High Tech "NewsBits" for 03/19/04

NewsBits for March 19, 2004 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Credit card data breach probed at BJ's stores A "possible compromise" in the computer systems used by BJ's Wholesale Club stores remains under investigation after the company learned that credit card information for some of its customers may have been stolen. The Natick, Mass.-based wholesale consumer buying club said in an announcement last week that a "small fraction" of its 8 million members may have been affected by the data thefts from its stores. The incidents are being investigated by credit card companies and law enforcement agencies. http://computerworld.com/securitytopics/security/story/0,10801,91412,00.html - - - - - - - - - - German police bust massive movie piracy ring More than 750 premises were raided - and 15 people arrested - in a crackdown against a huge Internet piracy network in Germany this week. The raids on 16 and 18 March targeted a network of pirates blamed for illegally distributing more than 500 German- language versions of popular films on the Net since 2001. http://www.theregister.co.uk/content/6/36396.html - - - - - - - - - - Business as usual for jailed 419er Australian police have charged the alleged ringleader of a massive advance fee fraud network with offences which they claim were committed since he was held on remand in October last year. Nick Marinellis, 39, faced 17 charges including obtaining money by deception and conspiracy to cheat and defraud. Investigators allege he conned victims out of AUS$5 million in a series of 419 scams. http://www.theregister.co.uk/content/6/36407.html - - - - - - - - - - Child predator gets four years, fine, in Hays County Former Dell Computer employee enters guilty plea for attempting to meet a 'child'. Texas Attorney General Greg Abbott and Hays County District Attorney Mike Wenk announced the guilty plea and sentencing today of Michael A. McDaniel, 43, of Pflugerville, a child predator who attempted to meet a 13-year-old "girl" for sex last August. Attorney General Abbott's Cyber Crimes Unit investigators, who impersonated the teenager in an Internet chat room, arrested McDaniel. http://www.familybadge.org/screenprint.cfm?newsletterid=5863 - - - - - - - - - - No jail time for child porn charge William Roland, 36, of 147 Chestnut Hill Road, pleaded guilty Monday to possession of child pornography in Uxbridge District Court. He was sentenced to 2 1/2 years in the House of Correction, suspended, and five years probation, court officials said. Roland was charged last March after a joint investigation by Millville and Dartmouth police found he had stored on computers more than 200 sexually graphic images of children, police said. http://www.milforddailynews.com/localRegional/view.bg?articleid=43961 - - - - - - - - - - Child Pornography Charges A Lincoln County man is in jail, charged with 15-counts of Possession of Child Pornography. And it seems this could be just the beginning. On Wednesday, a Union County detective was working on some leads in a case involving a 17-year old and some alleged prostitution. That investigation led authorities to 38-year old Michael Cox of Lennox. Authorities talked to Cox at his home and ultimately, executed a search warrant. That's when officials say they found pornographic images of children, both in still and video form, on a computer. http://www.ksfy.com/Global/story.asp?S=1722599&nav=0w0jLe43 - - - - - - - - - - Former school superintendent indicted for child porn A former Leavenworth school superintendent who resigned after sexually explicit images of children were found on his office computer faces child pornography charges. Former Cascade School District Superintendent Mark Lyons was indicted this week by a U.S. District Court grand jury on charges of possession of computer images of child pornography and distribution of child pornography computer images by e-mail transfer. http://www.kgw.com/sharedcontent/APStories/stories/D81D32KO0.html - - - - - - - - - - Elementary School Principal charged in porn case Charges have been served to St. Thomas Elementary Principal Michael Sens over a parent's complaint that Sens showed pornographic pictures to students in an attempt to discover their origin. Last month, Stacy Frueh, the mother of a student at St. Thomas, filed a complaint that the principal showed her child the inappropriate images. A Zanesville Police Department investigation into Frueh's complaint revealed that five boys, all eighth-graders, were called into Sens' office and shown pornography found on computer disks that were turned in with a school project. Sens displayed the images on his office computer to the students in an attempt to find out if they knew where the images came from. http://www.marionstar.com/news/stories/20040318/localnews/104633.html - - - - - - - - - - Park City policeman arrested A member of the Park City Police Department has been placed on administrative leave while Sedgwick County investigates criminal accusations against him. John K. Coleman is a "relatively new" full- time police officer, said Jack Whitson, director of economic development, planning and public works in Park City. Coleman previously worked for the Haysville Police Department. Police responded Monday to a report from P. Porsch-Coleman of a known white male being in possession of child pornography