NewsBits for March 27, 2006 sponsored by Digital Investigation - The International Journal of Digital Forensics & Incident Response - www.digitalinvestigation.net ************************************************************ Israeli Couple Jailed over Computer Virus An Israeli couple convicted of inventing a computer virus that set off a major industrial espionage investigation were sentenced to jail on Monday, court documents showed. http://www.eweek.com/article2/0,1759,1943123,00.asp http://news.zdnet.com/2100-1009_22-6054116.html http://www.theregister.co.uk/2006/03/27/israeli_spyware_duo_jailed/ - - - - - - - - - - Berkeley man pleads guilty to Internet fraud When an Internet site last year offered a luxury automobile for sale for $20,000, a Pennsylvania man forwarded a $2,500 down payment to the seller. The problem was, the seller, 29-year-old David M. Calabretta of Berkeley, didn't have the BMW to sell. So the purchaser never received it. http://www.app.com/apps/pbcs.dll/article?AID=/20060324/NEWS02/603240452/1070 - - - - - - - - - - Russian web site offered eBay account info for $5 EBay Inc. helped to shut down a Russian Web site this week that was offering to sell stolen customer account information for as little as $5 each. Armed with an eBay customer's log-in and password, a fraudster could post items for sale, collect payments and then never deliver the goods. The site was also offering to sell a handful of PayPal accounts. http://www.computerworld.com/securitytopics/security/cybercrime/story/0,10801,109881,00.html http://www.techworld.com/security/news/index.cfm?RSS&NewsID=5652 PayPal Security Flaw Makes eBay and PayPal Users Vulnerable to Phishers http://auctionbytes.com/cab/abn/y06/m03/i24/s00 - - - - - - - - - - Terrorist 007, Exposed For almost two years, intelligence services around the world tried to uncover the identity of an Internet hacker who had become a key conduit for al-Qaeda. The savvy, English- speaking, presumably young webmaster taunted his pursuers, calling himself Irhabi -- Terrorist -- 007. He hacked into American university computers, propagandized for the Iraq insurgents led by Abu Musab al-Zarqawi and taught other online jihadists how to wield their computers for the cause. http://www.washingtonpost.com/wp-dyn/content/article/2006/03/25/AR2006032500020.html http://www.it-observer.com/news/5942/terrorist_007_exposed/ - - - - - - - - - - Four 419 scammers indicted, 800 to go A grand jury in New York has returned a 10-count indictment against three of Nigerian defendants recently arrested in Holland and an 11-count indictment against a fourth suspect. http://www.theregister.co.uk/2006/03/27/419_scammers_indicted/ - - - - - - - - - - Dallas man receives five-year sentence A 50-year-old Dallas man received a five- year, three-month prison sentence this week on a child pornography charge. Paul Gillespie Greenlee pleaded guilty in September to one count of possession of child pornography in interstate commerce. http://www.heralddemocrat.com/articles/2006/03/26/texas_news/state09.txt - - - - - - - - - - Man Convicted Of Possessing Child Porn Gets 30 Days In Jail David Kindquist will only spend 30 days in jail for possessing child pornography. That's the ruling from a district court judge in Snow Hill. He also won't have to register as a sex offender. According to the state's attorney, that's because possession is not a sexual offense, but that doesn't mean there's no victim in this crime. http://www.wmdt.com/topstory/topstory.asp?id=2073 - - - - - - - - - - Band director charged with sex crimes A longtime band director at Spring Lake Park High School was charged Friday with two counts of first-degree criminal sexual conduct and one count of solicitation of a child. Michael William Schleicher, 55, of Ham Lake had oral sex with a female student on school grounds beginning when she was 14, according to the criminal complaint filed Friday in Anoka County District Court. The girl is now 27. He also encouraged someone he thought was a child to engage in sexual conduct over the Internet, the complaint stated. The "child" was actually an adult man living in the Cayman Islands, who turned over information about Schleicher to police. http://www.twincities.com/mld/pioneerpress/news/local/14182214.htm Freelance Web cops chase child predators One was a Coast Guard seaman from Duluth who allegedly set out last month to meet someone he thought was a 13-year-old girl at the Mall of America. The other was a Spring Lake Park band director who was charged Friday in