NewsBits for April 26, 2006 ************************************************************ Fraudsters steal 2,000 credit card details Fraudsters stole the credit card details of 2,000 MasterCard holders in a major security breach last week. silicon.com was contacted by one customer of the Clydesdale Bank who was told that her MasterCard details, along with those of 2,000 other people, were "in the hands of a fraudster". http://software.silicon.com/security/0,39024655,39158371,00.htm - - - - - - - - - - Former Montville Constable pleads guilt to having child porn A former Montville police constable pleaded guilty Tuesday to gathering child pornography from the Internet, the U.S. Department of Justice announced. John Salmon, 39, formerly of 33-3 Windermere Ave., Vernon, pleaded guilty on the charge before U.S. District Judge Mark R. Kravitz in New Haven. http://www.norwichbulletin.com/apps/pbcs.dll/article?AID=/20060426/NEWS01/604260328/1002 - - - - - - - - - - Man Facing Over 150 Child Porn Related Charges A man previously arrested on charges of distributing child pornography faces additional charges after photos were found of him allegedly having sex with teenage boys, authorities said. Michael James Tyler, 34, was charged with 157 counts of possession of photographs of the sexual performance of a child, the Glades County Sheriff's Office said. http://www.wftv.com/news/9007954/detail.html http://www.theledger.com/apps/pbcs.dll/article?AID=/20060426/NEWS/604260376/1004 - - - - - - - - - - Man faces prison term for child porn A 44-year-old Jackson man is facing an 18-month prison term after admitting Monday he possessed child pornography on his home computer. Glenn M. Yokel of Wyoming Drive, who is on the State Police sex offender registry, pleaded guilty before Superior Court Judge Edward J. Turnbach to endangering the welfare of a child by possessing child pornography. http://www.app.com/apps/pbcs.dll/article?AID=/20060426/NEWS02/604260434/1070/NEWS02 - - - - - - - - - - Dateline's sex predator sting comes to Fort Myers After three months of investigation and a three day sting, the Fort Myers Police Department believes it has taken two dozen sexual predators off the internet. Over the weekend, the men showed up to a Fort Myers home expecting to find a child. Instead they found police and a Dateline NBC crew. http://www.nbc-2.com/articles/readarticle.asp?articleid=6783 - - - - - - - - - - Newsday Temp Arrested in Child Sex Sting Four men, including a temp at Newsday, have been arrested in a sting operation to take down online sex predators, according to Suffolk cops. Police say the four suspects actively and aggressively initiated online chat of a sexual nature with undercover detectives posing as children. In addition, the suspects arranged to meet the children to engage in sexual conduct. http://www.longislandpress.com/?cp=162&show=article&a_id=8288 - - - - - - - - - - DOT worker in Bayside charged in child porn case A 37-year-old Long Island man who worked at a Bayside office of the state Department of Transportation has been charged with possessing child pornography, prosecutors said Tuesday. http://www.timesledger.com/site/news.cfm?newsid=16530955 - - - - - - - - - - Massena man indicted for child porn A Massena man faces child pornography charges after the unsealing of a Grand Jury Indictment. The Daily Courier-Observer says 40 year old Patrick Foster was arrested Monday on a bench warrant after the indictment was opened in St. Lawrence County Court. Police had seized Foster's computer in 2004 during an unrelated investigation, the paper reported. http://www.newswatch50.com/news/local/story.aspx?content_id=20698611-7EB7-4ECA-84BD-BC7D42C10E92 - - - - - - - - - - Rare child porn trial to begin When Donald Anson enters a courtroom in the Kenneth B. Keating Federal Building on Monday, he will become the first defendant to be tried on child pornography charges in U.S. District Court in Rochester in more than two decades. The case against the 50-year-old Rochester man will include the graphic, disturbing images that prosecutors say were found on his computer and computer disks; testimony from computer experts who'll attest that the images are of real children and not computer-manufactured portrayals; and testimony from law enforcement