NewsBits for February 9, 2004 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ New MyDoom version begins rampage A new version of the MyDoom virus is spreading in the wild, according to security consultancy iDefense Inc. The new worm, MyDoom.c or DoomJuice, spreads over network connections to an open port on computers already infected by earlier versions of the worm. http://www.gcn.com/vol1_no1/daily-updates/24900-1.html http://msnbc.msn.com/id/4224954/ http://www.cnn.com/2004/TECH/internet/02/09/new.worm.reut/index.html http://www.wired.com/news/infostructure/0,1377,62229,00.html http://computerworld.com/securitytopics/security/virus/story/0,10801,90005,00.html - - - - - - - - - - Man accused of assaulting girls he met online A Houston man who met two juvenile girls over the Internet drugged and assaulted them after luring them from their school campus, authorities said. Navid Ocheghaz Ghahremani, 21, of the 6100 block of Reims was arrested Friday and charged with one count each of aggravated sexual assault of a child and sexual assault of a child. Bail was set at $60,000. Harris County Precinct 4 deputy constables said Ghahremani met two north Harris County girls on the Internet and picked them up from their private school campus Jan. 30. http://www.chron.com/cs/CDA/ssistory.mpl/metropolitan/2391811 - - - - - - - - - - Hosting firm felled by attacks A massive distributed-denial-of-service attack hit an Australian Web hosting firm over the weekend. A wave of distributed denial of service (DDoS) attacks against hosting giant WebCentral, which began on Saturday, downed the network for a second time on Sunday. http://news.zdnet.co.uk/communications/networks/0,39020345,39145663,00.htm - - - - - - - - - - Extortionists attack Paddypower.com Irish on-line betting site Paddypower.com is the latest high-profile Web property to suffer a denial of service attack from malicious users bent on extortion. The company confirmed that its Web site was temporarily off line for a number of hours on Wednesday evening (Feb 4) as a result of interference from a distributed denial of service (DDoS) attack. http://www.theregister.co.uk/content/55/35412.html - - - - - - - - - - Paris Hilton sues over Internet sex tape Reality TV star Paris Hilton has sued a Panama- based Internet company for $30 million, claiming that it illegally distributed a now-infamous tape of her having sex with an ex-boyfriend. Hilton, who describes herself in the Los Angeles Superior Court lawsuit as a model and actress, sued Kahatani Ltd. for violation of privacy, illegal business practices and infliction of emotional distress. http://www.cnn.com/2004/TECH/internet/02/09/paris.lawsuit.reut/index.html - - - - - - - - - - Californian sues penis pill spammers for fraud A Californian man has put his manhood on the line by suing the spam-vertisers of penis enlargement pills. The dicky medicine sold to Jeffery (sic) Horton failed to have the desired effect, prompting his decision to file a lawsuit against Leading Edge Marketing of British Columbia, shipment agent TechniPak of Greeley, Colardo and several others. The lawsuit - which seeks class action status - claims the oils and herbal supplements marketed by Leading Edge under the brand name VigRx are ineffective. http://www.theregister.co.uk/content/6/35420.html - - - - - - - - - - Powergen sets legal attack dogs on security whistle-blower Powergen and a customer who highlighted a serious breach in consumer security at the utility more than three years ago are still locked in legal dispute. John Chamberlain earned the enmity of the British utility company for leaking to Silicon.com a list of credit cards left unprotected on the utility's Web site. He is fighting a breach of confidence suit from Powergen. This civil lawsuit, which arises out of an accusation that Chamberlain failed to keep a promise to destroy customer data obtained from Powergen's site, is to be tried in the Chancery Court at Birmingham on March 12. http://www.theregister.co.uk/content/55/35434.html - - - - - - - - - - AMD raids Asia resellers after fake chips found AMD has found 30 bogus chips in four PC stores in Manila, the Philippines, in a series of raids. Advanced Micro Devices has embarked on a series of raids on regional computer resellers following the discovery of a counterfeit processor market in Asia. In a series