NewsBits for March 30, 2006 sponsored by Digital Investigation - The International Journal of Digital Forensics & Incident Response - www.digitalinvestigation.net ************************************************************ Secret Service arrests 7 targeting online fraud The Secret Service yesterday announced seven arrests in five states and the District of Columbia as part of a continuing crackdown on online forums where credit card data and other stolen consumer information is routinely traded. http://www.it-observer.com/news/5970/secret_service_arrests_7_under_operation_targeting_online_fraud/ Arrests made in debit card fraud case The U.S. Secret Service today confirmed that it has made several arrests in connection with a recent wave of debit card fraud that forced several banks and credit unions to reissue millions of cards over the past few months. http://www.computerworld.com/securitytopics/security/story/0,10801,110040,00.html - - - - - - - - - - Security Breach at eBay's PayPal Service Raises Many Questions but Few Answers AuctionBytes reported on Friday a vulnerability on the PayPal website that allowed anyone to find out if an email address was attached to a PayPal account, and if so, revealed the account holder's full name. Several hours after AuctionBytes contacted PayPal about the security issue the page raised, PayPal fixed it, calling it "a bug." http://auctionbytes.com/cab/abn/y06/m03/i27/s04 - - - - - - - - - - Nokia staff jacked by Ernst & Young laptop loss Sun, Cisco, IBM and BP welcome the Finns. When Ernst & Young loses a laptop, it doesn't mess around. The Register has learned that the same missing system with personal information on Sun Microsystems, Cisco, IBM and BP workers also contained data on Nokia's US staff. http://www.theregister.co.uk/2006/03/30/ey_nokia_lapop/ - - - - - - - - - - Couple fined $423,000 and sentenced to jail for two years Experts at Sophos have applauded an Israeli court's decision to fine Ruth and Michael Haephrati for developing and selling a spyware Trojan horse. http://itvibe.com/news/4000/ - - - - - - - - - - Whitewater student faces charges of sexual assault, child porn Prosecutors filed charges Monday accusing a UW-Whitewater student of possessing child pornography and sexually assaulting a minor via the Internet. http://www.gazetteextra.com/lagally032906.asp - - - - - - - - - - Paedophile shopped by girlfriend A paedophile was shopped to the police by his girlfriend after she found his stash of child porn on their home computer. Daniel Beckett was today told he faces jail for possessing over 100 indecent images of boys and girls aged as young as three. http://www.lse.co.uk/ShowStory.asp?story=DB2923910V&news_ - - - - - - - - - - Police make child porn arrest Acting on information from the public and other police agencies, Greater Sudbury Police executed a search warrant Wednesday, arresting one suspect accused of possessing and accessing child pornography via the Internet. http://www.northernlife.ca/localnewsarticle.asp?view=108344 - - - - - - - - - - Priest pleads not guilty to child porn charges A Vincentian priest pleaded not guilty Wednesday to possessing child pornography on his computer, and his superior in the church was directed to serve as his custodian as he remains free on bond. http://www.suntimes.com/output/news/schulte29.html - - - - - - - - - - Cub leader charged over images on his computer FORMER Cub Scouts leader Noel John Coffey, convicted last month of indecencies involving children, has now been charged for having objectionable images on his computer. http://www.gisborneherald.co.nz/article.asp?aid=4353&iid=372&sud=27 - - - - - - - - - - Child porn photos lead to arrest The action comes 11 months after authorities confiscated college student's computer. Authorities arrested a man on suspicion of possessing child pornography Monday, saying he had been found with more than 1,000 images of child pornography, including graphic photos showing bondage and torture of girls as young as 10. http://www.sacbee.com/content/news/crime/story/14236101p-15057185c.html - - - - - - - - - - Man in child porn case held after state inquiry A 24-year-old Tampa man charged with multiple child pornography counts after a state investigation was held without bail at the county jail. Andrey Pavlov of 3401 N Lakeview Drive was arrested Tuesday afternoon, jail records show. http://www.sptimes.com/2006/03/30/Hillsborough/Man_in_child_porn_cas.shtml - - - - - - - - - - Erasing Computer Files Might Create Employee Liability Disgruntled employees beware. Erasing files on your company laptop as you leave the firm could trigger expensive civil liability under a federal anti-hacker law, according to a recent 7th U.S. Circuit Court of Appeals ruling. http://www.law.com/jsp/article.jsp?id=1143207012194 - - - - - - - - - - Child porn legislation needs funds A bill to add new muscle to an overburdened state police computer crimes task force won a vote of support in the Senate on