NewsBits for March 9, 2006 sponsored by Digital Investigation - The International Journal of Digital Forensics & Incident Response - www.digitalinvestigation.net ************************************************************ Debit card thieves get around PIN obstacle With consumers around the country reporting mysterious fraudulent account withdrawals, and multiple banks announcing problems with stolen account information, it appears thieves have unleashed a powerful new way to steal money from cash machines. http://www.msnbc.msn.com/id/11731365/ International Citibank Customers Shaken By Data Breach http://www.informationweek.com/news/showArticle.jhtml;j?articleID=181502068 Debit Card Compromise Spreads to Massachusetts http://www.eweek.com/article2/0,1759,1935640,00.asp Debit Card Fraud Tied to OfficeMax Breach http://www.eweek.com/article2/0,1759,1935677,00.asp - - - - - - - - - - Work-at-home mum in net filth conviction A US housewife has confessed to spamvertising internet porn sites in her spare time. Jennifer Clason, 33, of Raymond, New Hampshire, pleaded guilty to two offences under the US CAN-SPAM Act, and one count of criminal conspiracy, at a federal court hearing in Phoenix, Arizona on Monday. Clason, whose agreed to pay back the money she made from her anti-social activities, faces up to five years imprisonment on each count at a sentencing hearing scheduled for 5 June. http://www.theregister.co.uk/2006/03/09/housewife_net_filth_conviction/ - - - - - - - - - - Porn distributors detained The police on Tuesday detained some people on charges of spreading of child pornography during a national raid, Prague police spokesman Ladislav Bernasek said on Internet today. In twelve home searches, they confiscated nine computers through which the porn was spread and several dozen DVDs and CDs with child porn, Bernasek said, adding that the police have brought charges of corruption of morals against an unspecified number of perpetrators. http://www.praguemonitor.com/ctk/?id=4503 - - - - - - - - - - Ross man pleads guilty to child porn charge A Ross man, who federal prosecutors believe traveled across the state to have sex with a 2-year-old, pleaded guilty yesterday to one count of receiving child pornography. The other counts against Roderick T. Long, 41, including inducing a minor into illegal sexual activity, will be dismissed following his sentencing. He faces five to 20 years in prison when he is sentenced June 7. http://www.post-gazette.com/pg/06068/667268.stm - - - - - - - - - - Naked photos of former chief introduced into evidence at trial Graphic photographs depicting young children posing nude and engaged in sex acts along with photos of former Wapakoneta Police Chief David L. Harrison naked and masturbating were introduced into evidence by the state Wednesday. http://www.limaohio.com/story.php?IDnum=23402 - - - - - - - - - - Snooping flatmate finds child porn A MAN was caught with pornographic images of young boys after a flatmate rummaged through his garbage, a court has been told. Dale Joseph Davies, 53, from Clontarf in Brisbane's outer north, pleaded guilty in the Queensland District Court today to 19 counts of possessing child abuse computer games and one count of possessing child exploitation material. http://www.thesundaymail.news.com.au/common/story_page/0,5936,18401787%255E1248,00.html - - - - - - - - - - Judge scoffs at man's child-porn excuses A Winnipeg man's excuse that "stupid, morbid curiosity" drove him to download more than 1,200 images of child pornography didn't wash with a judge who said yesterday he will be haunted by the degrading images for a long time to come. http://winnipegsun.com/News/Winnipeg/2006/03/09/1479385-sun.html - - - - - - - - - - Congress Votes to Renew Patriot Act, With Changes Congress voted yesterday to renew a four-year-old anti-terrorism law that makes it easier for federal agents to secretly obtain Americans' records and communications, even as some lawmakers warned that voters are growing increasingly concerned about protecting civil liberties during the fight against terrorism. http://www.washingtonpost.com/wp-dyn/content/article/2006/03/07/AR2006030701082.html House panel moves to shield phone records http://www.msnbc.msn.com/id/11729321/ - - - - - - - - - - Phony IRS e-mails are latest phishing scheme Think you've got a refund coming from the Internal Revenue Service? Don't get tricked by a phony e-mail asking you for a little extra information, like your bank account number, before the IRS sends you that check. Yes, the tax-time phishing scams are hitting computers everywhere. http://www.freep.com/apps/pbcs.dll/article?AID=/20060307/BUSINESS06/603070391 Sharp Rise in IRS Tax Refund Phishing Attacks http://www.it-observer.com/news/5842/sharp_rise_irs_tax_refund_phishing_attacks/ - - - - - - - - - - China Closes Down Two Blogs and The Daily Music and Tech News Blogs by journalist Wang Xiaofeng and Yuan Lei were shut down on Wednesday. The shutdowns, by Chinese censors coincide with the annual 10-day session of Chinas parliament. The blogs were closed under government orders and are part of a recent trend of internet censorship. http://blogcritics.org/archives/2006/03/08/115736.php - - - - - - - - - - Denial-of-service hacking soars Denial-of-service (DoS) attacks, where hackers overload networks with data in an effort to disable them, have risen 50%, a security report says. The biannual Symantec Threat Report said phishing, where fraudulent e-mails demand passwords from unwitting users, rose 39% in the last six months. http://news.bbc.co.uk/2/hi/technology/4787474.stm - - - - - - - - - - Computer viruses a growing concern for UK companies Infection by viruses was the biggest single cause of the worst security incidents for UK companies in the past two years, accounting for roughly half of them, a new survey shows. Infection by viruses was the biggest single cause of the worst security incidents for UK companies in the past two years, accounting for roughly half of them, a new survey shows. http://www.businessweekly.co.uk/news/view_article.asp?article_id=10229 - - - - - - - - - - UK child porn sites hunted to extinction The Internet Watch Foundation (IWF), a