Anoka County with soliciting a child online and having oral sex with a student. In both cases, the men were "caught" by a citizen posing as a minor on the Internet. http://www.centredaily.com/mld/centredaily/news/nation/14180989.htm - - - - - - - - - - Royal sir had child filth A TEACHER at Princess Eugenies public school downloaded child porn on his computer, a court heard on Friday. Andrew Richards, a housemaster at posh PS23,000-a-year Marlborough College, Wilts, found pictures of naked boys on the internet. Prints of the vile images were found in his flat at the school. http://www.thesun.co.uk/article/0,,2-2006130912,00.html - - - - - - - - - - 'Computer infected with virus' A teacher accused of storing child porn on a computer claimed his PC had been infected with a virus which dialled porn websites, a jury heard. Pornographic material was found on a PC at a Conservative association which had been used by Robert Dockerill. http://www.tmcnet.com/usubmit/2006/03/25/1488145.htm - - - - - - - - - - Investigation turns up 8,000 child porn images Investigators have found 8,000 digital images of child pornography inside a two-family home in Allegan County. Three residents of the house have been charged. They include a 56-year-old man, his 26-year-old son and a 73-year-old man from another family. http://www.wwmt.com/engine.pl?station=wwmt&id=24870 - - - - - - - - - - Child porn case leads to major grow op A child sexual assault investigation in Saanich has led police to the second largest marijuana grow operation ever found in Shawnigan Lake. The multi-million dollar operation was housed in an outbuilding on a large rural property on Renfrew Road. http://www.cowichannewsleader.com/portals-code/list.cgi?paper=9&id=615986 - - - - - - - - - - Police Use MySpace to ID Suspects Detectives used profiles posted on the MySpace social networking website to identify six suspects in a rape and robbery that began when a party turned violent, leaving blood in almost every room of the house, officials said. Six men were arrested in connection with the Feb. 23 rampage, and a seventh suspect was being sought, Detective Ali Bartley said Friday. The victim, whose name was withheld, became acquainted with the suspects through MySpace, authorities said. http://www.it-observer.com/news/5941/police_use_myspace_id_suspects/ http://www.cnn.com/2006/US/03/25/my.space.ap/index.html http://www.usatoday.com/tech/news/2006-03-25-myspace-arrests_x.htm http://www.theregister.co.uk/2006/03/27/myspace_crime/ - - - - - - - - - - Registrar Joker.com suffers attack Domain-name registrar Joker.com acknowledged this weekend that distributed denial-of-service attacks had caused numerous problems for customers that use its domain-name service (DNS) servers to advertise the Internet addresses of their domains. http://www.securityfocus.com/brief/172 - - - - - - - - - - UK users targeted by banking Trojan A Trojan designed to capture your online banking details and direct them to a third party has been found in the wild, and attacks have been reported across Western Europe Two Trojan horses with distinctive traits have been flagged by security researchers: one that hijacks one-time-use passwords, and another that hides behind a rootkit. http://news.zdnet.co.uk/0,39020330,39259632,00.htm - - - - - - - - - - State lets out private data The state Employment Development Division confirmed Thursday that it sent out about 64,000 tax forms containing Social Security numbers and income information to the wrong addresses, potentially exposing those taxpayers to identity theft. The 1099 tax forms, which summarize annual benefit payouts, were sent to people who had changed addresses over the past 18 months and had received unemployment, paid family leave or disability payouts from the state. http://www.siliconvalley.com/mld/siliconvalley/business/special_packages/security/14178469.htm - - - - - - - - - - Offshore outsourcing cited in Florida data leak Florida state employees are being warned that their personal information may have been compromised after work on the state's People First payroll and human resources system was improperly subcontracted to a company in India. http://www.computerworld.com/securitytopics/security/story/0,10801,109938,00.html - - - - - - - - - - Justice Department responds to lawmakers' wiretapping probe Democrat John Conyers of Michigan dismissed as evasive and unresponsive the late Friday response from the Justice Department to a House Judiciary Committee inquiry into the National Security Agency program