NewsBits for March 24, 2006 sponsored by Digital Investigation - The International Journal of Digital Forensics & Incident Response - www.digitalinvestigation.net ************************************************************ New e-mail scam mimics Chase bank security alert messages A new phishing scam designed to steal customers credit, ATM or debit card and online banking information has been identified by bank officials. It has been reported that some customers are getting an e-mail with the Chase name and logo telling them to go to Chase.com to update their card information, but the link provided takes them to a different site, said Nancy Kissinger, president of Chase in Beckley. This scam e-mail mimics Chases security alert messages. http://www.sapulpadailyherald.com/business/cnhinsbusiness_story_080231338.html - - - - - - - - - - Trojan horses steal bank details, passwords Two Trojan horses with distinctive traits have been flagged by security researchers: one that hijacks one-time-use passwords, and another that hides behind a rootkit. The unrelated malicious programs, reported this week by security companies, represent new twists thought up by hackers in their development of Trojan horses, which are harmful programs disguised to look like innocent software. http://news.zdnet.com/2100-1009_22-6053849.html Trojan intercepts bank tokens http://www.theregister.co.uk/2006/03/24/trojan_captures_token/ - - - - - - - - - - Man fined for child porn offences A man has been fined $3,000 in Hobart's Supreme Court for accessing and possessing child pornography. Wayne Edward Quarrell pleaded guilty to the offences earlier this week. Quarrell, 62, accessed child porn on the Internet and saved some images onto his home office computer. http://www.abc.net.au/news/newsitems/200603/s1599780.htm - - - - - - - - - - No jail for retired youth centre manager A retired youth centre manager who had more than 1,000 indecent images of children aged two to fifteen on his computer and became "obsessed and captured by a sexual fantasy" has escaped a prison sentence. John Perrott, 66, of Bradwell, Essex, superimposed images of himself on to pictures of girls he knew to create indecent sexual scenes on his computer screen, Chelmsford Crown Court heard. http://www.24dash.com/content/news/viewNews.php?navID=7&newsID=4150 - - - - - - - - - - Child porn man escapes jail term A PAEDOPHILE who collected over 4,500 perverted images of children being abused has walked free from court. Christopher Smith, 23, of Broadley Park, North Bradley, admitted downloading the pictures for his own sexual gratification. Guidelines state he should have been jailed for at least a year but Judge John McNaught at Swindon Crown Court decided to instead impose a three-year probation order. http://www.thisiswiltshire.co.uk/news/headlines/display.var.714315.0.child_porn_man_escapes_jail_term.php - - - - - - - - - - Former Coach Pleads Guilty To Child Molestation A former Redmond youth baseball coach is pleading guilty to raping some of his players. As a result, Chris Stefanik, 37, could face nearly 20 years in prison, and prosecutors say there could be more victims. Prosecutors say Stefanik is a predator who made his home a virtual funhouse to lure boys into sex. http://www.komotv.com/stories/42566.htm - - - - - - - - - - Ada Man Pleads "No Contest" to Child Porn Charges An accused child pornographer is sentenced to 15 years in jail Thursday. Kenneth Francis Pierce made a plea bargain in Ada, for three different charges of child pornography. An 11 year-old girl was reportedly photographed naked in his home last September. Now, the 61 year-old will serve time in the Oklahoma Department of Corrections. He must serve 85-percent of his 15-year term... before he will be considered for parole. http://www.kten.com/Global/story.asp?S=4674550 - - - - - - - - - - Retired funeral director pleads not guilty Curtis J. Schmidt, the retired director of the West Bend and Jackson funeral homes that bear the family name, entered a plea of not guilty on the multitude of child pornography charges he faces. Attorney James Danaher, Schmidts lawyer, entered the plea before Ozaukee County Circuit Judge Paul Malloy on Wednesday. http://www.gmtoday.com/news/local_stories/2006/March_06/03232006_03.asp - - - - - - - - - - Teen charged with having child porn and weapons An East York teen faces 13 charges including two counts of possession of child pornography after investigators from Sex Crimes Unit found the 19-year-old was downloading it from the Internet. The accused was the subject of an undercover police investigation involving the downloading of child pornography images available on the Internet. http://www.towncrieronline.ca/main/main.php?direction=viewstory&storyid=5295 - - - - - - - - - - Child porn charges filed against man Police say Falls resident downloaded material A 27-year-old 12th Street man faces multiple felony charges for allegedly downloading child pornography to his home computer. Eric J. Babb is charged with three counts of illegal use of a minor in nudity oriented material and four counts of pandering sexually oriented material with a minor. In addition, he faces misdemeanor charges of illegal manufacturing of drugs, possession of criminal tools and possession of drug paraphernalia. http://www.ohio.com/mld/ohio/news/14175623.htm - - - - - - - - - - Canadian arrested in Anchorage on child porn charges A 32-year-old Canadian man is under arrest in Anchorage in connection with a child pornography case. Anchorage police were the lead authorities in the investigation that led to the arrest of Daniel Tan of Calgary, Alberta. Police launched an online investigation in December following allegations that Tan had made arrangements to travel to Alaska to have sex with children. http://www.ktva.com/topstory/ci_3633098 Child porn border bust fifth in '06 Another seizure of child pornography at the Coutts