November 14, 2002 Man Held In Sex Solicitation Case A North Carolina man was arrested today in Chesterfield County [Va.] on charges of using a computer to solicit sex from a 13-year-old Richmond-area girl. Jerry Wayne Hoyle, 58, of the 2400 block of Vicksboro Road in Henderson, N.C., also was charged with attempting to take indecent liberties with a minor. Hoyle is a former elementary school principal in North Carolina, police said. The girl was first approached in an Internet chat room by someone who talked with her about two weeks ago, police said. The person made arrangements to meet the girl at an Arby's Restaurant off Hull Street Road. http://www.timesdispatch.com/news/localupdates/MGBNMJWKJ8D.html - - - - - - - - Accused Pentagon Hacker's Online Life Usenet posts show Gary McKinnon was a bit of a phone phreak, knew where to buy lock picks, and had an early interest in defense computers. A former employer says he was bored at work. The British man accused of the most ambitious hack attacks against Defense Department computers in years was also a fine network administrator, according to a former co-worker. http://online.securityfocus.com/news/1646 - - - - - - - - Hackers drop spyware into popular tool The main Web site for downloading a popular open- source network-monitoring tool remained off-line Thursday following a revelation that rogue hackers had implanted spyware in the latest version of the software. Copies of tcpdump, a utility for monitoring data traffic on a network, and its library of code, called libpcap, had both been corrupted on the site, said Michael Richardson, Webmaster for the site and a member of the open-source project that maintains the tools. http://news.com.com/2100-1001-965916.html http://zdnet.com.com/2100-1105-965800.html http://www.theregister.co.uk/content/55/28105.html - - - - - - - - Russians wage cyberwar to disrupt separatists Chechen separatists say Russia's FSB security service is behind the collapse of two Web Sites that form a key source of news for the rebel area. The two sites, www.kavkaz.org and www.chechenpress.com, collapsed under a barrage of attacks from computer hackers just after Russian troops stormed a Moscow theater killing 41 armed rebels and 128 of the hostages they had been holding there. http://zdnet.com.com/2110-1105-965858.html http://news.zdnet.co.uk/story/0,,t269-s2125938,00.html - - - - - - - - Pirates put Harry Potter online New movie downloadable days before official release Pirated copies of Harry Potter and the Chamber of Secrets are appearing on the internet days before the premiere of the film. Associated Press (AP) reporters discovered what appeared to be the movie available on a website hosted in Europe. http://www.vnunet.com/News/1136819 - - - - - - - - Teen says game inspired crime spree Authorities say a teenager told them a video game about stealing cars inspired an auto theft spree involving about 100 vehicles. Nineteen-year-old Micah Zoerner of Somers, Wisconsin is charged with numerous counts of theft, burglary and auto theft. He's being held in lieu of a 15-thousand dollar cash bond. A preliminary hearing is scheduled for November 20th. http://www.cnn.com/2002/TECH/fun.games/11/14/teen.game.ap/index.html http://www.nandotimes.com/technology/story/619575p-4764094c.html - - - - - - - - Feds up pressure on spammers The Federal Trade Commission says regulators are stepping up enforcement of that plague of spam filling your e-mail inbox, and launching undercover operations to put cyberhucksters out of business. Federal regulators admit these efforts promise only to put a small dent in a growing deluge of junk e-mail, which is virtually cost-free to senders but costs consumers and businesses because it wastes time and requires businesses to upgrade computer equipment to handle the increased volume. http://www.nandotimes.com/technology/story/619583p-4764153c.html Chat rooms prime hunting sites for spammers http://www.usatoday.com/tech/news/2002-11-13-spam-study_x.htm - - - - - - - - House votes life sentences for hackers A last-minute addition to a proposal for a Department of Homeland Security could punish malicious computer hackers with life in prison. The U.S. House of Representatives on Wednesday evening voted 299 to 121 to approve the bill, which would reshape large portions of the federal bureaucracy into a new department combining parts of 22 existing federal agencies, including the Secret Service, the Coast Guard, and the FBI's National Infrastructure Protection Center. http://zdnet.com.com/2100-1105-965750.html http://news.zdnet.co.uk/story/0,,t269-s2125946,00.html http://www.newsfactor.com/perl/story/19981.html - - - - - - - - Judge rules cops' hacker went too far A federal judge has ruled that law enforcement officials went too far when they tried to use evidence gathered by a known hacker to convict someone of possessing child pornography. The decision, handed down earlier this month, is believed to be the first to say that hacking into an Internet-connected home PC without a warrant violates the Fourth Amendment, which prohibits unreasonable searches and seizures. http://news.com.com/2100-1023-965926.html - - - - - - - - GISRA gets stay of execution The Senate on Wednesday moved to extend the Government Information Security Reform Act for one year. The move came only hours before the House approved a compromise