Tuesday, but whether there will be enough money for bolstered enforcement remains unsettled. http://www.seacoastonline.com/news/03292006/maine/94952.htm - - - - - - - - - - Rise in child porn spam expected According to security experts, a sharp rise in child porn spam is expected soon. Security firm Sophos has observed an increase in the amount of illegal child-porn websites over the past week by a factor of three, and accompanying this is an aggressive spam campaign. http://www.techspot.com/news/21026-rise-in-child-porn-spam-expected.html - - - - - - - - - - Government sites fail web tests More than half of government and council websites contain errors and cause problems for disabled people, research shows. Some 60% of UK government websites contain HTML errors, according to a study by the University of Southampton. A similar proportion do not comply with guidelines created to improve web access, it found. In response, a government spokesman said the UK had been actively promoting better accessibility of sites. http://news.bbc.co.uk/2/hi/technology/4853000.stm - - - - - - - - - - German bank fights phishing with electronic signatures German retail banking giant Postbank AG, the target of several phishing attacks, aims to curb the theft of online personal information with the help of electronic signatures. The bank will begin attaching electronic signatures to all e-mail correspondence with customers, Postbank spokesman Jurgen Ebert said Thursday. http://www.computerworld.com/securitytopics/security/story/0,10801,110054,00.html Banks phished by own servers http://www.techworld.com/security/news/index.cfm?RSS&NewsID=5680 http://www.it-observer.com/news/5969/phishers_hack_bank_sites_redirect_customers/ Florida banks hacked in new spoofing attack http://www.it-observer.com/news/5968/florida_banks_hacked_new_spoofing_attack/ Registry Aims to Cut Phishing Bait http://www.eweek.com/article2/0,1759,1944072,00.asp - - - - - - - - - - Report on targeted attacks on corporate networks Report on targeted attacks on corporate networks Panda Software has presented a white paper entitled Protection for corporate networks against targeted attacks to offer network administrators information about this type of threat and how to combat it. http://www.it-observer.com/news/5979/report_targeted_attacks_corporate_networks/ Former Employees Threaten Network Security http://www.it-observer.com/news/5980/former_employees_threaten_network_security/ - - - - - - - - - - VXers add rootkit tech to MyDoom and Bagle Stealth code goes mainstream. Virus writers have begun adding rootkit functionality as a component of commonplace malware such as MyDoom and Bagle. Rootkit technology is designed to hide the presence of malware on infected systems. Originally the technology featured only as a component of more sophisticated and exotic forms of malware. Now the technology has moved into the mainstream, anti-virus firm F-secure reports. http://www.theregister.co.uk/2006/03/30/mainstream_rootkit/ http://www.eweek.com/article2/0,1759,1944133,00.asp - - - - - - - - - - Peer-To-Peer Trojan Worm Attacks Enterprises Security experts at MicroWorld Technologies inform that Trojan.Win32.Inject.t or W32/Inject-H is a new peer-to peer worm with IRC backdoor Trojan capacities. Inject.t can run in the background of a computer by working as a Server that allows a hacker to control the system via IRC channels. http://www.it-observer.com/news/5978/peer_to_peer_trojan_worm_attacks_enterprises/ - - - - - - - - - - Samba Expose Domain Machine Password The machine trust account password is the secret shared between a domain controller and a specific member server. Access to the member server machine credentials allows an attacker to impersonate the server in the domain and gain access to additional information regarding domain users and groups. http://www.it-observer.com/news/5977/samba_expose_domain_machine_password/ - - - - - - - - - - Symbian Commercial Spyware Released It seems someone has developed a trojan that can be used on a Symbian mobile phone to record information about the victims mobile call usage and SMS messages. The malware application is called Flexispy and it sends the captured information to a remote server. Flexispy is interesting as it was written by a commercial company and for commercial reasons. http://www.it-observer.com/news/5967/symbian_commercial_spyware_released/ Trojan row over spouse monitoring software http://www.theregister.co.uk/2006/03/30/flexispy/ - - - - - - - - - - Developers get more time from Microsoft on Eolas Corporate developers who are not ready for an upcoming Internet Explorer update are getting a reprieve. The next security update for Internet Explorer, expected by April 11, is scheduled to include changes to the way ActiveX processes dynamic content. These modifications will force developers to make changes to their Web sites and intranets, but Microsoft said Wednesday that it now plans to also release a second "compatibility