of search operations conducted last week in the Philippines, AMD seized 30 bogus chips from four PC shops in Manila city, reported local daily The Philippines Enquirer. http://news.zdnet.co.uk/hardware/chips/0,39020354,39145658,00.htm - - - - - - - - - - Saucy e-mail investigation The president of the Louisiana Senate planned Monday to release the findings of an investigation into a racy e-mail sent by the Senate's top administrator to hundreds of government employees. http://www.usatoday.com/tech/news/2004-02-09-saucy-email_x.htm - - - - - - - - - - Web Fraud Stings Couple An avid motorcyclist, Dan Holmes couldn't believe his luck when he spotted a 2001 Honda Gold Wing, in shimmering burgundy and emblazoned with eagles, selling for $5,000 on eBay. At that price the cycle was a bargain - about $7,000 below market value. http://news.tbo.com/news/MGATZ513DQD.html - - - - - - - - - - Police warn of Internet scam Local residents are asked to be on their guard against fraudulent e-mail and other scams being perpetrated over the Internet. Leavenworth police Lt. Pat Kitchens said over the last month his department has been contacted by a number of people concerned about e-mail they have received. He said people should be cautious of any e-mail that asks questions about personal information. http://www.leavenworthtimes.com/articles/2004/02/08/news/news07.txt Con men 'phishing' for your financial secrets http://www.thehollandsentinel.net/stories/020804/bus_020804063.shtml - - - - - - - - - - Government agency exposes day-care data A government subcontractor posted the names, birthdays and daily whereabouts of hundreds of upstate New York children to the Internet, where the information remained publicly available for weeks until MSNBC.com notified authorities. http://msnbc.msn.com/id/4186130/ - - - - - - - - - - Industry, governments must cooperate with growing threat International cooperation is needed to safeguard computer systems from terrorist infiltration, industry officials told a global technology conference in India Wednesday. http://www.detnews.com/2004/technology/0402/05/technology-55843.htm Homeland Security critical infrastructure effort proceeds unevenly http://www.govexec.com/dailyfed/0204/020904c1.htm - - - - - - - - - - VeriSign says online fraud growing fast A report released Monday by VeriSign, the company that maintains the Internet's .com and .net domain registry, indicates that attempted site hacks, online fraud and identity theft are growing rapidly, as e-commerce proliferates. http://zdnet.com.com/2100-1105_2-5156062.html - - - - - - - - - - Online Search Engines Help Lift Cover of Privacy Sitting at his laptop, Chris O'Ferrell types a few words into the Google search engine and up pops a link to what appears to be a military document listing suspected Taliban and al Qaeda members, date of birth, place of birth, passport numbers and national identification numbers. Another search yields a spreadsheet of names and credit card numbers. http://www.washingtonpost.com/wp-dyn/articles/A24053-2004Feb8.html - - - - - - - - - - Nokia: Bluetooth flaw gnaws at phone security Nokia has confirmed that some of its Bluetooth- enabled cell phones are vulnerable to "bluesnarfing," in which an attacker exploits a flaw to read, modify and copy a phone's address book and calendar without leaving any trace of the intrusion. http://zdnet.com.com/2100-1105_2-5155927.html - - - - - - - - - - Mobile companies team to prevent handset theft Mobile phone operators and handset makers are working together in an international campaign to decrease mobile phone theft. The initiative aims to allow operators to track stolen handsets and render them useless, even if the handsets are taken abroad. http://computerworld.com/securitytopics/security/story/0,10801,90013,00.html - - - - - - - - - - IIA funds anti-virus website AUSTRALIA'S ISPs have called on local internet users to better protect themselves from viruses and worms, setting up a website that lets users download trial versions of anti-virus software. http://australianit.news.com.au/articles/0,7204,8630511%5E15318%5E%5Enbv%5E15306,00.html - - - - - - - - - - Compuware boosts Web services security in modeling tool Compuware on Monday is unveiling OptimalJ 3.1, a model-driven Java development tool featuring support for the Web Services-Security specification