php?id=1&display=rednews/2004/02/05/build/state/80-netchildporn.inc - - - - - - - - - - Man on probation for child pornography charges is arrested again A Syosset man who just served jail time in Suffolk County for child pornography is in trouble again Tuesday. Eric Sesack, 31, is charged with possessing more than 100 images of children engaged in sex. New Hampshire police contacted Nassau investigators after Sesack allegedly offered child porn to an undercover in a chat room. In July, he was sentenced to six months jail time in Riverhead for the same crime, and he was still on probation. http://www.news12.com/LI/topstories/article?id=100653 http://1010wins.com/topstories/winstopstories_story_034160909.html - - - - - - - - - - Man faces 26 counts for child sex crimes A Dousman man faces more than two dozen felonies for sex crimes against a child after investigators allegedly found child pornography and nude pictures of his girlfriend's 13-year-old daughter. Timothy J. Jeske, 37, allegedly recorded the girl inside her bedroom with a wireless camera that transmitted images to his computer, according to a criminal complaint filed Tuesday in Waukesha County Circuit Court. A search of Jeske's computer also allegedly revealed numerous pictures of other children engaged in graphic sexual acts, the complaint shows. http://www.gmtoday.com/news/local_stories/2004/February_04/02042004_08.asp - - - - - - - - - - Hendersonville firefighter jailed on sex charges A Hendersonville firefighter was jailed Monday on charges of aggravated sexual battery and especially aggravated sexual exploitation of a minor. David Earl Nixon, of Westmoreland, was arrested at his home. He remained in jail Wednesday evening in lieu of a $50,000 bond, according to a statement released by the Sumner County Sheriff's Department. The 29- year-old is accused of transmitting "live pictures with the use of a 'web-camera' device of a minor child over the Internet during a 'chat session,'" according to the statement. http://www.gallatinnewsexaminer.com/includes/bulletin02042004.html - - - - - - - - - - Man nabbed in 'Net sting Police say 40-year-old Meriden resident Consecrate Rios Jr. thought he was talking to a 13-year-old girl in a Connecticut-themed Internet chat room. And when he allegedly attempted to arrange what police say was a sexual encounter with the girl, he became the third area man in five days arrested on suspicion of such an action. The "girl" was actually an undercover Southing-ton police officer investigating local child sex predators, a probe that began in early January, said Southington police Sgt. Lowell DePalma. http://www.newbritainherald.com/site/news.cfm?newsid=10912768&BRD=1641&PAG=461&dept_id=10110&rfi=6 - - - - - - - - - - Soldier accused of enticing underage girl A Fort Stewart soldier was arrested Saturday after he was allegedly caught having sex with a 14 year old girl. Christopher Martin Lawson, 29, has been charged by Long County officials with one count of child molestation and one count of enticing a child for an immoral purpose for allegedly enticing the juvenile over the internet with promises of help her land a modeling contract. http://www.zwire.com/site/news.cfm?newsid=10915357&BRD=1389&PAG=461&dept_id=161952&rfi=6 - - - - - - - - - - Ice cream vendor who downloaded child porn still on job A Northland ice cream vendor convicted on Internet child pornography charges remains on the job. Last Friday the 40-year-old Paihia man was fined $9000 after he admitted 18 charges of trading or collecting child sex abuse images and electronic movies. Yesterday John Alter was operating his Mr Frosty ice cream van in Waitangi. He declined to talk to a reporter. The Department of Internal Affairs has revealed that Apter's arrest and subsequent confession came after he was the victim of an international sting. In October 2002, a Canadian agency monitoring the Internet for child pornography detected a New Zealander using an Internet file-share application. http://www.stuff.co.nz/stuff/0,2106,2804768a11,00.html - - - - - - - - - - Online child sex crimes rise in Japan Reported rape and robbery cases involving children in Japan, mostly schoolgirls lured into online sex sites, jumped last year despite a law banning the soliciting sex from minors over the Internet. There were 72 rape cases, up 35.8 percent from a year earlier, with the number of robbery cases surging 54.2 percent to 37, the National Police Agency said in a report. While murder cases fell by two to four, kidnapping and abduction cases rose by three to six, it said. Under a law enacted in last September, adults who post messages on the Internet asking minors aged under 18 for sex will face fines of up to one million yen (9,500 dollars) or go to jail for six months. http://www.channelnewsasia.com/stories/afp_asiapacific/view/69619/1/.html - - - - - - - - - - Net fuelled killer's necrophiliac lust The family of murdered school teacher Jane Longhurst (31) is calling for tighter regulation of online pornography following the sentencing of her murderer Graham Coutts yesterday in Lewes Crown Court. Coutts (35), a voracious consumer of web sites devoted to snuff movies and necrophilia, was sentenced to life imprisonment, with a minimum tariff of 30 years. The part-time, Scottish-born, musician visited Web sites with names such as "necrobabes", "death by asphyxia" and "rape pleasure". http://www.theregister.co.uk/content/6/35358.html - - - - - - - - - - Phishers improve bait as they target ISPs Even tech-savvy users could be fooled by the latest phishing scams, which have evolved beyond all recognition in their bid to steal credit card details, says an anti-phishing organisation. Phishing attacks are reaching a point of sophistication where even the most Internet-savvy user could be fooled, said the Anti-Phishing Working Group (APWG) on Wednesday. http://news.zdnet.co.uk/internet/security/0,39020375,39145515,00.htm - - - - - - - - - - Army backs down on classified data threat The U.S. Army has apologized for threatening to prosecute an open-government advocacy group after it republished a document copied from a military Web site. An official with the U.S. Army Services and Operations Agency on Wednesday accused the Federation of American Scientists (FAS) of publishing a secret government document about acquiring military hardware--before backing down a few hours later. http://zdnet.com.com/2100-1105_2-5154210.html - - - - - - - - - - OMB: Focus on cybersecurity before new projects The Office of Management and Budget has told 18 agencies not to develop, modernize or enhance IT systems until their cybersecurity problems are fixed. OMB administrator for IT and e-government Karen Evans today said agencies must stop layering new projects on top of vulnerable IT infrastructures, and do a better job of managing their IT portfolios. http://www.gcn.com/vol1_no1/daily-updates/24856-1.html http://www.fcw.com/fcw/articles/2004/0202/web-ombsecurity-02-05-04.asp - - - - - - - - - - Justice Department asks FCC to address VoIP wiretapping The Justice Department has asked federal regulators to delay setting rules for carrying phone calls over Internet connections until they address how those conversations can be monitored. FBI Deputy General Counsel Patrick W. Kelley made the request in a letter to the Federal Communications Commission. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7884914.htm http://www.washingtonpost.com/wp-dyn/articles/A16764-2004Feb5.html http://www.theregister.co.uk/content/55/35377.html - - - - - - - - - - ENISA will co-ordinate European police in fight against cyber crime The European Commission has given the green light to a pan-European cyber crime team that will draw together the efforts of police forces throughout Europe. The European Network of Information Security Agency (ENISA), based in Brussels, was created after the EC recognised the need to synchronise approaches to internet and network security across the continent. Initially, ENISA will run for four years on a budget of E24.3m with the potential to become a permanent organisation should its work prove successful. http://www.intranetstrategist.com/xq/asp/sid.452EE4A2-B5FE-4063-8A77-1847ABE92B0A/articleid.27B7D9D1-07D2-4BC5-B0F1-62FEFEEC2A1A/qx/display.htm - - - - - - - - - - FBI asks computer shops to help fight cybercrime Agents with the Federal Bureau of Investigation's Cyber Crime Squad have been approaching O'ahu computer-repair specialists, network consultants and software developers and asking them to report any overtly criminal activity they find in customers' computers. Owners of computer repair shops reported that FBI agents have come calling for at least a year. http://the.honoluluadvertiser.com/article/2004/Feb/05/ln/ln01a.html - - - - - - - - - - Jail, fine if you dont tell the world your email & home address If you dont tell the world your email, home address and telephone number you could face a seven-year jail sentence and a $150,000 fine under new legislation that the US Congress is trying to push past today. http://www.theregister.co.uk/content/6/35376.html - - - - - - - - - - Cable modem hackers conquer the co-ax A small and diverse band of hobbyists steeped in the obscure languages of embedded systems has released its own custom firmware for a popular brand of cable modem, along with a technique for loading it -- a development that's already made life easier for uncappers and service squatters, and threatens to topple long-held assumptions about the privacy of cable modem communications. http://www.securityfocus.com/news/7977 - - - - - - - - - - Web applications wide open to hackers The vast majority of web applications are wide open to attacks by hackers, a four-year testing programme has revealed. According to vulnerability assessments conducted by the Application Defense Center of security firm WebCohort, at least 92 per cent of web applications are vulnerable to some form of hacker attack. http://www.vnunet.com/News/1152521 - - - - - - - - - - RealPlayer flaws open PCs up to hijackers RealNetworks acknowledged on Wednesday that three flaws affecting different versions of its media player could allow attackers to create corrupt music or video files that, when played, take control of a victim's PC. http://zdnet.com.com/2100-1105_2-5154193.html http://msnbc.msn.com/id/4185013/ - - - - - - - - - - .zip files putting the zap on antivirus products E-mail users who were slow to update their antivirus software last week may have been surprised to receive a flood of e-mail messages containing .zip files from long-lost acquaintances, business partners and complete strangers. The e-mail was sent by the recent Mydoom