officials from across the country who know some of the youths who were photographed while being molested. http://www.democratandchronicle.com/apps/pbcs.dll/article?AID=/20060423/NEWS01/604230358/1002/NEWS - - - - - - - - - - Man faces child-porn charges An Orange County man was arrested and charged with possession of child pornography after a New York-based investigation uncovered credit-card payments to a hard-core Web site, court records show. Regan Cornelius, who lives in the Stoneybrook East development in east Orange County, is being held without bail at the Seminole County Jail after a federal judge on Friday would not release the 27-year-old. Members of the FBI's Innocent Images Task Force used a search warrant in August to seize Cornelius' computer. FBI Special Agent Nickolas Savage, in a criminal complaint, said a subsequent computer forensic exam found "several hundred images and movie files of child pornography." http://www.orlandosentinel.com/technology/orl-mcfbriefs25_506apr25,0,7695447.story - - - - - - - - - - Breach case could curtail Web flaw finders Security researchers and legal experts have voiced concern this week over the prosecution of an information-technology professional for computer intrusion after he allegedly breached a university's online application system while researching a flaw without the school's permission. http://www.securityfocus.com/news/11389 - - - - - - - - - - EU seeks minimum sentence for goods forgery Forged goods have become an increasing concern for European businesses, whose brands and products are under growing threat from high-quality copies that are often hard to distinguish from genuine versions. http://news.ft.com/cms/s/83204150-d479-11da-a357-0000779e2340.html - - - - - - - - - - Bank of America Fights Phishing as a Unit If you are a large e-mail sender constantly subjected to phishing scams, all parts of your organization must be on the same page to combat the problem, Eric Johnson, vice president of Bank of America, said at the Email Authentication Summit here last week. http://www.dmnews.com/cgi-bin/artprevbot.cgi?article_id=36543 Phishers cast their nets wider http://www.vnunet.com/computing/news/2154811/phishers-turn-attentions Phishers Catch Victims With VoIP http://internetweek.cmp.com/news/186701099 http://www.computerworld.com/securitytopics/security/holes/story/0,10801,110894,00.html Phishers Taking A Multilingual Approach http://www.it-observer.com/news/6179/phishers_taking_multilingual_approach/ http://www.theregister.co.uk/2006/04/26/international_phishing_survey/ - - - - - - - - - - Privacy needs to be baked into systems, experts say To be as effective as possible, agency privacy officers should not act as a Dr. No. Rather, they should be an important part of the team that helps focus a system, two privacy officials said. http://www.fcw.com/article94173-04-25-06-Web - - - - - - - - - - Microsoft rolls out browser fixes Microsoft Corp. is releasing a new test version of Internet Explorer, the market- leading Web browser that is facing competition from smaller players. The new beta, available Tuesday for free download to English-languages customers, includes fixes for problems that were causing Internet Explorer 7 to stop working, said Dean Hachamovitch, general manager in charge of Internet Explorer development. http://www.cnn.com/2006/TECH/internet/04/25/microsoft.explorer.ap/index.html New IE bug puts patched Windows systems at risk http://www.computerworld.com/securitytopics/security/story/0,10801,110889,00.html?source=x73 http://software.silicon.com/security/0,39024655,39158379,00.htm How to fix the top 10 Internet Explorer issues http://www.it-observer.com/news/6180/how_fix_top_10_internet_explorer_issues/ Microsoft Rocked by New IE Zero-Day Flaw Warning http://www.eweek.com/article2/0,1759,1953833,00.asp - - - - - - - - - - Firefox Bug Could Be Serious A zero-day vulnerability in a fully-patched and most-current version of Mozilla Corp.'s Firefox could be exploited to crash the browser at the least, and at the worst, possibly introduce malicious code, a security company warned Tuesday. http://internetweek.cmp.com/news/186700926 - - - - - - - - - - Bugs put widely used DNS software at risk A number of flaws in the software that is used to administer the Internet's