NewsBits for August 8, 2005 ************************************************************ Hacker gets student data from California college The names and Social Security numbers of more than 61,000 students who applied to or attended Sonoma State University between 1995 and 2002 were accessed by a hacker last month, the university announced Monday. Katharyn Crabbe, SSU's vice president for student affairs and enrollment, said the hacker got into the files through seven campus computer work stations. http://www.mercurynews.com/mld/mercurynews/news/12334677.htm - - - - - - - - - - ID theft ring hits 50 banks, security firm says A major identity theft ring has been discovered that affects up to 50 banks, according to Sunbelt Software, the security company that says it uncovered the operation. The operation, which is being investigated by the FBI, is gathering personal data from "thousands of machines" using keystroke-logging software, Sunbelt said Monday. The data collected includes credit card details, Social Security numbers, usernames, passwords, instant-messaging chat sessions and search terms. Some of that data is then saved in a file hosted on a U.S.-based server that has an offshore- registered domain, according to Sunbelt. http://news.zdnet.com/2100-1009_22-5823591.html http://news.zdnet.co.uk/internet/security/0,39020375,39212451,00.htm http://www.eweek.com/article2/0,1759,1845248,00.asp http://www.newsfactor.com/story.xhtml?story_id=02100000GYER - - - - - - - - - - Man admits child-porn possession in plea deal A former Caltrans employee pleaded guilty yesterday to a misdemeanor charge of possession of child pornography. The former Oceanside resident's plea came in the latest case in a far-reaching federal investigation into pornographic Web sites featuring children in which several public officials and a San Diego priest have been convicted. David Wayne Brumfield, 55, also worked as a California Highway Patrol officer in the 1980s before he was convicted of felony sexual battery on a child in South Lake Tahoe, prosecutor Geoffrey Allard said. http://www.signonsandiego.com/news/northcounty/20050727-9999-7m27plea1.html - - - - - - - - - - Eleven More New Jerseyans Arrested In Child Porn Case State, federal and local authorities have arrested 11 Passaic County men and confiscated home computers following a federal probe into a Belarus Internet child porn provider. The men arrested Wednesday and Thursday were all charged with possession of child pornography, and most were released on bail following arraignments on Friday. http://www.newsday.com/news/local/wire/newjersey/ny-bc-nj--childporn-arrests0806aug06,0,6721616.story http://1010wins.com/topstories/local_story_219203624.html http://www.app.com/apps/pbcs.dll/article?AID=/20050807/NEWS03/508070428/1007 - - - - - - - - - - Former teacher ordered jailed pending child porn charges A retired Westport teacher was ordered jailed and placed on suicide watch Friday, two days after investigators said they found thousands of pornographic images of children in his home. Paul Held, 67, was arrested at his home in Westport Tuesday after he inadvertently left a CD full of child pornography, including what appeared to be lewd pictures of schoolchildren, in a computer he borrowed from a neighbor, federal investigators said. http://www.newsday.com/news/local/wire/connecticut/ny-bc-ct--teacher-childporn0805aug05,0,1248725.story - - - - - - - - - - New England College honors grad arrested in Florida A New Hampshire college honors graduate faces child pornography charges here after a computer repair technician found hundreds of pornographic images and videos on his laptop. Police arrested New England College graduate Seth Saidman at his Weston home on July 22. The 22-year-old was charged with ten counts of possessing child pornography. He was released on $100,000 bail. http://www.wtsp.com/news/news.aspx?storyid=17063 - - - - - - - - - - State investigation into Mercer case expected to conclude this week Wisconsin Department of Justice officials expect an investigation into allegations of computer misuse by former City of Fond du Lac Human Resources Director Ben Mercer to be completed sometime this week, a DOJ official said Friday. State Attorney General Peg Lautenschlager declined to comment further on the investigation into allegations that Mercer viewed images of child pornography on his office computer. The investigation has been under way since mid-April. http://www.wisinfo.com/thereporter/news/archive/local_22088826.shtml - - - - - - - - - - Advertising.com settles adware charges AOL unit to 'clearly and prominently' disclose SpyBlast will cause pop-ups. Advertising.com Inc., a unit of Time Warner Inc.'s America Online, agreed to settle federal charges that the company offered free security software