NewsBits for February 12, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ 17 Charged in Satellite TV Case Seventeen people have been charged with developing technology used to steal millions of dollars in satellite television service. The charges culminated a yearlong federal investigation into the underground world of computer hackers, the authorities announced today. One key defendant, Randyl Walter, 43, pleaded guilty to manufacturing satellite decryption devices, admitting responsibility for nearly $15 million in losses to satellite companies like Dish Network and DirecTV. He faces fines up to $500,000 and a maximum of five years in prison. Nine other defendants have also agreed to plead guilty to charges related to significant losses by the companies. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/5160248.htm http://www.nytimes.com/2003/02/12/national/12TEEV.html http://www.latimes.com/technology/la-me-dish12feb12,1,4978377.story http://online.securityfocus.com/news/2387 http://www.washingtonpost.com/wp-dyn/articles/A63056-2003Feb12.html http://www.msnbc.com/news/871516.asp http://www.usatoday.com/tech/news/2003-02-12-hacker_x.htm http://www.nandotimes.com/technology/story/761744p-5495853c.html - - - - - - - - - - Police recover disk at centre of ID theft flap A hard drive that contained confidential details about hundreds of thousands of insurance company clients has been recovered by Canadian police. The paperback-sized 30-gigabyte (Western Digital Caviar 307AA) drive, which went missing from the supposedly secure facility of ISM Canada, an IBM subsidiary on January 16, was found with the data it contained overwritten early last week. http://www.theregister.co.uk/content/6/29303.html - - - - - - - - - - Child porn swoop: 121 computers seized Thousands of computer files containing pornographic images of children have been seized in a series of raids by Norfolk police. The swoop, dubbed Operation Atlas, was launched to target people whose credit card details were found on an American paedophile website. But the sheer volume of material recovered is said to be greater than the force's entire information and management system, which spans half a million pages. A team of officers based at the police headquarters in Wymondham has confiscated 88 desktop computers, 33 laptop computers, 38 additional hard-drives, almost 2000 CD-Roms, 5500 floppy disks and 2500 videos. http://www.edp24.co.uk/content/News/story.asp?datetime=12+Feb+2003+08%3A00&tbrand=EDPOnline&tCategory=NEWS&category=News&brand=EDPOnline&itemid=NOED11+Feb+2003+22%3A22%3A47%3A333 - - - - - - - - - - Davenport priest charged in child porn investigation Scott County prosecutors have charged local priest with child pornography. The investigation into Father Richard Poster, 38, began just over a month ago , when the Davenport Diocese discovered child porn on one of their computers. Officials with the diocese say the computer was Poster's. Poster seen here is charged with two counts of sexual exploitation of a minor. Church officials learned of the child porn when poster turned in his old computer to the diocese for a new laptop PC. That's when porn was discovered on the computers hard drive. http://www.wqad.com/Global/story.asp?S=1126156&nav=1sW7DwAy - - - - - - - - - - Columbia man sentenced to 2+ years for child porn A Columbia man has been sentenced to just over two years in jail for possession of child pornography. US Attorney Strom Thurmond Junior says Paul Robinson, 30, will spend two years and three months in prison and three years on supervised release. Thurmond says a computer service technician found video files showing minors engaging in sexual activity with adults on Robinson's computer. The technician reported the images to police. http://www.wistv.com/global/story.asp?s=1126451 - - - - - - - - - - Columbus Doctor Pleads Guilty To Child Porn Charges A former Columbus doctor pleaded guilty yesterday in federal court to one count of possessing child pornography and could be sentenced to probation or up to five years in prison. Under a plea agreement, John Hostler will forfeit computers used to download obscene movies and images of young children. http://www.onnnews.com/story.php?record=22181 - - - - - - - - - - Conn. teen says ex-prosecutor propositioned her An Orange County detective investigating the online life of former prosecutor Ira Karmelin said he has located a 15-year-old girl in Connecticut who says Karmelin also propositioned her. The girl, named Stacey and posing as a 17-year-old on America Online, says Karmelin displayed live, lewd images of himself using a Web cam and invited her to Orlando to visit the theme parks and have sex. http://www.gopbi.com/partners/pbpost/epaper/editions/wednesday/local_news_e394fc2132004204008b.html - - - - - - - - - - Tiny island official flies 370 kms for date with teen hooker Police arrested a senior official of a tiny island municipality, who flew some 370 kilometers to central Tokyo last summer to have sex with a teen-age girl in return for money, investigators said Wednesday. Seishi Komoto, 47, general affairs manager at the Aogashima Municipal Government, is accused of violating the anti-child prostitution and pornography law. He admitted to the allegations during questioning. Komoto paid 40,000 yen to the girl he got acquainted with through an Internet dating site to have sex with him at a hotel in the western Tokyo suburban city of Hachioji last August, the Metropolitan Police Department said. http://mdn.mainichi.co.jp/news/20030212p2a00m0dm041000c.html - - - - - - - - - - Child porn found on CFS A computer file containing child pornography was found on a campus computer Sunday. The IU Police Department said a student reported the incident after opening the file from the CFS scratch disk system, computer space that is open to all students on campus. According to a police report, the computer file's label gave no indication that it contained lewd content. The student who reported the incident would only give his first name, police said. http://www.idsnews.com/story.php?id=14683 - - - - - - - - - - Nintendo announces huge seizure of pirated games in China Authorities who raided factories in southern China in search of counterfeit Nintendo video games last month found games, packaging and components totaling some 300,000 items, including new titles released just weeks earlier, the company said Wednesday. The announcement highlighted China's enduring status as a major counterfeiter, despite periodic highly publicized crackdowns on pirate producers of goods ranging from music and videos to designer clothes and software. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/5163537.htm - - - - - - - - - - Cupid stunt sends not-so funny Valentine Antivirus experts check suspicious e-greeting. Security companies are currently examining a suspicious Valentine's Day email being sent to computer users. The email, from cupid@valentines-ecard.com, says that the recipient has received an e-card and invites users to click on a link. The site then asks users to download an 800Kb file that will need Flash to be viewed. http://www.vnunet.com/News/1138688 - - - - - - - - - - Officials Warn of Risk of Increased Computer Hacking Increased tensions between America and her allies and Iraq could lead to an increase in "global hacking activities," the government body dedicated to protecting the nation's infrastructure warned. "Recent experience has shown that during a time of increased international tension, illegal cyber activity often escalates," states a Feb. 11 advisory issued by the National Infrastructure Protection Center. Illegal activities can include spamming, web defacements and denial-of-service attacks. http://www.defenselink.mil/news/Feb2003/n02122003_200302124.html - - - - - - - - - - FBI Says Iraq Situation May Spur 'Patriotic Hackers' Real patriots don't hack. Uncle Sam says only he can do that. The FBI's National Infrastructure Protection Center warned Wednesday that growing tensions between the United States and Iraq could lead to an increase in global computer hacking activities on both sides. "Regardless of the motivation, the NIPC reiterates such activity is illegal and punishable as a felony," the agency warns on its Web site. "The U.S. government does not condone so-called 'patriot hacking' on its behalf. http://www.washingtonpost.com/wp-dyn/articles/A64049-2003Feb12.html http://www.nandotimes.com/technology/story/761926p-5496706c.html - - - - - - - - - - DIA chief warns of tech threats The director of the Defense Intelligence Agency (DIA) warned the Senate this week that the threats to America are going to become more diverse and technologically complex as the decade progresses. Vice Adm. Lowell Jacoby, addressing the Senate Select Committee on Intelligence Feb. 11, said that the ubiquity of many technologies and the increased accessibility to information on the Internet has somewhat leveled the playing field between the United States and terrorist organizations and smaller nations that would do this country harm. http://www.fcw.com/fcw/articles/2003/0210/web-dia-02-12-03.asp - - - - - - - - - - Congress Bars Using a Pentagon Project on Americans House and Senate negotiators have agreed that a Pentagon project intended to detect terrorists by monitoring Internet e-mail and commercial databases for health, financial and travel information cannot be used against Americans. The conferees also agreed to restrict further research on the program without extensive consultation with Congress. House leaders agreed with Senate fears about the threat to personal privacy in the Pentagon program, known as Total Information Awareness. So they accepted a Senate provision in the omnibus spending bill passed last month, said Representative Jerry Lewis, the California Republican who heads the defense appropriations subcommittee. (NY Times article, free registration required_ http://www.nytimes.com/2003/02/12/politics/12PRIV.html http://www.wired.com/news/politics/0,1283,57636,00.html http://www.usatoday.com/tech/news/techpolicy/2003-02-12-pentagon-curbs_x.htm Attempt to Block TIA Goes Forward http://www.wired.com/news/politics/0,1283,57650,00.html - - - - - - - - - - Spammers break law with covert tracking Many spammers are ignoring laws forbidding them to insert covert tracking codes in their messages, according to a survey by out-law.com, the IT and ecommerce legal service arm of law firm Masons, and network security outfit iomart. The survey highlights how spam messages often contain covert tracking codes which enable senders to record and log recipients' email addresses as soon as they open a message. http://www.theregister.co.uk/content/55/29289.html - - - - - - - - - - Experts Search for Ways to Fight Cybercrime Amid heightened awareness of terrorism and computer attacks, computer crime professionals gathered at the Foxwoods Resort Casino here this week to hone their cybersleuthing skills at the third annual Cybercrime conference. The three-day conference and exhibition tackled a wide range of security- related issues, from hackers and worms to intellectual property theft, computer forensics, and organized crime. http://www.pcworld.com/news/article/0,aid,109314,00.asp - - - - - - - - - - Open source bug threatens Linux A weakness in the widely used Concurrent Versions System (CVS) development aid has left Linux and open source code vulnerable to attack. A Computer Emergency Response Team advisory has warned the flaw could allow hackers to alter the operation of the CVS program, read sensitive information or launch denial of service attacks. http://www.vnunet.com/News/1138702 - - - - - - - - - - E-Authentication gateway draws interest outside of e-gov projects While the E-Authentication project, considered a main cog in the e-government wheel, is having trouble