Domain Name System have been discovered by researchers at Finland's University of Oulu. http://www.computerworld.com/securitytopics/security/holes/story/0,10801,110897,00.html - - - - - - - - - - Security firm finds holes in Cisco wireless Cisco Systems Inc. has released patches for eight of its products after Net security company Assurance Pty Ltd.'s Assurance.com.au discovered vulnerabilities in some of the vendor's wireless products. The vulnerabilities were discovered after studying the Cisco Wireless LAN Solution Engine. http://www.computerworld.com/securitytopics/security/holes/story/0,10801,110879,00.html - - - - - - - - - - Feds scramble to meet smart-card program deadline The U.S. government is studying the viability of a shared technology and services infrastructure to help agencies issue new Personal Identity Verification (PIV) smart cards to all employees and contractors beginning in October. http://www.computerworld.com/securitytopics/security/story/0,10801,110895,00.html RSA SecurID Appliance 2.0 http://www.it-observer.com/news/6178/rsa_securid_appliance_20/ - - - - - - - - - - Microsoft Details Upcoming Management Tools Microsoft will release SMS 2003 R2 by the end of June as it preps System Center Configuration Manager 2007 for delivery next year. As the company's annual management summit got underway in San Diego Tuesday morning, Microsoft provided a broad overview of its expanding System Center product lineup but later drilled down on the future of SMS, now named System Center Configuration Manager 2007. http://www.informationweek.com/news/showArticle.jhtml;j?articleID=186701031 - - - - - - - - - - PGP unfazed by MS disk encryption PGP says the whole disk encryption kit Microsoft will bundle with Vista is no threat to its position as the first port of call for forgetful laptop luggers. At its InfoSec press briefing, Microsoft was pushing its BitLocker software as peace of mind for firms wanting to sling old HDDs. http://www.theregister.co.uk/2006/04/26/pgp_infosec/ - - - - - - - - - - Websense Enhances Desktop Security With Windows Firewall Websense and Microsoft are working together to offer customers an innovative and powerful desktop security solution to be included in its current release of Websense Web Security Suite-Lockdown Edition and Websense Client Policy Manager (CPM) version 6.2. Through integration with Websense Web Security Suite- Lockdown Edition and CPM, Windows XP Desktop firewall customers will gain greater return on their investment with easy to deploy desktop application categorization from Websense. http://www.it-observer.com/news/6177/websense_enhances_desktop_ecurity_with_windows_firewall/ - - - - - - - - - - Employee Password Choices Put Business Data At Risk Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centres, are strongly urging companies to educate their employees on the importance of choosing unique and multiple passwords to thwart the onslaught of cyber criminal activity in the workplace. http://www.it-observer.com/news/6176/employee_password_choices_put_business_data_at_risk/ DTI: Businesses are getting serious about security http://software.silicon.com/security/0,39024655,39158386,00.htm Oracle aims for restricted access http://software.silicon.com/security/0,39024655,39158380,00.htm - - - - - - - - - - Anonymity and Privacy in Electronic Services People increasingly use the Internet for an ever wider range of activities: reading the newspaper, shopping, staying in contact with family and friends, finding a partner, booking holidays, expressing their opinion, keeping an online diary, etc. http://www.it-observer.com/news/6182/anonymity_privacy_electronic_services/ - - - - - - - - - - Theoretical Hacking for IT Managers Not everyone has l33t skilz or mass amounts of hardened TCP/IP stack programming experience. When I'm at work, I don't look at logs all day long, nor do I run security audits every five minutes. I do my job, which takes all of my time. This is the situation for most small to medium sized companies that have only a few IT guys. So how does an everyday IT guy handle the constant threat of impending attack? http://www.it-observer.com/news/6183/theoretical_hacking_it_managers/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2006, NewsBits.net, Campbell, CA.