without adequately disclosing that it also came with adware. http://www.msnbc.msn.com/id/8814483/ - - - - - - - - - - Doctors Drop Slander Suit Against Disgruntled Patient's Web Site In a case testing First Amendment rights on the Internet, a dentist and an oral surgeon in Florida have withdrawn a lawsuit trying to shut down a disgruntled patient's scathing Web site critical of their care. At issue was dentalfraudinflorida.com, a site created by Elaine Prentice of North Palm Beach, Fla. She electronically blasted the care she received from Dr. Leonard Tolley, a Lantana, Fla., dentist, from 1996 to 1998 and from Dr. Richard Kaplan, a West Palm Beach dentist and oral surgeon, from August 2002 until March 2003. http://www.law.com/jsp/article.jsp?id=1123232712508 - - - - - - - - - - Villar sounds alarm on Internet child pornography SENATOR Manuel Villar has filed a resolution for Senate to look into the alarming level of Internet-based child pornography in the Philippines. Villar, head of the Senate committee on public order and illegal drugs, said the "alarming prevalence of child pornography on the Internet involving Filipino children" calls for the strict enforcement of anti-pornography laws in the country. http://news.inq7.net/breaking/index.php?index=7&story_id=46256 - - - - - - - - - - German bank launches new system to combat phishing German retail bank Postbank AG has launched a new effort to prevent phishers from capturing and misusing transaction numbers required by online banking customers to make money transfers. The bank, which was hit by a major phishing attack last year, said today that it is the first in Germany to offer "indexed" transaction numbers, or iTANs. http://computerworld.com/securitytopics/security/cybercrime/story/0,10801,103780,00.html - - - - - - - - - - Electronic passports set to thwart forgers The U.S. passport is joining the digital age. After three years of research and discussion, the State Department has finalized most of the technical and logistical details of new, supposedly tamper-proof passports embedded with a "smart-card" chip. If current plans hold, they'll become standard issue for U.S. travelers as soon as February. http://www.usatoday.com/tech/news/2005-08-08-electronic-passports_x.htm - - - - - - - - - - Virus with SOCKS appeal targets corporate PCs A new variant of the Bagle virus incorporates a SOCKS proxy and Web services technology aimed at bypassing corporate firewalls, security experts have warned. http://news.zdnet.co.uk/internet/security/0,39020375,39212456,00.htm - - - - - - - - - - IM threats on the rise The number of new worms and other security problems hitting instant-messaging services in July, climbing 24 percent over the previous month, according to a survey by Akonix Systems. The company's Security Center tracked 42 new threats to corporate IM systems, including viruses such as Rant, Prex and Kirvo, Akonix announced Thursday. http://news.zdnet.com/2110-1009_22-5819229.html - - - - - - - - - - One in ten law firms suffered security breaches ACCORDING TO AN NOP World survey, 50% of law firms in the UK are missing basic security measures and just under half have no budget dedicated to digital security, despite the recently increasing IT security threats. http://www.theinquirer.net/?article=25159 - - - - - - - - - - Internet scammers keep working in Nigeria In Festac Town, an entire community of scammers overnights on the Internet. By day they flaunt their smart clothes and cars and hang around the Internet cafes, trading stories about successful cons and near misses, and hatching new plots. Festac Town is where communication specialists operating underground sell foreign telephone lines over which a scammer can purport to be calling from any city in the world. Here lurk master forgers and purveyors of such software as "e-mail extractors," which can harvest e-mail addresses by the million. http://www.siliconvalley.com/mld/siliconvalley/business/technology/12320885.htm Nigeria cracking down on e-scams http://www.cnn.com/2005/TECH/internet/08/08/nigeria.scammers.ap/index.html - - - - - - - - - - Microsoft's "monkeys" find first zero-day exploit Microsoft 's experimental Honeymonkey project has found almost 750 Web pages that attempt to load malicious code onto visitors' computers and detected an attack using a vulnerability that had not been publicly disclosed, the software giant said in a paper released this month. http://www.securityfocus.com/news/11273 - - - - - - - - - - The Rise of the Digital Thugs EARLY last year, the corporate stalker made his move. He sent more than a dozen menacing e-mail messages to Daniel I. Videtto, the president of MicroPatent, a patent and trademarking firm, threatening to derail its operations unless he was paid $17 