December 1, 2000 N.Y. man admits hacking into NASA computers A 20-year-old man pleaded guilty Friday to breaking into two computers owned by NASA's Jet Propulsion Laboratory in 1998 and using one to host Internet chat rooms devoted to hacking. Raymond Torricelli of New Rochelle, New York, admitted during a plea hearing in Manhattan federal court that he also was paid to get chat room participants to visit a pornographic Web site and that he had intercepted passwords and usernames from Georgia Southern University and San Jose State University computer networks. http://www0.mercurycenter.com/svtech/news/breaking/merc/docs/031433.htm - - - - - - - - - Couple convicted of Web child porn A federal jury on Friday convicted a Texas couple on nearly 90 counts in an Internet child pornography case that prosecutors say involved Web site operators in Russia and Indonesia. Jurors deliberated eight hours before returning guilty verdicts Friday against Thomas and Janice Reedy and their home-based company, Landslide Inc., which netted more than $1 million between 1997 and 1999. The Reedys' business gave paying subscribers passwords to enter Web sites containing graphic pictures and videos of children engaging in sex acts with adults and with each other. The Fort Worth couple and three foreign Web site operators were indicted in April after an investigation by the FBI, Postal Service and Customs Service. Charges included sexual exploitation of minors, distribution of child pornography and conspiracy. http://www0.mercurycenter.com/svtech/news/breaking/ap/docs/699644l.htm - - - - - - - - - CIA Shuts Chat Room, Fires 4, Suspends 10 The CIA yesterday fired four employees, suspended at least 10 others and revoked the security clearances of nine private contractors for exchanging "inappropriate" e-mail in computer chat rooms hidden from management. The disciplinary action, described as the largest in the agency's history, followed a seven-month investigation that involved 160 employees and delved into activities going back 15 years. While a public statement by the CIA stressed that the probe found no "unauthorized disclosure of classified information," a memo to all employees said investigators uncovered "a concerted and sustained effort on the part of a group of individuals to create, maintain and hide databases on the agency's computer systems." http://washingtonpost.com/wp-dyn/articles/A7159-2000Nov30.html - - - - - - - - - Scotland suffers St Andrew's day hacks Computer crackers launched an attack on Scotland and Saint Andrew Thursday, defacing prominent historical Web sites with anti-Scottish insults. Timed to coincide with the day dedicated to Scotland's patron saint, the attacks were designed to cause maximum embarrassment to the sites targeted. The seven sites targeted include the historical and cultural destinations www.dunbar-scotland.com and www.edinburgh-tattoo.co.uk as well as a string of commercial sites. http://www.zdnet.co.uk/news/2000/47/ns-19428.html - - - - - - - - - Antivirus firm says Shockwave virus spreading quickly An email computer virus that comes concealed as a Net movie hit several U.S.-based companies Friday afternoon, leading at least one antivirus company to upgrade its threat assessment from "medium" to "high" risk. The virus, dubbed "Creative," carries no destructive payload, but automatically emails itself to a victim's entire email address book. It was first identified in Europe on Thursday, where it had been spreading slowly. But the worm began picking up steam in the United States by late Friday, according to McAfee's Anti-Virus Emergency Response Team (AVERT). http://news.cnet.com/news/0-1005-200-3951204.html - - - - - - - - - AOL Says It Is Fixing IM Security Loophole America Online said today that it is in the process of closing a security loophole that allowed hackers to steal AOL Instant Messenger (AIM) screen names and, in some cases, access AOL members' credit cards. Nicholas Graham, spokesperson for AOL, said that the new security measure will address the issue not only for AIM version 4.3 clients, but others as well. "We became aware of the problem earlier this week," said Graham. "Today, we were able to duplicate the process where individuals were able to make illegal entries in our system. This afternoon we are putting in a precautionary technique that will fix the problem." http://www.newsbytes.com/news/00/158882.html - - - - - - - - - Hong Kong to get tough with hackers Hong Kong proposed a string of new measures on Friday to combat cybercrimes including stiffer penalties for computer hackers. Under the proposal, the present maximum penalty for hackers with an intent to deceive would be raised to 14 years from the present five. ``This would bring the offence in line with other deception offences in the physical world,'' Deputy