NewsBits for February 12, 2004 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ 'Hackah Jak' trial could reveal FBI ties The criminal case against a well-known computer hacker moved closer to trial Wednesday when a Cincinnati judge refused to dismiss the charges against him. Jesse Tuttle, better known as "Hackah Jak," is accused of storing child pornography on his computer and is charged with breaking into Hamilton County's computer network. http://www.enquirer.com/editions/2004/02/12/loc_tuttle12.html - - - - - - - - - - ERIE COUNTY MAN CHARGED WITH POSSESSING CHILD PORNOGRAPHY Attorney General Eliot Spitzer today announced the arrest and arraignment of an Erie County man charged with possessing pornographic images of children. The defendant, Douglas Nail, 47, of Depew, was arrested on January 23 and charged in Depew Village Court with a single count of Possessing a Sexual Performance by a Child. Pursuant to an investigation conducted by New York States Internet Crimes Against Children (ICAC) Task Force, a warrant was obtained authorizing the search of Nails residence and seizure of certain electronic evidence. It is alleged that during the execution of the warrant, evidence was discovered containing images of children engaged in sexual conduct. http://www.oag.state.ny.us/press/2004/feb/feb11b_04.html - - - - - - - - - - Two caught in underage sex sting Two men who drove to Alton, allegedly intending to have sex with a 15-year-old "girl" they met online, found they were looking for love in the wrong place just before Valentines Day. Instead of hooking up with a cute teenage girl named "Samantha," the mens planned noon hour liaisons ended up as surprise encounters with Pfc. Mike Bazzell, information technology officer at the Alton Police Department, Deputy Police Chief Jody OGuinn and Pfc. Manuel Espinoza. http://www.zwire.com/site/news.cfm?newsid=10948513&BRD=1719&PAG=461&dept_id=25271&rfi=6 - - - - - - - - - - 3 Expected to Face Charges of Illegally Copying Movie Prints Federal authorities are expected to seek criminal charges against three employees of a Los Angeles motion picture postproduction facility, alleging that they illegally copied prints of movies such as "The Passion of the Christ" and "Kill Bill: Vol. 1" that eventually ended up on the Internet. (LA Times article, free registration required) http://www.latimes.com/technology/la-me-piracy12feb12,1,616300.story - - - - - - - - - - Killer-for-hire Web site prompts arrest Police arrested a 25-year-old college senior Wednesday on charges of conspiring to murder for operating a killer-for-hire Web site and taking thousands of dollars from his customers. In one case, the student, identified only by his surname Kim, received the equivalent of $8,600 from a 22-year-old woman who wanted her ex-boyfriend and his wife murdered, said Chung Dong-yul, a police investigator in the city of Daegu. http://www.cnn.com/2004/TECH/internet/02/12/killer.site.ap/index.html - - - - - - - - - - Mob charged with phone sex rip-off Mobsters ripped off users of telephone sex lines and dating services to the tune of $200 million in what U.S. officials said was a new method by organized crime families to make money illegally. Indictments announced by the U.S. attorney in Brooklyn on Tuesday said Gambino crime family members advertised "free" samples of phone sex, horoscope or dating services but once customers made the call, a $40 monthly fee would be automatically added to their telephone bills. http://www.cnn.com/2004/TECH/ptech/02/12/mob.phonesex.reut/index.html - - - - - - - - - - Nachi variant wipes MyDoom from PCs A new variant of the Nachi worm which attempts to cleanse computers infected by MyDoom and download Microsoft security patches to unprotected computers has careened onto the Net this morning. Nachi-B (AKA Welchi) uses the same security vulnerability exploited by the Blaster worm to spread. http://www.theregister.co.uk/content/56/35524.html http://www.theinquirer.net/?article=14111 http://www.vnunet.com/News/1152735 http://www.pcpro.co.uk/?http://www.pcpro.co.uk/news/news_story.php?id=53533 SCO waits for MyDoom attacks to end http://zdnet.com.com/2100-1105_2-5158340.html MyDoom dies today http://www.theregister.co.uk/content/56/35516.html Do you believe in DJ virus http://www.pcpro.co.uk/news/news_story.php?id=53538 Firms put the SWAT team on viruses http://www.globetechnology.com/servlet/story/RTGAM.20040212.wkapi0212/BNStory/Technology/ - - - - - - - - - - Viral adware annoys IM users Security watchers are warning users to beware of adware programs that can turn instant messaging (IM) fans into unwitting spammers. Currently, an adware program known as BuddyLinks is reported to be spreading through the AOL instant messaging community. http://www.vnunet.com/News/1152734 - - - - - - - - - - Microsoft tracks possible Windows code leak Microsoft is investigating the possibility that a file posted to several underground sites and chat rooms contains some protected source code to Windows 2000. The 203MB file contains the code that appears to be from Microsoft's enterprise operating system, but the code is not complete, said Dragos Ruiu, a security consultant and the organizer of the CanSecWest security conference, who has examined the file listing. http://zdnet.com.com/2100-1104_2-5158496.html - - - - - - - - - - GE Energy acknowledges blackout bug A programming error has been identified as the cause of alarm failures that might have contributed to the scope of last summer's Northeast blackout, industry officials said Thursday. Ralph DiNicola, spokesman for FirstEnergy Corp., said the utility has since applied fixes developed by the system's vendor, General Electric Co., and has