NewsBits for November 5, 2004 ************************************************************ Ex-Austin student indicted for data theft A federal grand jury on Wednesday indicted a former University of Texas at Austin student for breaking into the school's computers and stealing 37,000 names and social security numbers. The university estimated the data theft cost the school $167,000 to recover the system affected by the breach and warned people about potential identity theft. http://news.com.com/Ex-Austin+student+indicted+for+data+theft/2110-1029_3-5441013.html http://www.usatoday.com/tech/news/computersecurity/hacking/2004-11-05-ut-hack-charge_x.htm - - - - - - - - - - Bushkill Twp. man sentenced in Internet child porn case A Bushkill Township man who transmitted child pornography over the Internet received eight years' probation Wednesday. Geary A. Gum, 52, of Henry Road, declined to comment before Northampton County Judge Leonard Zito on Wednesday. Gum in August pleaded guilty to four counts of sexual abuse of children. http://www.mcall.com/news/local/all-b5-3gumnov04,0,740403.story - - - - - - - - - - Pediatrician gets house arrest for child-porn In a show of leniency, a federal judge Wednesday sentenced a former pediatric physician to nine months of home confinement for possessing child pornography. Dr. Julius Goepp agreed to a sentence of up to 2 years and nine months under an agreement with prosecutors in which he pleaded guilty to possessing sexually explicit images of children on his home computer. He could have been sentenced to up to 10 years in prison under federal sentencing guidelines if convicted. http://www.cnn.com/2004/LAW/11/03/pediatrician.child.porn.ap/index.html - - - - - - - - - - Ex-weatherman to remain in jail, magistrate decides A U.S. magistrate denied an unshaven and shackled Bill Kamal bail Wednesday, deciding the former WSVN-Fox 7 meteorologist was a flight risk and a danger to society. Despite pleas from Kamal's attorney Jeffrey Voluck, Magistrate Frank J. Lynch denied bail for Kamal, who was arrested on the charge that he tried to lure a child into having sex with him. http://www.miami.com/mld/miamiherald/news/local/10093168.htm - - - - - - - - - - Suspect charged after seeking tryst with teen An alert, informed Rochester Hills mom is being credited in the arrest of a man who allegedly arranged a meeting for sex with her 14-year-old daughter via the Internet. Richard Max-Phillip Levitsky, 40, of Royal Oak was arraigned over the weekend on two felony counts, one each of child sexually abusive activity and communicating on the Internet with the intent to commit a crime. Each count carries a penalty of up to 20 years in prison. http://www.hometownlife.com/Rochester/News.asp?pageType=Story&StoryID=64338 - - - - - - - - - - Two Suspects Arrrested In Internet Sex Cases Investigators arrest two men they say were looking for sex with underage girls. Investigators say James Easterling of Fairborn used a computer to go into an online chat room and solicited sex from who he thought was a 14-year-old girl. The girl turned out to be a police detective. Police arrested Easterling who they say was also sending sexual material over the internet. And Dayton police say they discovered Eric Brooker of Dayton doing the same thing. Both Easterling and Brooker faces charges of importuning and child pandering. This is Fairborn's 20th arrest involving people looking for sex on the internet. http://www.whiotv.com/news/3891144/detail.html - - - - - - - - - - MI Attorney General Arrests Grand Rapids Child Predator Michigan Attorney General Mike Cox announced today the arrest of Allen Leroy Hoekstra, 50, of Grand Rapids, Mich., who used the Internet to send obscene images and arranged an encounter to take pictures of a 14-year-old girl persona that was actually an Attorney General Investigator. Hoekstra intended to capture images of the persona engaged in sexual acts with "sex toys." http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=109&STORY=/www/story/11-04-2004/0002356378&EDATE= - - - - - - - - - - Alleged DDoS kingpin joins most wanted list The fugitive Massachusetts businessman charged in the first criminal case to arise from an alleged DDoS-for-hire scheme has appeared on an FBI most wanted list, while the five men accused of carrying out his will are headed for federal court. Jay Echouafni, 37, is a fugitive from a five-count federal indictment in Los Angeles charging him with aiding and abetting computer intrusion and with conspiracy. http://www.securityfocus.com/news/9870 - - - - - - - - - - UNH Study Finds Internet Sex Offenders A Diverse Group A University of New Hampshire study says the profile of an Internet sex-offender isn't what you think it is. Janis Wolak is a researcher at the university's Crimes against Children Research Center and the study's lead author. She said Internet sex abusers usually are not the deceptive or violent predators often depicted in the media and the relationship between abusers and victims is more complicated than originally thought. http://www.thewmurchannel.com/technology/3842772/detail.html - - - - - - - - - - Police crack down on web weapons A national police operation to clamp down on the purchase of prohibited weapons over the internet has resulted in a number of arrests in its first week. The operation involves nearly all of the 49 police forces in the UK, which are gathering intelligence from website monitoring, HM Customs and Excise and the National Criminal Intelligence Service. Police officers posed as online buyers to trap the suspects. http://www.vnunet.com/news/1159207 http://www.theregister.co.uk/2004/11/05/met_guns_net/ - - - - - - - - - - Oslo cops shut down 'Kill Bush' website Norwegian police have shut down the satirical anti-Bush website killhim.nu (Kill Him Now) by