Secretary for Security Cheung Siu-hing told a news conference. Hackers accessing systems without authorisation currently face a fine of up to HK$20,000 (US$2,500) and no custodial sentence. The maximum sentence could be increased to 10 years in jail, the government said. http://www0.mercurycenter.com/svtech/news/breaking/merc/docs/065659.htm - - - - - - - - - Tech Groups Still Wary Of International Cyber-Crime Treaty A coalition of high-tech companies voiced concern over the Council of Europe's latest revisions to its international cyber-crime treaty, saying the modified language still imposes burdensome data preservation requirements on Internet service providers, and could potentially restrict legal activities online. In a statement issued today, the World Information Technology and Services Alliance (WITSA) told Council of Europe General Secretary Walter Schwimmer that, while the group supported the objectives of improving international law enforcement cooperation to keep pace with the increasingly global nature of cyber-crime, the new draft would do little to address concerns raised by industry groups since the beginning of the process. http://www.newsbytes.com/news/00/158848.html - - - - - - - - - Internet users win battle to stay secret Two Internet users have successfully challenged a New Jersey company's efforts to unmask their identities for a defamation lawsuit, and free-speech advocates consider this ruling a major victory in protecting authors of unflattering online messages. The case appears to be the first time anonymous posters have succeeded in blocking a company's request for a subpoena that would have forced a message-board operator, in this instance, Yahoo! Inc., to turn over information that would divulge their identities. Dendrite International Inc., a Morristown, N.J., software company, had sought the subpoena as part of a cybersmear lawsuit it filed in the spring against its unknown online critics who, among other things, alleged it was cooking its books to inflate earnings. http://www.zdnet.com/zdnn/stories/news/0,4586,2659940,00.html - - - - - - - - - DoS alarm sounded over server flaw Security consultant BindView Corp. has announced that a widespread flaw in the way that servers handle Internet traffic could result in so-called denial-of-service attacks similar to the ones that plagued the Web last February. The idea is nothing new: Send data to a server in a certain way so that the computer reserves memory and processor time for the connection -- and repeat many, many times. When the server runs out of memory or slows down to a crawl, certain functions will stop responding. And like other denial-of- service attacks, this one is hard to stop, because the traffic is not easily differentiated from the data that normally traverses the Net. http://www.zdnet.com/zdnn/stories/news/0,4586,2660317,00.html - - - - - - - - - Growing pains strike teen sites Ashley Power is the Internet's newest darling. The Goosehead.com founder was 14 when she founded her Web site and 15 when she inked a deal with Hollywood moguls. But as her success was celebrated, portions of the Web site were investigated for possible violations of the Children's Online Privacy Protection Act (COPPA). Goosehead has since corrected many of the alleged problems, including eliminating chat rooms for those under age 12. But Phyllis Spaeth of the Children's Advertising Review Unit (CARU) of the Better Business Bureau, which monitors children's chat rooms, said the Goosehead case is part of a disturbing trend as tech-savvy teen- agers start setting up their own chat environments for their peers. http://www.zdnet.com/zdnn/stories/news/0,4586,2660159,00.html - - - - - - - - - Hacking It on Wall Street On March 10th, 2000, the Nasdaq composite reached an all-time high, breaking the 5,000 mark for the first time. On that day Internet Trading Technologies (ITTI) hit an all-time low, someone was attacking its systems. According to Craig Goldberg, president and founder of ITTI, the attacker overwhelmed the company's servers by submitting a constant stream of fake trade requests. As a result, ITTI's customers were unable to make automated trades several times during the course of the day and in the last half-hour before the market's close. "Somebody was attacking the system who had a very intimate knowledge of the way our system worked," Goldberg told CyberCrime senior producer Alex Wellen. "Because of his unique knowledge of the system, [the hacker] was able to access the demo part of our site and, by putting through some packets of information that somebody else would not be able to do, was able to crash the system." http://www.techtv.com/cybercrime/hackingandsecurity/story/0,9955,3013872,00.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000, NewsBits.net, Campbell, CA.