as well as integration with application servers, modeling tools, and messaging middleware. http://www.infoworld.com/article/04/02/09/HNcompuw_1.html - - - - - - - - - - Unipalm adds Rainbow VPN Security distributor Unipalm has added Rainbow Technologies' Secure Socket Layer virtual private network (SSL VPN) software to its product range. http://www.vnunet.com/News/1152633 - - - - - - - - - - Linux Security on the Ropes Veteran programmers have brought lifetimes of experience to Linux's development, including an awareness of the "gotchas" of OS security, says Paula Hunter, OSDL business-development director. "There are people who are working on [Linux] projects that probably have children that work at Microsoft." http://www.newsfactor.com/story.xhtml?story_title=Linux_Security_on_the_Ropes&story_id=23156 - - - - - - - - - - The Virus Underground Mario stubs out his cigarette and sits down at the desk in his bedroom. He pops into his laptop the CD of Iron Maiden's ''Number of the Beast,'' his latest favorite album. ''I really like it,'' he says. ''My girlfriend bought it for me.'' He gestures to the 15-year-old girl with straight dark hair lounging on his neatly made bed, and she throws back a shy smile. Mario, 16, is a secondary-school student in a small town in the foothills of southern Austria. http://www.nytimes.com/2004/02/08/magazine/08WORMS.html - - - - - - - - - - Virus got you down? Simple steps, safe computing vigilance help keep your machine healthy. It all sounds so complicated, and a bit scary. Malicious intruders. Worm infestations. Viruses on a global rampage. The ``Mydoom'' worm that clogged networks while infecting up to 2 million computers worldwide is just the latest threat to flash across the Internet. While Mydoom cleverly crept into some corporate systems, the worm was often unleashed by home and small-business computer users. http://www.mercurynews.com/mld/mercurynews/business/technology/personal_technology/7910333.htm - - - - - - - - - - The first fallout from Cybergate Did Republican staffers commit a crime by clicking on the "My Network Places" icon to access Democratic memos? Politics is dirty business, and rarely so much as in the area of patronage: appointments to sought- after federal jobs in general, and to the federal bench in particular. So it should be little surprise that, with so much at stake, one political party would want to use the insecurity inherent in computerized databases to its political advantage. http://www.securityfocus.com/columnists/219 - - - - - - - - - - The pornography industry vs. digital pirates Thousands of Web sites are putting Playboy magazine's pictures on the Internet--free. And Randy Nicolau, the president of Playboy.com, is loving it. "It's direct marketing at its finest," he said. Let the music industry sue those who share files, and let Hollywood push for tough laws and regulations to curb movie copying. Playboy, like many companies that provide access to virtual flesh and naughtiness, is turning online freeloaders into subscribers by giving away pictures to other sites that, in turn, drive visitors right back to Playboy.com. http://news.com.com/2100-1025_3-5155243.html Anti-Piracy Campaign Gets a Laugh http://www.wired.com/news/digiwood/0,1412,62197,00.html - - - - - - - - - - Will the election be hacked? A few weeks after Election Night 2002, Roxanne Jekot, a computer programmer who lives in Cumming, Ga., began fearing demons lingering in the state's voting machines. The midterm election had been a historic one: Georgia became the first state to use electronic touch-screen voting machines in every one of its precincts. The 51-year-old Jekot, who has a grandmotherly bearing but describes herself as a "typical computer geek," was initially excited about the new system. http://www.salon.com/tech/feature/2004/02/09/voting_machines/index_np.html - - - - - - - - - - Watch list target pushed to summer's end Testifying before the Senate Governmental Affairs Committee today about the Bush administration's proposed fiscal 2005 budget priorities, Ridge said officials are working around-the-clock to merge the lists into the FBI-led Terrorist Screening Center. Officials missed a Dec. 1 deadline to complete the consolidation. http://www.fcw.com/fcw/articles/2004/0209/web-ridge-02-09-04.asp *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.