border crossing is a sign of growing vigilance among federal agents, their spokeswoman said yesterday. Tuesday's arrest of a Winnipeg man for possessing kiddie porn on a laptop computer also reflects a growing frequency of such busts, said Lisa White of the Canadian Border Service Agency. http://calsun.canoe.ca/News/Alberta/2006/03/24/1503140-sun.html - - - - - - - - - - Theft victim arrested on child porn complaints A man whose video camera was stolen at an Oklahoma City mall faces four child sexual abuse complaints after the contents of the camera's recordings were given to police. Authorities say 55-year-old Keramat Taghizadeh (Tah-GEE'-zuh-day) was arrested yesterday. Police reported that two teenagers stole a video camera that was on a counter at Crossroads Mall in southeast Oklahoma City. http://www.kten.com/Global/story.asp?S=4676082 - - - - - - - - - - Oklahoma city threatens to call FBI over 'renegade' Linux maker The heartland turned vicious this week when an Oklahoma town threatened to call in the FBI because its web site was hacked by Linux maker Cent OS. Problem is CentOS didn't hack Tuttle's web site at all. The city's hosting provider had simply botched a web server. This tale kicked off yesterday when Tuttle's city manager Jerry Taylor fired off an angry message to the CentOS staff. http://www.theregister.co.uk/2006/03/24/tuttle_centos/ - - - - - - - - - - U.S. beefs up child porn fight U.S. Attorney's office will seek maximum penalties, including against a Clio man charged with abuse. The U.S. attorney's office will seek maximum penalties for all who abuse or exploit children as part of a new initiative announced Thursday to fight child pornography. U.S. Attorney Stephen Murphy said he has assigned seven assistant attorneys, led by Assistant Attorney John O'Brien, to become experts on child exploitation cases. http://www.detnews.com/apps/pbcs.dll/article?AID=/20060324/BIZ04/603240370/1013 - - - - - - - - - - Web saboteurs wanted? Russian Duma praises hacker crew for defacing "Anti-russian" web sites. A group of Russian hackers were congratulated in the State Duma this week for unleashing a crippling patriotic cyber blow on an Israeli Web site that published anti-Russian ideas in a recent article. The congratulatory statement is believed to be the first official public statement by a government official giving thanks to Web site defacers for knocking offline an ideological foe. The decree will undoubtedly add to the debate of the existence of state-sponsored hacking groups. http://www.zone-h.org/en/news/read/id=206004/ - - - - - - - - - - Fixes in for RealPlayer flaws RealNetworks has warned of four flaws in its media player software, three of which pose a severe security risk. The Seattle-based digital media company released patches on Thursday to fix the problems. The bugs affect older versions of its flagship RealPlayer as well as of Rhapsody, Helix Player and RealOne Player. They aren't found in the most recent versions of RealPlayer and Rhapsody, according to a company advisory. The flaws are found in RealNetworks' software for Microsoft Windows, Mac OS X and Linux systems. http://news.zdnet.com/2100-1009_22-6053912.html - - - - - - - - - - DNS servers do hackers' dirty work In a twist on distributed denial-of-service attacks, cybercriminals are using DNS servers--the phonebooks of the Internet--to amplify their assaults and disrupt online business. Earlier this year, VeriSign experienced attacks on its systems that were larger than anything it had ever seen before, it said last week. The Mountain View, Calif.-based company, which helps companies do business on the Web, discovered that the assaults weren't coming from commandeered "bot" computers, as is common. Instead, its machines were under attack by DNS (domain name system) servers. http://news.zdnet.com/2100-1009_22-6053468.html - - - - - - - - - - Check Point calls off Sourcefire buy Security company Check Point Software Technologies called off its planned $225 million acquisition of intrusion-prevention firm Sourcefire on Thursday, a week before a federal watchdog was scheduled to release a report which insiders say would have blocked the merger on the grounds of national- security interests. http://www.securityfocus.com/news/11382 - - - - - - - - - - Fidelity lost HP's employee data to impress HP Given the recent spate of laptop losses affecting major companies, many of you have wondered why the likes of Fidelity and Ernst & Young would let crucial customer information leave their own servers and desktops in the first place. Well, in Fidelity's case, we've learned that the company had a really important demo to perform - one that apparently required it to load 200,000 HP workers' personal information on a laptop. http://www.theregister.co.uk/2006/03/24/hp_fidelity_laptop/ - - - - - - - - - - Exploits in the wild for IE6 flaw growing! Ok it's late Friday night but it's been a rough day for us security folks especially Microsoft. As I warned in my last blog "zero-day exploit for IE6 flaw released", this is VERY serious and it has all the markings of another WMF nightmare for Internet Explorer 6. There are probably more than 100 sites using the latest IE6 flaw on the loose and it's growing! According to a Microsoft spokesman I talked to, an out-of-band patch is on the table but nothing has been confirmed yet and they're watching the situation closely to see if an outbreak occurs. http://blogs.zdnet.com/Ou/?p=178 Microsoft mulls rushing out IE patch http://news.zdnet.com/2100-1009_22-6053961.html http://news.zdnet.co.uk/0,39020330,39259276,00.htm ************************************************************ Digital Investigation is the international journal of digital forensics and incident response. To apply for a free sample copy visit: http://www.digitalinvestigation.net *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2006, NewsBits.net, Campbell, CA.