not-for- profit organisation set up by the IT industry to monitor obscene images on the web, has reported that less than one per cent of the child pornography on the internet is hosted in the UK. http://www.whatpc.co.uk/vnunet/news/2151650/iwf-hunts-uk-child-porn-sites - - - - - - - - - - Firefox takes aim at phishers With a little help from Google? An upcoming version of Firefox will include protection against phishing scams, using technology that might come from Google. The phishing shield is a key new security feature planned for Firefox 2, slated for release in the third quarter of this year, Mozilla's Mike Shaver said in an interview on Tuesday. http://software.silicon.com/security/0,39024655,39157085,00.htm - - - - - - - - - - CeBIT: Conference patrons say security needs simplicity The variety of hardware- and software-based security offerings on display at CeBIT this year means a careful sorting for network administrators of how those products can meet their needs. But the overwhelming concern with security products -- regardless of whether they are hardware- or software-based -- is a desire for simple, fast deployment through organizations. http://www.computerworld.com/securitytopics/security/story/0,10801,109379,00.html ISPs must take lead in fighting spam http://www.theregister.co.uk/2006/03/09/itu_spam_report/ Learning-Based Approach to the Detection of SQL Attacks http://www.it-observer.com/articles/1075/learning_based_approach_detection_sql_attacks/ Oracle Secure Search: The Worlds Greatest Paradox? http://www.it-observer.com/news/5849/oracle_secure_search_worlds_greatest_paradox/ ecurity Issues in Software Applications Becomes Focus for Developers http://www.it-observer.com/news/5848/security_issues_software_applications_becomes_focus_developers/ - - - - - - - - - - UK supermarket trials fingerprint payment tech A UK supermarket chain is offering shoppers the option of authorising payment for their groceries using their fingerprints. Three Co-op stores in the Oxford area are trialling "Pay by Touch" in what's said to be the first European use of the technology. http://www.theregister.co.uk/2006/03/09/fingerprint_shopping_trial/ - - - - - - - - - - MP3 Players Means Intellectual Property risk Theft of data from organisations is set to become an even bigger problem due to the increased availability and capacity of MP3 type players. The storage on tiny, pocket-sized, machines such as the Apple iPod Video is so large that a whole laptop drive full of data can be downloaded. http://www.it-observer.com/news/5854/mp3_players_means_intellectual_property_risk/ - - - - - - - - - - IT: Many Bills, One Policy As at the last count, there were three different bills before the Nigerian Senate all aiming to advance the Information Technology industry, or at least a part of it, in Nigeria. There is the Cybercrime Bill still at the early stages of passage. There are both the NITDA bill and the IT Bill, 2004 at the Committee stage. In fact, the Senate Committee on Science & Tech headed by Senator Seidu Dansadau has been very busy in the last few months working on the bills. Only last December, the committee invited all stakeholders to make contributions to the NITDA bill. This week, the Committee was also host to stakeholders on the IT Bill. http://www.thisdayonline.com/nview.php?id=42572 - - - - - - - - - - Don't Talk to Invisible Strangers SANDI LESTER went to a safety meeting last week at her daughter's elementary school in Irvine, Calif., because she was concerned. When she left, she was frightened. The presentation, given by a police officer, was not about drug use or under-age drinking. It was about the latest parental fear: social networking Web sites. http://www.nytimes.com/2006/03/09/fashion/thursdaystyles/09parents.html The MySpace Age http://news.bbc.co.uk/2/hi/uk_news/magazine/4782118.stm - - - - - - - - - - Identity theft rooted in documents; shred them In the course of a busy day, you may write a check at the grocery store, charge tickets to a concert or game, rent a car, mail your tax returns, change your cell phone provider or apply for a credit card. Chances are you don't give these everyday transactions a second thought. But an identity thief does. http://www.registerguard.com/news/2006/03/07/ed.col.idtheft.0307.p1.php - - - - - - - - - - The key to cyber crime If phishing frauds are the visible side of online scams, then keylogging software is the invisible counterpart and the signs are that it is becoming a serious threat. Also called keystroke loggers, as their name suggests these tools capture whatever the user types on a computer keyboard. The tools can be software- or hardware-based; when used for criminal purposes users are unaware that such tools have been installed on their machines. http://www.siliconrepublic.com/news/news.nv?storyid=single6155 - - - - - - - - - - U.S. tests transit machines that could detect explosives Fare machine could find traces of explosives on fingertips. Hoping to thwart a potential attack on U.S. subways similar to the London public transit bombings last July, the U.S government is testing ticketing machines that would detect traces of explosives on the fingers of someone buying a subway ticket. The machines are equipped to detect traces of explosives on the fingertips of ticket buyers, said GE Security and transit systems company Cubic Corp., which jointly engineered them. http://www.computerworld.com/securitytopics/security/story/0,10801,109371,00.html - - - - - - - - - - Mum's a junkie whore and dad got devoured What do Nigeria and Manchester have in common - apart from war-ravaged areas where armed gangs battle for control of the local resources*? Well, according to the latest email to pop into the Vulture Central advance fee fraud inbox, it's a very tenuous command of the English language: http://www.theregister.co.uk/2006/03/09/manchester_419/ ************************************************************ Digital Investigation is the international journal of digital forensics and incident response. To apply for a free sample copy visit: http://www.digitalinvestigation.net *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2006, NewsBits.net, Campbell, CA.