getting funds from partner agencies, IT leaders outside of the 24 Quicksilver projects are clamoring to use the gateway. But those project leaders might have to wait because funding problems have pushed back the timetable for a full launch of the system. http://www.gcn.com/vol1_no1/daily-updates/21143-1.html - - - - - - - - - - DOD protecting PCs at home Defense Department employees can now download, at no cost, antivirus and firewall protection solutions from McAfee Security for Consumers under a licensing agreement between the Defense Information Systems Agency and Network Associates Inc. McAfee's home use portal service became available to all DOD employees Jan. 31, and includes VirusScan 7.0 Home Edition and other McAfee Security solutions. http://www.fcw.com/fcw/articles/2003/0210/web-disa-02-12-03.asp - - - - - - - - - - Guidance Software Teams With Los Angeles ECTF Guidance Software, the world leader in computer and enterprise investigation software, today announced it has partnered with the Los Angeles Electronic Crimes Task Force (ECTF) to supply ECTF members with forensic software, investigation resources and advanced forensics training using its EnCase Forensic Edition software. The Los Angeles ECTF collectively merges the local resources of business and finance leaders, law enforcement supervisors and administrators from top academic institutions to combat cyber crime. http://biz.yahoo.com/prnews/030212/law058_1.html Social Security IG team plans upgrade of forensics app When Guidance Software Inc. releases a new version of its EnCase Forensic software later this month, the Social Security Administrations Office of the Inspector General will be one of the early upgraders. Social Securitys IG team decided it had to upgrade because of the agencys burgeoning caseload, said Sue Hermitage, a computer forensics special agent in the IG Office. She said Social Security number fraud cases have exploded, from 11,000 in 1998 to 73,000 last year. http://www.gcn.com/vol1_no1/daily-updates/21138-1.html - - - - - - - - - - New Linux Support Policies are Ominous Red Hat and Mandrake are cutting support for older versions of their Linux distributions... The results will be a security nightmare for the Internet. Open source opponents have for years warned, "You get what you pay for." Now some Linux distributors are planning to make good on that threat. Red Hat and Mandrake's recently-announced revised support policies might spell the end of the free ride for many companies using Linux. http://online.securityfocus.com/columnists/142 Open and closed security are roughly equivalent http://www.theregister.co.uk/content/55/29294.html - - - - - - - - - - Viruses and hoaxes Have you received an email about an impending virus from someone that you know, similar to the one below? The virus (called jdbgmgr.exe) is not detected by Norton or McAfee anti-virus systems. It sits quietly for 14 days before damaging the system. It is sent automatically by messenger and the address book, whether or not you send emails to your contacts. Here's how to check for the virus and get rid of it: http://www.smh.com.au/articles/2003/02/11/1044725776645.html - - - - - - - - - - If U.S. launches cyberattack, it could change nature of war Imagine Saddam Hussein sitting in one of his palaces, tapping on his laptop, maybe shopping at Uranium Online. Which actually exists, by the way. Tag line: "The nuclear fuel e-commerce solution." All of a sudden, Saddam's computer explodes with e-mail. It's all spam, made in America thousands of offers. Consolidate your debt. Earn money working at home. Enlarge your breasts. It would be like Internet carpet bombing. He'd surrender within days. http://www.usatoday.com/tech/columnist/kevinmaney/2003-02-11-cyberattack_x.htm - - - - - - - - - - Intrusion Detection, Or Intrusion Prevention? With a steady stream of announcements from vendors touting one or the other, IT security pros need to know where they stand. Especially when some are wondering whether passive monitoring can cut it all anymore. The mainstay intrusion-detections systems (IDSs) have served enterprises well enough over the years, but are they the right approach against today's breed of attack? http://www.techweb.com/tech/security/20030212_security - - - - - - - - - - Forensics on the Windows Platform, Part Two This is the second of a two-part series of articles discussing the use of computer forensics in the examination of Windows-based computers. In Part One we discussed the wider legal issues raised by computer forensics and the benefits of pre- investigation preparation. In this article we will concentrate on the areas of a Windows file system that are likely to be of most interest to forensic investigators and the software tools that can be used to carry out an investigation. http://online.securityfocus.com/infocus/1665 Forensics on the Windows Platform, Part One http://online.securityfocus.com/infocus/1661 - - - - - - - - - - Chat rooms common way to arrange risky sexual encounters Chat rooms on gay Web sites are becoming a common place for arranging risky sexual encounters, a survey found, as experts worry about a possible upswing in HIV infections. Research released Tuesday suggests that for some, the Internet serves the same hazardous purpose as gay bathhouses did in the early 1980s, when the AIDS virus first spread rampantly among homosexual men. http://www.usatoday.com/tech/news/2003-02-12-chat-rooms_x.htm http://www.nandotimes.com/technology/story/761318p-5493500c.html - - - - - - - - - - Intelligence agencies help test new GIS tool Two intelligence agencies will this week begin beta testing a tool that tags specific place names in text files and maps them on advanced geographic information systems for analysis, according to one of the companies that developed the product. http://www.gcn.com/vol1_no1/daily-updates/21142-1.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.