e-mail worm. The zipped attachments were evidence of what antivirus experts say is a new trend in virus writing circles: using compressed .zip files to hide viruses and elude detection by antivirus engines. http://computerworld.com/securitytopics/security/virus/story/0,10801,89897,00.html - - - - - - - - - - Safer Internet Day More should be done to protect children online, according to the organisers of tomorrow's European "Safer Internet Day". Sixteen European countries (including Australia) are taking part in the day of action as part of a coordinated campaign to defend "children's right to a safer Internet". http://www.theregister.co.uk/content/6/35356.html - - - - - - - - - - Pentagon scraps Internet voting system Citing security concerns, the Pentagon has canceled Internet voting that would have involved as many as 100,000 military and overseas citizens from seven states in November, a Defense Department official said Thursday. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7884707.htm http://zdnet.com.com/2100-1104_2-5154321.html http://www.washingtonpost.com/wp-dyn/articles/A17147-2004Feb5.html http://www.wired.com/news/evote/0,2645,62180,00.html Online Voting Clicks in Michigan http://www.washingtonpost.com/wp-dyn/articles/A17123-2004Feb5.html Voting kiosks installed for mall rats http://www.cnn.com/2004/US/West/02/04/offbeat.voting.ap/index.html - - - - - - - - - - US LYNCH MOBS HOWL AT LONDON'S KID CRACKER SENTENCE In the UK, a teenager is convicted of a computer crime but escapes gaol. Where do the screams come from? As is typified by this ignorant editorial in Silicon.com, there's outcry in the US because a court in Britain has decided not to lock up an 18-year-old convicted of breaking into computers at Fermilab. Rather than delve into the case, read the judges comments, and come to terms with a legal system not their own, American IT press and security experts have instead reverted to type. Insularity? We've heard of it... http://www1.commsworld.com.au/NASApp/cs/ContentServer?pagename=commsworld/home&var_el=art&art_id=1067861727699 - - - - - - - - - - E-mail service vows to stop spam, spare the good A start-up is offering a Web-based e-mail service that aims to stop spam dead in its tracks without blocking out potentially useful e-mails. New York- based ZoEmail on Thursday launched its spam-free e-mail service using technology licensed from AT&T Labs. The company said the technology can completely eliminate unwanted and unsolicited e-mail from users' in-boxes. http://zdnet.com.com/2100-1104_2-5153907.html - - - - - - - - - - Microsoft project aims to make spammers pay for spam Microsoft Corp., which has declared war on spam and those responsible for floods of unsolicited e-mail, is aiming to raise the cost for spammers with a new technology targeting the low barrier to sending mass messages. http://computerworld.com/softwaretopics/software/groupware/story/0,10801,89900,00.html - - - - - - - - - - Five keys to success with identity management Identity management platforms have a broad range of benefits, but it's not always easy to see the scope of the project from the start. When delving into an ID management project, it can also be hard to know how to reach a balance between access management and security, profile management and privacy, and provisioning and integration. http://computerworld.com/securitytopics/security/story/0,10801,89847,00.html - - - - - - - - - - IP VPN migration 'inevitable' The rise and rise of IP Virtual Private Network services is set to continue apace, with the technology clocking up a whopping 20 per cent compound annual growth rate over the next four years. According to the latest research from to In-Stat/MDR, IP VPNs will hoover up additional market share as corporates jump ship from more expensive legacy Wide Area Networking services such as Frame Relay (FR) / ATM and private leased lines. http://www.theregister.co.uk/content/5/35369.html - - - - - - - - - - The Next Big Network-Security Fiasco Utilities, transportation and petrochemical businesses are interconnecting their previously isolated networks with Internet facilities, says William Hancock, chairman of the Internet Security Alliance, leaving vital infrastructures vulnerable. "Worst-case scenario" thinking is becoming popular in the culture at-large. Survival handbooks teach how a person can survive in life-threatening situations that most people never will have to face: how to get out of a car that is sinking in the water, how to dig out if you're buried in an avalanche, and how to land a plane, among others. http://www.newsfactor.com/story.xhtml?story_title=The_Next_Big_Network_Security_Fiasco&story_id=23130 - - - - - - - - - - Common sense security Each week vnunet.com asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week Chris Barling, chief executive officer of Actinic, calls for more trust in IT security and less dependence on overzealous safety measures. http://www.vnunet.com/News/1152539 - - - - - - - - - - TiVo watchers uneasy after post-Super Bowl reports Janet Jackson's Super Bowl flash dance was shocking in more ways than one: Some TiVo users say the event brought home the realization that their beloved digital video recorders are watching them, too. http://news.com.com/2100-1041_3-5154219.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.