NewsBits for April 29, 2004 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ UK police arrest copycat phisher A 21-year-old has been arrested on suspicion on running a phishing scam from his home in Lancashire. The unnamed man allegedly tried to trick users into revealed their bank account details by setting up a fake website, promoted through spam emails. Smile, the Internet banking arm of The Co-Operative Bank, reported the scam to the NHCTU last month. An investigation by officers from Britains National Hi-Tech Crime Unit and Lancashire Constabulary led to the arrest of a 21 year-old from Lytham St Annes in Lancashire, UK. The man has been arrested and bailed pending further investigation and examination of seized computers. http://www.theregister.co.uk/2004/04/29/police_arrest_uk_phisher/ http://www.vnunet.com/News/1154791 http://news.zdnet.co.uk/internet/security/0,39020375,39153336,00.htm Bugwatch: The future of phishing http://www.vnunet.com/News/1154803 - - - - - - - - - - U.S. hits four with criminal antispam charges U.S. authorities said today that they have arrested two e-mail marketers and are searching for two others in the government's first use of a new law designed to crack down on spam e-mail. U.S. agents raided a Detroit-area operation accused of sending out millions of e-mail advertisements for a fraudulent weight-loss patch, the Federal Trade Commission said. http://computerworld.com/governmenttopics/government/legalissues/story/0,10801,92756,00.html http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8543317.htm 'Can-Spam' Cops Can Arrest http://www.wired.com/news/ebiz/0,1272,63275,00.html http://www.gcn.com/vol1_no1/daily-updates/25779-1.html http://news.com.com/2100-7349_3-5201906.html - - - - - - - - - - Lawmakers vow to pass new law against spyware U.S. lawmakers vowed today to pass legislation to stop deceptive software even though regulators advised against any new laws. Both Republicans and Democrats on the House Energy and Commerce Committee said new laws were needed to stop the proliferation of so-called spyware, which hides in users' computers and secretly monitors their activities. http://computerworld.com/governmenttopics/government/legislation/story/0,10801,92762,00.html http://news.com.com/2100-1023_3-5202016.html http://msnbc.msn.com/id/4865172/ FTC officials blast spyware measures Two Federal Trade Commission officials ignited a political firestorm on Thursday by criticizing proposed laws targeting spyware and suggesting that the measures might harm legitimate software products, too. During an appearance before a House of Representatives panel, FTC Commissioner Mozelle Thompson said the measures were the wrong approach to spyware and adware. "I do not believe legislation is the answer at this time," he said. "Instead, we should give industry the time to respond...Self-regulation combined with enforcement of existing laws might be the best way to go." http://zdnet.com.com/2100-1104_2-5202016.html - - - - - - - - - - House panel prods Ridge on cybersecurity Bipartisan leaders of the House Select Committee on Homeland Security today sent a letter to Homeland Security secretary Tom Ridge pressing him for details on how the department is implementing cybersecurity policies and implying that the National Cyber Security Directorate should be elevated within the department. http://www.gcn.com/vol1_no1/daily-updates/25781-1.html - - - - - - - - - - Patriot Act Suppresses News Of Challenge to Patriot Act The American Civil Liberties Union disclosed yesterday that it filed a lawsuit three weeks ago challenging the FBI's methods of obtaining many business records, but the group was barred from revealing even the existence of the case until now. The lawsuit was filed April 6 in U.S. District Court in Manhattan, but the case was kept under seal to avoid violating secrecy rules contained in the USA Patriot Act, the ACLU said. The group was allowed to release a redacted version of the lawsuit after weeks of negotiations with the government. http://www.washingtonpost.com/wp-dyn/articles/A51423-2004Apr28.html - - - - - - - - - - Brussels tables data retention law The European Council has quietly proposed pan-European data retention laws that will require communications service providers to keep user data for a minimum of a year, and possibly indefinitely. The draft framework will apply to data generated by an exhaustive list of comms architectures and protocols: phone, text, MMS, email, Voice over IP, and Web communications among them. http://www.theregister.co.uk/2004/04/29/eu_data_retention_law/ - - - - - - - - - - FinCEN plans to modernize Bank Secrecy Act database The Treasury Departments Financial Crimes and Enforcement Network plans to update its computer database next year with a new data retrieval system, along with applications that will perform deeper analysis and improve data-mining capabilities. Banks report suspicious activity and other data through FinCENs Patriot Act Communications System, named for the bill that also authorized increased financial reporting in the wake of the Sept. 11, 2001, terrorist attacks. Banks must report when customers make unusually large deposits or withdrawals. http://www.gcn.com/vol1_no1/daily-updates/25782-1.html - - - - - - - - - - Hidden 'backdoors' worry security firms The recent spate of Netsky and Bagle worms is not just a problem now: it may compromise thousands of PCs for the foreseeable future, say security experts Software "back doors" that can give hackers full control over an infected PC are becoming more difficult to detect because of the sheer number of viruses and worms that can now distribute this type of malware, say security experts. http://news.zdnet.co.uk/internet/security/0,39020375,39153343,00.htm - - - - - - - - - - Microsoft SSL patch creating SSLowdowns Microsoft Corp. said yesterday that a recently released software patch for its Windows operating system is causing some Windows 2000 machines to stop responding after it is installed. Some systems that use security update MS04-011 stop responding when they start up, prevent users from logging onto Windows or bog down, Microsoft said in an article in its Knowledge Base online help database. http://computerworld.com/securitytopics/security/story/0,10801,92757,00.html - - - - - - - - - - Hardcore porn from a satellite near you THE invention of the geostationary satellite has revolutionised global communications, enabling effortless and instantaneous interaction between the farthest flung corners of our planet. It is also proving really useful for watching hardcore porn at home. This is of concern to the Australian Broadcasting Authority, which has started an investigation into three "adult" services, Free-X TV, BlueKiss and Sexz.TV, which it believes have been beamed into Australia from somewhere overseas - possibly Israel - since early this year. http://australianit.news.com.au/articles/0,7204,9419733%5E15841%5E%5Enbv%5E,00.html - - - - - - - - - - Holograms to help security A new direction in gathering evidence for ascertaining guilt of a person that committed computer crime is development of methods to apply holographic systems of information recording. Information on an object recorded by composite method of recording is uniformly distributed over a large area. This method determines a high density of information recording and its high reliability. All information recorded on a hologram is read with help of a beam of light simultaneously from the whole hologram with great speed. This method brings new immeasurable capabilities in the sphere of computers and other systems of information storing and processing. http://www.crime-research.org/news/29.04.2004/244 - - - - - - - - - - Hackers? What about rising damp? Infosecurity Europe 2004 A water leak or a failure in temperature control are just as likely to cause computer downtime as malicious attackers. But such so-called environmental issues are neglected until disaster strikes. Dave Watkins, managing director of monitoring appliance firm NetBotz, reckons firms worried about hackers should be even more concerned about physical threat management. http://www.theregister.co.uk/2004/04/29/it_environmental_sensors/ - - - - - - - - - - Hack Your Way to Hollywood An America Online customer service rep illicitly surfs the company's customer database, ferrets out private data on celebrity members and then hunts them down online under a false identity, seeking fame and fortune in Hollywood. Sound like a prelude to prison? Not in the case of Heather Robinson. The former AOL employee managed to parlay privacy violations into useful contacts in Hollywood. With the help of those contacts, Robinson, 25, landed a movie deal, and she's using her toehold in the industry to advance another. http://www.wired.com/news/culture/0,1284,63147,00.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.