million. http://www.nytimes.com/2005/08/07/business/yourmoney/07stalk.html - - - - - - - - - - ID cards: Home Office pursued over LSE rebuttal Home Office attempts to quash academics' criticism of the planned national identity system appear to have backfired badly, prompting a fresh round of questions about the scheme's chances of success. The London School of Economics says the Department's recent rebuttal of their critique of the Government's identity cards scheme was misleading and inaccurate, containing "substantial errors and misrepresentation of fact". http://www.theregister.co.uk/2005/08/08/lse_rebuts_home_office_rebuttal_on_id_card_costs/ - - - - - - - - - - Watch out! You may be responsible for gremlins in your corporate e-mail. Brace yourself: You could be legally responsible for worldwide network security. OK, that may be an overstatement, but it does capture the essence of what's ahead. Companies that pass viruses, worms or any type of malware to other companies via electronic transmissions such as e-mail could find themselves in court, say legal and security experts. And they could be held liable for damage done, even if they unintentionally spread such cyberpests. http://computerworld.com/securitytopics/security/story/0,10801,103696,00.html - - - - - - - - - - Terrorists Turn to the Web as Base of Operations In the snow-draped mountains near Jalalabad in November 2001, as the Taliban collapsed and al Qaeda lost its Afghan sanctuary, Osama bin Laden biographer Hamid Mir watched "every second al Qaeda member carrying a laptop computer along with a Kalashnikov" as they prepared to scatter into hiding and exile. On the screens were photographs of Sept. 11 hijacker Mohamed Atta. http://www.washingtonpost.com/wp-dyn/content/article/2005/08/05/AR2005080501138.html Al Qaeda and the Internet http://www.washingtonpost.com/wp-dyn/content/discussion/2005/08/05/DI2005080501262.html Briton Used Internet As His Bully Pulpit http://www.washingtonpost.com/wp-dyn/content/article/2005/08/07/AR2005080700890.html - - - - - - - - - - An Insider's View of 'Ciscogate' Attorney Jennifer Granick represented computer security researcher Michael Lynn in his conflict with Cisco and ISS at the Black Hat conference. The following is reprinted from her blog with permission. What follows is my take on "Ciscogate," the uproar over researcher Michael Lynn's presentation at this year's Black Hat conference, in which he revealed that he was able to remotely execute code on Cisco routers. http://www.wired.com/news/technology/0,1282,68435,00.html Cisco Flaw Raises Concerns, but Attacks Deemed Difficult http://computerworld.com/securitytopics/security/story/0,10801,103749,00.html - - - - - - - - - - The case of the stolen Wi-Fi: What you need to know Benjamin Smith III and Gregory Straszkiewicz both were arrested for allegedly stealing something no one could see, hear or feel. That thing was valuable enough for victims to press charges in both cases. But the arrests were over something many consumers throw out their windows every day: a Wi-Fi signal. http://www.computerworld.com/securitytopics/security/story/0,10801,103774,00.html - - - - - - - - - - Why Is It So Hard to Feed the Security Dog? o see how much work needs to be done in the world of computer security, take a look at the screen of anybody using the Mozilla Firefox Web browser. Inspect the top right corner of that program's window: If you see a small red arrow pointing upwards, you've found yet another person who isn't keeping up with this browser's bug-fix updates -- and yet another example of how even well-meaning users can still leave their computers less secure than necessary. http://www.washingtonpost.com/wp-dyn/content/article/2005/08/06/AR2005080600141.html Computer security not a telework hindrance, says advocacy group http://www.govexec.com/story_page.cfm?articleid=31935 - - - - - - - - - - Essex Police wants no-email Wednesdays Tough on email, tough on the causes of email The newly appointed head of Essex Police has asked staff to try and avoid using emails on Wednesdays. Chief constable Roger Baker, who took up his role last month, has asked staff to talk to each other whenever possible, rather than relying on email. The plan is to reduce email traffic on Wednesdays to a bare minimum. http://www.vnunet.com/vnunet/news/2140857/white-stilettos-allowed - - - - - - - - - - Justice sex offender Web site goes live The Justice Department has launched a Web site that allows the public to search for sex offenders in their communities. The National Sex Offender Public Registry (http://www.nsopr.gov), run by the Office of Justice Programs, can return a list of registered sex offenders through name, city, county or ZIP code searches. http://www.gcn.com/vol1_no1/daily-updates/36610-1.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.