accelerated plans to replace GE's XA/21 with a system from French nuclear engineers Areva SA. http://www.securityfocus.com/news/8032 - - - - - - - - - - FTC, international coalition crack down on misleading Web sites The Federal Trade Commission and more than two dozen consumer protection agencies around the world are participating in a three-day sweep to identify and crack down on Web sites that mislead consumers. The International Internet Sweep, which began Tuesday, is being coordinated by the Australian Competition and Consumer Commission (ACCC). The sweep is focusing on what the agencies call too-good-to-be-true Web sites that prey on consumers by offering them bogus get-rich-quick schemes, work-at-home schemes, and free offers that are anything but. http://computerworld.com/securitytopics/security/story/0,10801,90162,00.html - - - - - - - - - - DDoS attacks go through the roof The growing prevalence of criminally motivated DDoS attacks calls for a fundamental rethink in how enterprises approach security. Companies typically bolster the security infrastructure only after they are attacked. But this approach is misguided and costly, according to Paul Lawrence, EMEA general manager at security outfit Top Layer. Lawrence is fed up with ambulance chasing ("its a strain on our resources") and is urging companies to become more pro-active in shoring up their defences. http://www.theregister.co.uk/content/55/35531.html - - - - - - - - - - Cisco develops WLAN security protocol to defeat password attacks Cisco Systems Inc. has developed a new wireless LAN security protocol designed to defeat brute force dictionary attacks that capture a user's passwords, and it submitted a draft of the protocol to the Internet Engineering Task Force (IETF) on Monday. http://computerworld.com/securitytopics/security/story/0,10801,90163,00.html - - - - - - - - - - IBM Centralizes Security for the zSeries Mainframe Continuing its broad strategy of infrastructure simplification, IBM Thursday introduced new security features for its latest mainframe operating system software to help centralize control of an environment that requires several tiers of security. http://www.internetnews.com/ent-news/article.php/3311951 - - - - - - - - - - Peril in Microsoft's Laxity Microsoft's announcement Tuesday that it will warn consumers about a "critical" problem in its Windows software more than six months after it learned about the flaw illuminates the danger of leaving national cyber-security largely unregulated and unwatched. (LA Times article, free registration required) http://www.latimes.com/technology/la-ed-microsoft12feb12,1,6639988.story PC Advisor readers hacked off with patching http://www.pcadvisor.co.uk/index.cfm?go=news.view&news=3819 - - - - - - - - - - Automating Windows Patch Management: Part I Patch management could easily be called the bane of every administrator's existence, the pain in the rear of system management, or that never ceasing headache that pounds at CIOs everywhere. And I use the term "management" loosely. http://www.securityfocus.com/infocus/1760 - - - - - - - - - - Bugwatch: The emergence of convergence Each week vnunet.com asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week Natasha Staley, information security analyst at MessageLabs, considers the sinister and growing trend of spammers and virus writers incorporating each others' tactics. http://www.vnunet.com/News/1152727 - - - - - - - - - - ACLU urges halt to CAPPS II Congress should stop development of a controversial passenger screening system until many planning issues are addressed, privacy advocates said today. In a report released today, officials at the General Accounting Office found serious flaws in the planning of the Transportation Security Administration's Computer Assisted Passenger Prescreening System II (CAPPS II). http://www.fcw.com/fcw/articles/2004/0209/web-aclu-02-12-04.asp GAO sees CAPPS II delays http://www.fcw.com/fcw/articles/2004/0209/web-cappsII-02-12-04.asp http://computerworld.com/securitytopics/security/story/0,10801,90157,00.html Congress Slams CAPPS II http://www.wired.com/news/politics/0,1283,62270,00.html Government rethinks ID database plans http://www.vnunet.com/News/1152725 - - - - - - - - - - Dealer Conned Into Shipping $123,000 BMW To N.J. Teen By posing as a banker, a teenager was able to induce an Ohio dealership to deliver a $123,000 BMW to his high school, and then order a second luxury vehicle, police said. The second one was never shipped, and the first car, with "black sapphire metallic" paint and a heated steering wheel and seats, was found in Raleigh, N.C., Detective Scott Davis of the Dublin, Ohio, police said Thursday. "He apparently sold the car, and it ended up in a dealership in North Carolina," Davis said. The teen was arrested at his Jersey City home after Midwestern Auto Group in Dublin learned from its bank that the payment was never made, police said. "I don't think we have ever had one like this. It's unique," Hudson County Assistant Prosecutor Gregory Tomczak told The Jersey Journal of Jersey City in Thursday editions. http://www.wnbc.com/money/2842494/detail.html - - - - - - - - - - D.C. police, EMS to get broadband Washington, D.C., is launching the nation's first broadband data network for emergency crews, an important step toward arming rescuers with the latest communication technology. The many benefits of the proposed high-speed wireless network include allowing emergency room doctors to see live video of a patient still in the ambulance, or police helicopters to stream live video to patrol cars. http://www.usatoday.com/tech/news/2004-02-11-dc-ems-broadband_x.htm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.