patch" that will undo the ActiveX changes. http://www.computerworld.com/securitytopics/security/holes/story/0,10801,110036,00.html Thousands download third-party patches http://www.securityfocus.com/brief/174 - - - - - - - - - - For Sale: Your Life on the Internet Forget shredding your mail or worrying about who might have a copy of a recent credit card transaction. You have much bigger problems if you want to keep your personal information private. http://www.newsfactor.com/story.xhtml?story_id=13200003C480 - - - - - - - - - - Joe-job spammers shift tactics to evade filters Spammers are giving the old trick of joe-jobbing a fresh twist in a bid to fox email filters. Conventional joe-jobbing involves forging the sender's email address so that some poor innocent - rather than a spammer - has to wade through bounced messages sent to invalid email addresses. http://www.theregister.co.uk/2006/03/30/joe_job_twist/ - - - - - - - - - - Vendors failing to secure applications Software application vendors are still failing to sell secure products and it is a problem that is leaving customers open to hacking attacks, a leading security expert has said. Speaking at the e-Crime Congress in London earlier today, Alan Paller, director of research for Sans, the security organisation, said weak digital security in businesses is helping hackers to fund criminal activity. http://software.silicon.com/security/0,39024655,39157704,00.htm - - - - - - - - - - Fraud Detection with Detica NetReveal Detica has announced the launch of NetReveal, the most advanced fraud detection system in the world today. NetReveal takes a revolutionary approach to fraud detection by spotting fraudulent activity in social networks, rather than individual transactions. http://www.it-observer.com/news/5971/fraud_detection_with_detica_netreveal/ - - - - - - - - - - Packet-sniffing techie uncovers spousal infidelity Technology has been instrumental in ending yet another long-standing relationship. Hot on the heels of tales of a woman who blames a bug in Firefox for exposing the flaws in her relationship with a fiance and a man whose relationship was hit by the spam filtering ;shortcomings of Thunderbird, comes the story of a software programmer who unearthed evidence of his partner's infidelity using Ethereal, the packet sniffing software. http://www.theregister.co.uk/2006/03/30/ethereal_relationship_break-up/ - - - - - - - - - - Remote access is no longer a luxury Mobile sales teams, remote workers, telecommuters, strategic partners and other trusted users all need timely, secure access to specific data on your corporate network. Yet some remote- access systems rely on little more than usernames and passwords and lack robust authentication and encryption components. http://www.computerworld.com/securitytopics/security/story/0,10801,110050,00.html - - - - - - - - - - Using the Metasploit Framework to Disprove Computer Security In the computer security ecosystem, the exploit is king. There is certain mystique about the lines of code that can vanquish a system and entice it into doing ones bidding. These same lines of code embody the power that the exploit writer wields in the electronic world; the power to influence and control the code execution path of a program that someone else wrote to serve some entirely different purpose. http://www.it-observer.com/articles/1093/using_metasploit_framework_disprove_computer_security/ - - - - - - - - - - Do virtual machines weaken security? It seems Microsoft is desperate to show it is not alone in selling products prone to security problems. This time it has co-authored a report showing that virtual machines can be used to host malware, even on Linux systems. http://www.it-observer.com/news/5975/do_virtual_machines_weaken_security/ - - - - - - - - - - Wireless Security Takes To The Road Wireless technology connects a driver and his or her portable electronics to a car; links RF sensors, such as tire pressure monitoring, to the infotainment displays; and provides the ability to update and diagnose vehicle systems. But security concerns with wireless systems are even more critical when they are used in automotive applicationswhere an anomaly could result in injury or death. http://www.it-observer.com/news/5976/wireless_security_takes_road/ - - - - - - - - - - Minister pledges no complete DNA database The Home Office minister responsible for science has said the National DNA Database will never be extended to cover the whole population. Andy Burnham, visibly relieved by the ID card compromise, made the pledge at a meeting of top academics working in forensics. http://www.theregister.co.uk/2006/03/30/burnham_epsrc_event/ ************************************************************ Digital Investigation is the international journal of digital forensics and incident response. To apply for a free sample copy visit: http://www.digitalinvestigation.net *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2006, NewsBits.net, Campbell, CA.