on his computer in Haysville. According to the Sedgwick County sheriff's report, evidence was submitted Monday afternoon. http://www.arkvalleynews.com/web/isite.dll?1079658884375 - - - - - - - - - - Child porn lands ex-IRS agent in jail A retired special agent of the Internal Revenue Service was free on bail Wednesday after allegedly buying 10 videos of child pornography through the Web, St. Lucie County sheriff's records show. John H. Morrell Jr., of the 1500 block of Southwest Nervia Avenue, was arrested on 10 felony counts of sexual performance by a child after sheriff's investigators and postal inspectors on Tuesday served a search warrant at his home. A sheriff's investigator learned this month from a postal inspector that Morrell, 60, had ordered videotapes depicting child pornography from an "undercover" Web site operated by the U.S. Postal Service. http://www.tcpalm.com/tcp/local_news/article/0,1651,TCP_16736_2738462,00.html - - - - - - - - - - New Bagle worms crawl through old MS hole Four new versions of the Bagle e-mail worm appeared on Thursday, and anti-virus experts warn that new techniques by the worm's creator could make it harder to stop the new variants. Software updates and alerts about Bagle.Q, R, S and T have been released. The new versions of the worm, which first appeared in January, do not carry file attachments containing the virus. Instead, they use a months- old Windows security hole to break into vulnerable machines, experts said. http://www.techworld.com/news/index.cfm?fuseaction=displaynews&NewsID=1236 http://news.zdnet.co.uk/internet/security/0,39020375,39149416,00.htm Vicious Worm Infects Without Attachment http://www.newsfactor.com/story.xhtml?story_title=Vicious_Worm_Infects_Without_Attachment&story_id=23458 Microsoft urges users to protect themselves better from viruses http://www.computerweekly.com/articles/article.asp?liArticleID=129328 Flaw stymies Norton Internet Security http://zdnet.com.com/2100-1105_2-5176442.html Report: Rise in virus attacks costs firms dearly http://zdnet.com.com/2100-1105_2-5176420.html - - - - - - - - - - Unholy trinity of Open SSL vulns Updated versions of Open SSL have been released following this week's announcement of three potentially troublesome security vulnerabilities. These could be exploited by attackers to launch denial of service attacks against routers or servers running the ubiquitous security protocol, security clearing house CERT warns. http://www.theregister.co.uk/content/55/36400.html - - - - - - - - - - Anti-piracy vigilantes stalk file sharers A pair of coders nurturing a deep antipathy for software pirates set off a controversy last Thursday when they went public with a months-old experiment to trick file sharers into running a Trojan horse program that chastises users and reports back to a central server. http://www.theregister.co.uk/content/55/36391.html - - - - - - - - - - Cyber terror suspects will be detained for 30 days in Russia The State Duma of the Russian Federation passed a new bill at the second reading. This bill increases the term of detention without charge or trial for detainees suspected of implication in terrorism, during investigation of a number of crimes, including cyber terrorism, from 10 to 30 days. Such amendments are offered to be made to the Criminal Code of the Russian Federation. http://www.crime-research.org/news/03.19.2004/144 - - - - - - - - - - Internet makes drug traffickers hard to catch The Internet and cellular telephones are making drug traffickers harder than ever to catch and the job will only become more difficult as technology develops, a U.S. anti-drug official said Thursday. http://www.usatoday.com/tech/news/2004-03-18-dea-dismay_x.htm - - - - - - - - - - AOL Blocks Spammers' Web Sites America Online Inc. has adopted a new tactic against spam: blocking its members' ability to see Web sites promoted by bulk e-mailers. The policy, which began earlier this year, opens a new front in the war on spam but also makes the Dulles company the first of its kind to push past the traditional Internet orthodoxy that service providers should be neutral conduits to anything the World Wide Web has to offer. http://www.washingtonpost.com/wp-dyn/articles/A9449-2004Mar19.html - - - - - - - - - - Report: Phishing attacks on the rise Despite a handful of successful criminal prosecutions and an increase in public awareness, February saw a marked increase in the number of new variations of the spam-borne swindle called "phishing," according to a report from an industry group released Friday. http://www.securityfocus.com/news/8289 - - - - - - - - - - Internet industry fears wiretap plan could chill innovation Before 8x8 Inc. launched an Internet phone service in late 2002, it drafted a business plan, set up its equipment, posted a Web site and began taking orders from customers. As with most online ventures, U.S. government approval wasn't needed. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8228362.htm - - - - - - - - - - Model hacker behavior Forget about patches. Researchers at the Florida Institute of Technology are looking for ways to fight hackers by modeling their methods, or "exploits." The research could eventually lead to new types of security tools capable of stopping attacks that hackers haven't even invented yet. http://computerworld.com/securitytopics/security/story/0,10801,91453,00.html - - - - - - - - - - AMD announces antivirus chip AMD has launched a new 32/64-bit processor designed with hardware-level antivirus protection. Launched at CeBIT in Hanover, the AMD Athlon 64 FX53 2.4GHz will run on 32-bit or 64-bit software. It features an antivirus system designed to block activation of executable malware by marking all memory with page tables and making it non-executable. http://www.vnunet.com/News/1153631 - - - - - - - - - - Study says security appliances are the way forward Small businesses are rolling out security appliances in place of security software, to reduce the cost of increasingly complex security requirements. Spending on server security appliances increased in Western Europe by 24% in 2003, with year-on- year growth of 46% in the final quarter of the year, according to IDC. http://www.microscope.co.uk/articles/article.asp?liArticleID=129306 - - - - - - - - - - DOD tries out biometric smart cards overseas The Defense Departments broadest smart card rollout for biometric authentication is happening in South Korea, Japan and Europenot the United States, Kenneth C. Scheflen told the Biometric Symposium 2004 in Washington. Scheflen, director of the Defense Manpower Data Center, said yesterday the pieces are not all there yet for an enterprise biometric solution. Vendors products are still closed to interoperability, he said, and the algorithms used for fingerprint comparison remain proprietary. http://www.gcn.com/vol1_no1/daily-updates/25350-1.html CIO Council to consider smart card rule http://www.fcw.com/fcw/articles/2004/0315/web-smart-03-19-04.asp - - - - - - - - - - In search of a cure for DDoS attacks You may not be aware that your business and personal Internet connections can be indiscriminately targeted for a Distributed Denial of Service (DDoS) attack at the whim of just about any other Internet user to whom your connection's IP address is exposed. What may also come as a surprise to you is that there isn't much you can do about it--not technically or legally. http://techupdate.zdnet.com/techupdate/stories/main/In_search_of_a_cure_for_DDoS_attacks_.html - - - - - - - - - - Security vital to successful remote working Wireless technology is fast becoming a ubiquitous business tool. Advances in technology and the rollout of broadband are both responsible, as is the growing number of parents working remotely from home thanks to flexible working regulations which came into force last year. http://www.vnunet.com/Features/1153653 Symantec wants to police small firms' networks http://news.zdnet.co.uk/internet/security/0,39020375,39149421,00.htm - - - - - - - - - - Internet fraud: little tricks and large losses Computer related crimes may cause weighty circumstances: irreparable loss of especially high-value information, break of important technical facilities, e.g. defence systems, navigator systems. In cases like that if caught and convicted the hacker could face up to 7 years of jail. http://www.crime-research.org/news/19.03.2004/141 Computer crimes fade into the background http://www.crime-research.org/news/19.03.2004/142 - - - - - - - - - - RFID helps create the paper computer CeBIT: Welcome to the world of intelligent paper. Smart parcels and pill packets could soon be sensing their environment and recording how you are feeling. Swedish technology firm Cypak has been demonstrating what it claims is the world's first disposable paper PC at CeBIT this week. http://news.zdnet.co.uk/communications/wireless/0,39020348,39149428,00.htm Privacy fears haunt RFID rollouts http://www.vnunet.com/News/1153667 RFID: Could Big Brother be watching someday? http://computerworld.com/mobiletopics/mobile/technology/story/0,10801,91446,00.html - - - - - - - - - - Smile! I'm calling police: Camera phones help nab crooks When Lisa Johnson saw a man exposing himself to her in a parking lot, she reached for her cell phone -- not to call 911, but to snap a picture. The images captured on her camera phone led police to the capture of the former principal of a nearby high school. After his arrest on public indecency charges last month, he resigned from a lower school job. http://www.cnn.com/2004/LAW/03/19/crime.fighting.camphones.ap/index.html http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8227182.htm - - - - - - - - - - Finish line in sight for FBI's Trilogy After a missed December 2003 deadline, the final piece of the FBI Trilogy modernization program should be completed by this spring, FBI Director Robert Mueller told lawmakers this week. The Virtual Case File system, the last piece of the modernization project, will allow agents to search, analyze and compile case information. It was initially slated for completion Dec. 13, 2003, but the contractor, Computer Sciences Corp., failed to meet the deadline. http://www.fcw.com/fcw/articles/2004/0315/web-fbi-03-19-04.asp - - - - - - - - - - China shuts down political Internet blogs China has shut down a pair of Web sites that were free-ranging user forums known as blogs, stepping up government attempts to control political discussion on the Internet, a media watchdog group reported even as one site reappeared Friday. However, a note Friday on the page of the second site, blogbus.com, said it was still closed due to content problems. http://www.usatoday.com/tech/world/2004-03-19-china-blogcensors_x.htm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.