version of the Homeland Security Bill that essentially would make the provisions of the act permanent. GISRA, a provision of the Defense Authorization Act of 2001, required executive branch agencies to make regular assessments of their information security and to include security planning in budgets for IT projects. It has been used by the Office of Management and Budget to tie IT security to the budget planning process and by Congress as an oversight tool. http://www.gcn.com/vol1_no1/daily-updates/20496-1.html - - - - - - - - Study Makes Less of Hack Threat Despite the panting about "cyberterrorists," and despite the scare mongering about venomous hackers preying on fragile federal networks, attacks on government computer systems are declining worldwide, according to a recently released report. In the United States, reported intrusions into government networks fell from 386 in 2001 to 162 in the first 10 months of 2002. Worldwide, such attacks have declined by about a third -- from 2,031 last year to a projected 1,400 today. http://www.wired.com/news/politics/0,1283,56382,00.html - - - - - - - - Security adviser presses for new intelligence analysis agency The president should create a new, stand-alone agency to serve as an "all-source fusion and analysis center" for intelligence related to potential terrorist attacks, the chairman of an influential counterterrorism commission told a House Armed Services subcommittee on Thursday. http://www.govexec.com/dailyfed/1102/111402td1.htm - - - - - - - - Software Blocks Virus Spread By Encrypting E-Mail Address Books spacer SentryBay plans on Monday to introduce software designed to block many e-mail viruses by encrypting e-mail addresses in Microsoft Outlook and Outlook Express. Many viruses, such as Klez and Sircam, work by mining Outlook for e-mail addresses and e-mailing copies of themselves to those addresses; the ViraLock software, priced at $19.95 per PC and available now, blocks the viruses by blocking access to addresses. http://www.internetwk.com/story/INW20021114S0005 - - - - - - - - Microsoft says security push is working Ten months after Microsoft Chairman Bill Gates called on company employees to make Windows more trustworthy, a company executive said the initiative is paying off. Speaking at the software giant's monthly Silicon Valley Speaker series, Craig Mundie, senior vice president for advanced strategies and policy, said that headway has been made in the company's Trustworthy Computing initiative. http://zdnet.com.com/2100-1105-965759.html http://www.theregister.co.uk/content/55/28103.html Security 'impossible' for Win9x, buy XP now, says MS exec Yesterday Microsoft senior VP and head trustworthy computing honcho Craig Mundie delivered his 'annual report' on the company's trustworthy computing initiative. He had much to say about the progress that has been made since Microsoft discovered security, but the bit that interested us was way down the bottom of this, where he explained why people are going to have to ditch their old MS stuff and buy lots of lovely new MS stuff instead. http://online.securityfocus.com/news/1651 - - - - - - - - When firewalls and intrusion detection just aren't enough Firewalls alone are not enough to thwart today's more sophisticated range of attacks, while Intrusion Detection Systems detect and record attacks, but do not block them. AV products, properly updated, can help protect against malicious code but are necessarily limited in their scope. So enterprises and telecoms operators face a security gap which vendors are trying to plug with a fresh breed of security appliances, dubbed Intrusion Prevention Systems (IPS). http://www.theregister.co.uk/content/5/28101.html - - - - - - - - Alien Autopsy: Reverse Engineering Win32 Trojans on Linux In my last article, Reverse Engineering Hostile Code, I described the tools and processes involved in basic reverse engineering of a simple trojan. This article will offer a more detailed examination of the reversing process, using a trojan found in the wild. At the same time, this article will discuss some techniques for reversing Windows-native code entirely under Linux. As an added bonus, all the tools used in this article are either freeware or free software. http://online.securityfocus.com/infocus/1641 - - - - - - - - US gov's 'ultimate database' run by a felon We all know that truth is stranger than fiction, and here we have an apparently real item straight from the realm of Tom Clancy. Imagine a huge, absolutely huge, central database containing both the official and commercial data of every single citizen, run by the US military ostensibly for anti-terror and Homeland Security purposes, and all of it under the direction of a convicted felon. http://www.theregister.co.uk/content/6/28107.html - - - - - - - - Computers hone in on bin Laden's voice Authenticating voices on audiotapes is anything but an exact science. Computer voice analysis lacks the accuracy of fingerprint or DNA identification and can be hamstrung by a skilled impersonator or low-quality recording. So while government analysts may believe they've heard Osama bin Laden, experts say you can't be certain. http://www.cnn.com/2002/TECH/biztech/11/14/laden.voiceprint.ap/index.html http://www.usatoday.com/tech/news/2002-11-13-binladen-voice_x.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.