NewsBits for April 15, 2004 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Two arrests under camcorder law New western The Alamo was one of the films allegedly recorded. Los Angeles police have made the first arrests under a new law targeting pirates who use camcorders in cinemas. Ruben Centero Moreno, 34, was arrested after the projectionist used night vision goggles to spot video cameras. And Min Jae Joun, 28, was arrested on suspicion of recording a screening of The Passion of the Christ on 10 April. http://news.bbc.co.uk/2/hi/entertainment/3628049.stm - - - - - - - - - - Man Sets Precedent In Virtual Porn Case Win A suburban Akron man has won his case in what may be the first court decision using a U.S. Supreme Court ruling that protects virtual images of child pornography as free speech. But Brian Sparks still faces a possible sentence of life in prison after being found guilty of rape charges. http://www.newsnet5.com/news/3008128/detail.html - - - - - - - - - - NetSky-V spreads on auto-pilot Yet another NetSky virus arrived on the scene today. NetSky-V spreads using a well known Internet Explorer vulnerability, connected with the handling of XML pages. Instead of depending on users double clicking on infectious email attachments, the worm can spread automatically across vulnerable Windows boxes. http://www.theregister.co.uk/2004/04/15/pesky_netsky/ http://www.vnunet.com/News/1154424 Get the right virus protection http://www.vnunet.com/Features/1154421 - - - - - - - - - - War of words rages over Internet taps The public comment period on a Justice Department proposal to make the Internet easier to wiretap ended Monday with most of the filed comments tracing a clean line between two opposing camps: on the government's side, federal, state and local law enforcement agencies who perform wiretaps, allied with companies who sell surveillance equipment and services; on the other, Internet companies who would be forced by the plan to make changes to their networks, along with advocacy groups concerned about slowed innovation and an incursion on Internet privacy. http://www.securityfocus.com/news/8454 Pushing to wiretap 'push to talk' http://news.com.com/2100-1039_3-5192653.html - - - - - - - - - - Harsh sentences loom for spammers Under new US law, senders of junk email will face similar penalties to those convicted of theft, fraud and property destruction. Spammers convicted under a recently enacted national anti-spam law could face stiff sentences under newly finalised government recommendations. http://news.zdnet.co.uk/business/legal/0,39020651,39152145,00.htm - - - - - - - - - - Senators Question TSA Denials Two senators on Wednesday asked the Transportation Security Administration whether the agency violated federal rules by helping its contractors acquire passenger data, and why the agency told government investigators it didn't have such data. Senate Governmental Affairs Committee chairwoman Susan Collins (R-Maine) and ranking member Joe Lieberman (D-Connecticut) asked the questions in a letter sent to Undersecretary for Border and Transportation Security Asa Hutchinson. http://www.wired.com/news/privacy/0,1848,63067,00.html - - - - - - - - - - Brits cheat insurance to get gadget upgrades More than one in 20 Brits has falsely claimed that a personal technology item, such as a mobile phone, camera or walkman, was lost or stolen in order to upgrade it with a newer version. http://www.theregister.co.uk/2004/04/15/insurance_fraud_rife/ - - - - - - - - - - 419ers plug into plasma TV market If your job has recently been outsourced, offshored or even rightshored or bestshored, then don't despair - a unique employment opportunity is about to hit an inbox near you. Yes indeed, leading Estonian plasma TV outfit Slim Display is looking for international representatives to punt its products to a gadget-hungry world: http://www.theregister.co.uk/2004/04/15/estonian_419/ - - - - - - - - - - Watch out: There's an ID thief about When someone says 'get a life', they don't generally mean 'take mine'. But that's exactly what happened to more than 100,000 people in the UK last year. ID theft - where someone steals the identity of another by conventional and electronic means - has become a huge problem. http://www.vnunet.com/Features/1154422 Phishing Scams: Statistics from mi2gIntelligence Unit http://www.crime-research.org/news/15.04.2004/205 - - - - - - - - - - Universities, research centers retrench after hacks Academic supercomputing labs continue to clean up Linux and Solaris servers targeted by unknown attackers over the last month, as law enforcement officials investigate the crimes. The attacks compromised servers at several supercomputing labs and universities, including the San Diego Supercomputing Center, the National Center for Supercomputing Applications and Stanford University. http://zdnet.com.com/2100-1105_2-5192304.html