Norwegian rap trio Gatas Parlament, daily newspaper Aftenposten reports. The site urged Norwegians to put a bounty on the head of president Bush. Norwegian police removed the site's content and replaced it with a fax notification of the closure. Police attorney Pal-Fredrik Hjort Kraby says the content was removed because it violated Norwegian harassment laws. http://www.theregister.co.uk/2004/11/05/kill_bush_website/ - - - - - - - - - - Bank accounts in online security scare British Internet bank Cahoot has plugged a flaw in its online security that could have enabled people to move freely in and out of other customers' accounts. Cahoot took the site down for 10 hours while it fixed the flaw, according to a representative for Abbey, Cahoot's parent financial institution. The problem was likely the result of an upgrade 12 days ago. http://news.zdnet.com/2100-1009_22-5440931.html http://news.zdnet.co.uk/internet/security/0,39020375,39172762,00.htm http://www.vnunet.com/news/1159191 Cisco, Wells Fargo face new security breaches http://computerworld.com/securitytopics/security/story/0,10801,97279,00.html A new, more sneaky phishing attack http://www.msnbc.msn.com/id/6416723/ - - - - - - - - - - Email worm poses as Osama videogram Emails claiming to contain video clips of terrorist mastermind Osama bin Laden are likely to be example of a new computer worm. The Famus-F worm normally arrives in the form of a bilingual English and Spanish email, with the subject line "More terrorism this year". The message body states: "Last speech from Bin Laden. Please forwards this video to everybody." http://www.theregister.co.uk/2004/11/05/osama_email_worm/ http://news.zdnet.co.uk/internet/security/0,39020375,39172757,00.htm http://www.vnunet.com/news/1159201 - - - - - - - - - - IE bug allows hackers to take over PCs Security watchdog the US Computer Emergency Readiness Team (US-Cert) has warned Internet Explorer (IE) users to update patches after it discovered a buffer overflow vulnerability that gives hackers local admin rights to execute arbitrary code on compromised PCs. http://www.vnunet.com/news/1159190 - - - - - - - - - - Virus writers elude Microsoft's bounty hunt Virus writers have a price on their heads--but it's done little to discourage them. In the year since Microsoft kicked off its Anti-Virus Reward Program, it has tallied only a single success. The program has offered $1 million to informants who help close official investigations into four major viruses and worms, and has another $4 million earmarked for future rewards, but the deluge of online threats has continued to swell. http://news.zdnet.com/2100-1009_22-5439456.html - - - - - - - - - - Fax.com barred from doing business in Idaho Idaho has won a court order permanently barring the advertising company Fax.com from doing business within the state. The Aliso Viejo, Calif.-based company is believed to be the largest volume ``fax-spammer'' in the nation, Idaho Attorney General Lawrence Wasden said Friday. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/10110305.htm - - - - - - - - - - Hollywood heads to court over movie-swapping The film industry is set to follow in the litigious path laid by music companies and take on illegal file-swapping in the courts. Hollywood studios are about to take the long-anticipated step of firing a barrage of lawsuits at some of the most prolific Internet pirates, echoing the legal strategy that the recording industry already has used with limited success. http://news.zdnet.co.uk/business/legal/0,39020651,39172740,00.htm http://www.newsfactor.com/story.xhtml?story_title=Next-Target--Movie-Downloaders&story_id=28170 File-Sharing Thrives Under Radar http://www.wired.com/news/digiwood/0,1412,65625,00.html - - - - - - - - - - Lawmaker: Beware of cyber-Pearl Harbor Future wide-scale terror attacks will be executed by a person sitting behind a computer, not necessarily by a suicide truck bomber or plane hijacker, a U.S. lawmaker predicted on Thursday. Counterterrorism agents are grappling with a new type of security threat--a malicious piece of computer code capable of disabling the world's critical infrastructure, from power grids to air traffic control networks. http://news.zdnet.com/2100-1009_22-5440377.html - - - - - - - - - - Ex-Bush aide: Countries spy through the Net The world's most advanced military powers are using the Internet to spy on their enemies and prepare digital attacks against rogue targets, a leading cybersecurity expert said on Friday. "When there's a major cyberincident, it's very difficult to prove most of the time who did it," said Richard Clarke, a former White House adviser on national security and cyberthreats. http://news.zdnet.com/2100-1009_22-5440367.html http://www.vnunet.com/news/1159204 Cyberterrorism is a misleading term, says expert http://news.zdnet.co.uk/internet/security/0,39020375,39172764,00.htm 30,000 botnets march across the Internet http://news.zdnet.co.uk/internet/security/0,39020375,39172864,00.htm - - - - - - - - - - Software piracy whistle-blowers get bigger rewards The Business Software Alliance is doubling the maximum reward it will pay to individuals who report companies that are using pirated software. The BSA--a trade group supported by Microsoft, Adobe Systems and other major software makers to enforce software licenses and copyrights-- announced on Friday that it is raising the ceiling on payments to U.K. whistle-blowers to $37,000(20,000 pounds) for reports received during November and December this year. http://news.com.com/Software+piracy+whistle-blowers+get+bigger+rewards/2100-1012_3-5440483.html http://news.zdnet.co.uk/business/legal/0,39020651,39172761,00.htm - - - - - - - - - - Online fraud tutorials... from the Secret Service? Until Wednesday one of the best public sources of information on how to use