of wiretaps without warrants. http://www.govexec.com/story_page.cfm?articleid=33697&sid=28 - - - - - - - - - - House Panel Preps ID Theft Law Republicans and Democrats have reached a compromise on legislation mandating data brokers disclose to consumers certain unencrypted breaches of their personal information. The accord comes almost five months after a subcommittee of the panel approved the Data Accountability and Trust Act (DATA Act) over the strenuous objections of Democrats who argued the legislation lacked any real teeth. http://www.internetnews.com/bus-news/article.php/3594136 - - - - - - - - - - GAO: IRS security is weak Taxpayers financial and personal information remains at risk because the Internal Revenue Service has not yet strengthened its information security measures, according to a new Government Accountability Office report. http://www.fcw.com/article92737-03-24-06-Web http://computerworld.com/securitytopics/security/story/0,10801,109966,00.html Union decries IRS for security weaknesses http://www.fcw.com/article92747-03-27-06-Web IRS cracks down on phishers http://www.fcw.com/article92749-03-27-06-Web - - - - - - - - - - Microsoft tests fix for IE bug as exploits appear A recently identified security hole in the Internet Explorer browser is being exploited, and Microsoft Corp. hopes to include a fix for it in its April 11 patch or possibly sooner, according to a posting on a Microsoft blog. So far, attacks are limited in scope, Stephen Toulouse, head of Microsoft's Security Response Center, wrote on the center's blog Saturday. http://www.computerworld.com/securitytopics/security/holes/story/0,10801,109943,00.html?source=x584 http://www.techweb.com/wire/security/183702818 http://news.zdnet.com/2100-1009_22-6053961.html http://news.zdnet.com/2100-1009_22-6053912.html http://www.vnunet.com/vnunet/news/2152843/microsoft-step-bugs Email attachment vector for IE create TextRange() Remote Command Execution http://www.it-observer.com/news/5939/email_attachment_vector_ie_createtextrange_remote_command_execution/ - - - - - - - - - - Microsoft creates public bug database for IE Microsoft is for the first time encouraging people to give public feedback on Internet Explorer, with the creation of a bug database for the next version of its browser, IE 7 beta. http://news.zdnet.co.uk/software/applications/0,39020384,39259531,00.htm - - - - - - - - - - Credit-monitoring agency beefing up online operations With more consumers monitoring their credit records online to fight fraud and protect themselves from identity theft, online credit- monitoring service TrueCredit has decided to ramp up its Web infrastructure to keep pace with demand. http://computerworld.com/developmenttopics/websitemgmt/story/0,10801,109969,00.html - - - - - - - - - - UK workers abuse net access Smut surfing - and worse - still rife. Staff misuse of internet access is still rife in the UK despite improvements over the last two years. Office workers frequently access inappropriate websites or goof about surfing the net instead of getting on with their work, according to findings from the 2006 Department of Trade and Industry's (DTI) biennial Information Security Breaches Survey. http://www.theregister.co.uk/2006/03/27/net_misuse_dti_survey/ - - - - - - - - - - Portable Storage Devices Pose IT Security Risk Baptist Memorial Health Care Corp. in Memphis recently found itself dealing with a proliferation of user-owned plug-and-play USB port drives that posed a security risk to sensitive patient data. http://www.computerworld.com/securitytopics/security/story/0,10801,109911,00.html - - - - - - - - - - Thefts prompt products that do more to secure laptops The latest in computer security is a throwback to old-fashioned safety. Recent thefts of laptops with sensitive corporate data have prompted more companies and individuals to snap up everything from locks to tracking software to protect data from PC snatchers. http://www.it-observer.com/news/5943/thefts_prompt_products_that_do_more_secure_laptops/ Laptop Thefts Prompt New Security Tactics http://www.newsfactor.com/story.xhtml?story_id=123000033S2O http://www.usatoday.com/tech/news/computersecurity/2006-03-26-laptop-security_x.htm - - - - - - - - - - Cybersquatters Try New Tactics Cybersquatting the domain name of a celebrity and selling it for a king's ransom was one of the great get-rich-quick schemes of the early internet. But since courts now tend to favor the star over the squatter, a new kinder, gentler cybersquatting tactic has