http://www.cnn.com/2004/TECH/internet/04/15/hackers.supercomputers.ap/index.html - - - - - - - - - - Vulnerability database opens The Open Source Vulnerability Database (OSVDB), the work of a group of security industry volunteers, was launched because of what its organizers believed was a lack of thorough tracking of vulnerabilities, despite the existence of numerous databases managed by private interests. http://www.fcw.com/fcw/articles/2004/0412/web-osvdb-04-15-04.asp - - - - - - - - - - EarthLink keeps tabs on spyware EarthLink is starting to keep score in its fight against spyware. The Internet service provider on Thursday said it found an average of nearly 28 spyware items on each PC it scanned during the first quarter. The company, in conjunction with Webroot Software, conducted a total of 1.06 million scans through its Spy Audit service. The majority of the items found were relatively harmless, EarthLink said, but some represented serious problems. http://zdnet.com.com/2100-1105_2-5192308.html http://www.cnn.com/2004/TECH/internet/04/14/earthlink.phishers.ap/index.html Free software sniffs out phishy Web sites http://msnbc.msn.com/id/4741973/ - - - - - - - - - - StealthWatch detects hard to find intruders In Texas, they have a saying that even a blind hog finds an acorn now and then. The saying applies to unpleasant experiences in identifying network attacks, such as when a user discovers an intrusion only because the hacker carelessly left a window open. As difficult as these network hacks are to find, the threat of undetected attacks is more disturbing. http://www.usatoday.com/tech/techreviews/products/2004-04-14-hacker-detector_x.htm - - - - - - - - - - Windows Update groans under patch load Windows Update struggled to cope with the load created by the release of four security patches on Tuesday night, prompting Microsoft to deploy extra servers to cope with demand. http://www.theregister.co.uk/2004/04/15/windows_update_upgrade/ - - - - - - - - - - Cisco releases WLAN security protocol Protocol defeats dictionary attacks aimed at capturing users' passwords. Cisco Systems Inc. announced the availability of a protocol that's designed to defeat brute-force dictionary attacks that capture users' passwords in its wireless LAN products. The company urged end users and systems administrators to download the related patch from its Web site. http://www.infoworld.com/article/04/04/15/HNciscoprotocol_1.html - - - - - - - - - - No silver bullet for security Each week vnunet.com asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week Phil Cracknell, chief technology officer at NetSurity, considers the need for continued corporate management investment in security. http://www.vnunet.com/News/1154403 - - - - - - - - - - Destructive Influence Everyone needs a good data destruction policy, and a lawyer standing by, to dispose of their sensitive media and devices. If you're interested in the sweep of history, as I am, then you really should find the time to read through Jacques Barzun's magisterial From Dawn To Decadence: 500 Years of Western Cultural Life: 1500 to the Present. http://www.securityfocus.com/columnists/234 - - - - - - - - - - Bad plumbers and leaking software Like a filthy carpet can feed unwelcome vermin, so bad practice in software development can support criminal intent. Only rigorous process will stop them feeding on crumbs from the developer's table. http://www.vnunet.com/Features/1154420 - - - - - - - - - - Basic Web Session Impersonation Understanding the threat. In the 1960's, it required the brilliance of Frank Abagnale Jr. (of "Catch Me If You Can" fame) to deceptively build a bank balance of colossal magnitude. Today, all one needs is a prying teenager with access to the Internet - a hair raising reality! http://www.securityfocus.com/infocus/1774 - - - - - - - - - - Wireless communication system now clear in DC subway tunnels Warning that public transit is a "prime target for terrorists," Mayor Anthony A. Williams on Wednesday announced the expansion of a wireless network to the city's Metrorail tunnels. Four years ago, District of Columbia firefighters' handheld radios were not working as they tried to rescue trapped subway passengers during a tunnel fire. City officials said D.C. area radios now have more reach than those in many other major metropolitan areas. http://www.usatoday.com/tech/wireless/phones/2004-04-14-wireless-dc-radios_x.htm - - - - - - - - - - Driver gets jail for speeding that killed man The Montreal motorist betrayed by his car's black box has been sent to jail for dangerous driving causing death. Eric Gauthier, 26, was sentenced yesterday to 18 months behind bars - less than a week before the third anniversary of his smashing into another vehicle at more than three times the speed limit. http://www.canada.com/montreal/montrealgazette/news/story.html?id=6a58a759-3fb5-4862-bbc0-39238d048874 *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.