a stolen credit card number, forge a drivers license, defeat a burglar alarm or silence a firearm was a website under the control of the U.S. Secret Service. As a jaunty flourish in its high-profile roundup of fraudsters and forgers last Thursday, the agency took over Shadowcrew.com, a New Jersey-based online crime bazaar that sits at the center of the government's "Operation Firewall" investigation. http://www.securityfocus.com/news/9866 - - - - - - - - - - Symantec adds threat data to managed security services The data will be posted using its Secure Internet Interface. In a bid to expand its services business, Symantec Corp. next week plans to start selling security intelligence data as an add-on to its Managed Security Services. Users who pay Symantec to manage their security infrastructures will now also be able to get extensive information on threats particular to their IT systems as well as global cyberthreats, said Dee Liebenstein, group product manager at Cupertino, Calif.-based Symantec. http://computerworld.com/securitytopics/security/story/0,10801,97292,00.html Symantec builds double-clad security service http://news.zdnet.com/2100-1009_22-5440691.html - - - - - - - - - - Microsoft to provide early warning of security flaws Criticized for a program that only provided some of its largest customers with warnings on security problems in its products, Microsoft Corp. now says it will give all computer users early word on such issues. Beginning this month, the Redmond software giant will make public in advance how many security fixes it plans to release in its regular monthly bulletin, how severe the problems are and what products are affected. http://www.securityfocus.com/news/9867 http://software.silicon.com/security/0,39024655,39125659,00.htm Microsoft: Security requires teamwork http://news.zdnet.co.uk/internet/0,39020369,39172758,00.htms - - - - - - - - - - SonicWall to bolster next OS with antivirus scanning Security vendor SonicWall is expected to formally announce on Monday a new operating system that includes the capability for scanning for viruses at the gateway. http://news.zdnet.com/2100-1009_22-5440957.html - - - - - - - - - - RSA sees looming identity crisis online RSA Conference: Businesses must shift their online customers towards a federated identity policy if e-commerce is to take off, says RSA's director of technology. The director of technology for RSA, Andrew Nash, said that businesses need to move their online customers towards a federated identity policy or security threats could bring people to lose confidence in trading. http://news.zdnet.co.uk/0,39020330,39172722,00.htm - - - - - - - - - - DHS lays out five for '05 Continuing to build a common technology infrastructure for the Homeland Security Department's (DHS) 22 agencies and developing the workforce are two of the five priorities the department's chief information officers will focus on in 2005. http://www.fcw.com/fcw/articles/2004/1101/web-dhs-11-05-04.asp - - - - - - - - - - Making Web data permanent U.S. government information is supposed to be permanent, but Web links can break. Now, a federal group says Uniform Resource Names (URNs) can solve the problem. Officials at the Categorization of Government Information Working Group issued draft recommendations on interoperable standards for searchable identifiers and a proposed definition of government information. Draft recommendations on open and interoperable standards for the categorization of government information are set to begin a public comment period Nov. 9. http://www.fcw.com/fcw/articles/2004/1101/web-urn-11-05-04.asp - - - - - - - - - - Activists Slam Homeless Tracking A government drive to use the latest in database technologies to track and count the homeless, in order to better tailor services at shelters and food banks, actually puts battered women at risk, women's rights advocates say. Frustrated with the current annual homeless census, the Department of Housing and Urban Development is now requiring that regional associations of agencies helping the homeless start collecting and locally sharing detailed personal information, including social security numbers and disability information, from the homeless. http://www.wired.com/news/privacy/0,1848,65614,00.html - - - - - - - - - - Avoiding downstream liability We've seen it before: innocent and unsuspecting organizations that have their networked computers hijacked for use as pawns in attacks against other companies' networks. But what about when such hijacking can be averted? Is it the middleman's responsibility to prevent further dispersal of attacks? When a hacker sends a virus and/or infiltrates a system and then uses that system to break into or infect other systems, does it result in potential liability for the victim? http://computerworld.com/securitytopics/security/story/0,,97174,00.html - - - - - - - - - - Linux 'putting more bobbies on the beat' A Scottish police force is expanding its use of the open-source operating system, and says that the systems are allowing it to put more officers on the streets. A Scottish police force is extending its commitment to open- source software by developing a Linux-based system for ensuring it complies with the impending Freedom of Information Act. http://news.zdnet.co.uk/software/linuxunix/0,39020390,39172867,00.htm - - - - - - - - - - 419ers recruit asylum-seeking mortician Anyone who is currently reading El Reg in the rec room of an illegal immigrants' secure facility in the Home Counties in the hope that it might contain more useful pointers as to how to forge a UK ID card will certainly sympathise with the plight of poor old Liz Toon - Senegalese mortician on the edge: http://www.theregister.co.uk/2004/11/05/asylum_seeking_mortician/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.