emerged. http://www.wired.com/news/technology/internet/0,70475-0.html - - - - - - - - - - Innovate IT to hold certified ethical hacker course Innovate IT is holding a Certified Ethical Hacker (CEH) course targeted towards IT professionals who want to defend their IT infrastructure from being trespassed. http://www.ameinfo.com/81464.html - - - - - - - - - - Neighborhood watch for phishing launches Whenever phishing e-mail came in, security professional Alex Eckelberry would check it out and often find that the fraudulent Web sites advertised in the spam were still online, waiting for victims. So, starting a few months ago, Eckelberry began taking some time out of his day to take action. He would analyze the phishing e-mail and contact the owner of the site hosting the scam, typically a hacked Web site on a server somewhere in the U.S. http://news.zdnet.com/2100-1009_22-6054372.html Phishers stick the boot into World Cup fans http://www.vnunet.com/vnunet/news/2152802/phishers-kick-world-cup-footie - - - - - - - - - - Researcher: DRM technology fails in practice Digital rights management (DRM) technology has deep flaws despite the hope of content providers that encrypted files will deter illegal file sharing, a computer security researcher said Monday. http://www.computerworld.com/securitytopics/security/hacking/story/0,10801,109947,00.html - - - - - - - - - - IBM service offers Billy Goat bait to hackers It worked in Jurassic Park, so why not on the Net? IBM's Business Consulting Services unit plans to start offering an intrusion-detection service that will masquerade as a group of servers on the network in order to trick hackers into revealing information about their attacks. http://www.computerworld.com/securitytopics/security/story/0,10801,109940,00.html http://news.zdnet.com/2100-1009_22-6054234.html - - - - - - - - - - Photos: Biometrics up close and personal Accenture believes biometrics are an 'intrinsic part of the future'. ZDNet UK visited the company's French labs to get a closer look at the identity technology http://news.zdnet.co.uk/hardware/emergingtech/0,39020357,39259778,00.htm - - - - - - - - - - The most prevalent wireless threats With the prevalence of mobile devices and the increasing use of wireless-aware applications, enterprises need to continually track the threats that they face and take steps to mitigate them. Interesting trends about the nature of wireless threats are emerging, and the WVE database has revealed product defects, user and client behavior, and advancement in attacks and tools as the most prevalent types of submissions thus far. http://www.it-observer.com/news/5945/the_most_prevalent_wireless_threats/ Mobile Madness: Securing the endpoint http://www.it-observer.com/articles/1088/mobile_madness_securing_endpoint/ - - - - - - - - - - Secure Your Applications From The Start Information security in financial services is one of the highest priorities for C-level executives. CEOs don't want the bad press and liabilities associated with a security breach, and CIOs know that their phones will be the first to ring if data is compromised. http://www.it-observer.com/news/5946/secure_your_applications_start/ Sidebar: Have a Key-Recovery Plan http://www.computerworld.com/securitytopics/security/story/0,10801,109829,00.html Sidebar: How Long will Today's Encrypted Data Be Safe? http://www.computerworld.com/securitytopics/security/story/0,10801,109827,00.html Encrypting Data at Rest http://www.computerworld.com/securitytopics/security/story/0,10801,109826,00.html Glossary of Terms: Storage Encryption http://www.computerworld.com/securitytopics/security/story/0,10801,109825,00.html - - - - - - - - - - What is Spyware Spyware and Adware viruses have rapidly become the number one threat to your computer with over 90% of computers already infected. These include Trojans, Web Bugs, Advertiser Software, Monitoring Software and more. Fortunately there are good spyware protection and adware spyware virus removal tools available. Sorting through them all to find the right one is a challenging task and an important decision to make. http://www.it-observer.com/news/5947/what_spyware/ S'kiddies get into spyware for just $15 http://www.theregister.co.uk/2006/03/27/spyware_diy/ ************************************************************ Digital Investigation is the international journal of digital forensics and incident response. To apply for a free sample copy visit: http://www.digitalinvestigation.net *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2006, NewsBits.net, Campbell, CA.