High Tech "NewsBits" for 05/01/03

NewsBits for May 1, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Man jailed for selling own 'stolen' car online--in parts German police detained a man who was selling his car piecemeal on the Internet after he had reported it stolen, authorities in the western town of Neuss said on Wednesday. A police spokesman said the 33 year-old reported the BMW stolen two months ago and then began selling off parts on an Internet auction site. Afterwards they spotted the chassis of the BMW being towed away with its new owner. http://zdnet.com.com/2110-1105_2-999171.html - - - - - - - - - - Galway electrician gets suspended sentence for child porn A 26-years-old electrician who used his credit card to buy child pornography from an American porn site on the internet, was given a suspended six-month sentence and fined 1,500 at Galway District Court this week. Imposing the suspended sentence, Judge John Garavan said he believed the accused had paedophiliac tendencies but he had pleaded guilty, had not distributed the images he had purchased to others, and in comparison to similar cases coming before the courts, the amount and type of material involved was not as serious. http://www.galwayadvertiser.ie/dws/story.tpl?inc=2003/05/01/news/33682.html - - - - - - - - - - Town fans' boss admits 20 child porn offences A BUSINESSMAN who heads a Huddersfield Town fans' group admitted possessing indecent photographs of children when he appeared in court yesterday. Graham Derek Hudson, 46, a human resources consultant, of Brier Hill View, Bradley, pleaded guilty to 20 charges. But Dewsbury magistrates decided to commit the case for sentence at Leeds Crown Court. Mr Zafar Siddique, prosecuting, told the court the case was a result of Operation Ore, a nationwide investigation into people who allegedly used the Landslide child porn website based in America. http://ichuddersfield.icnetwork.co.uk/0100news/0100localnews/page.cfm?objectid=12910752&method=full&siteid=50060&headline=Town%20fans'%20boss%20admits%2020%20child%20porn%20offences - - - - - - - - - - Former sheriff's lieutenant charged with possessing child porn A former Martin County sheriff's officer was arrested Thursday and charged with 97 counts of possession of child pornography, authorities said. Former Lt. Bruce L'Heureux, 56, was being held without bail at the Martin County Jail, sheriff's spokeswoman Sgt. Janell Atlas said. A U.S. postal inspector posing as a child pornography trafficker offered L'Heureux preteen and early teenage pornography, Atlas said, and he purchased the material. A search of L'Heureux's home turned up three computer disks containing child pornography, Atlas said. Federal charges were pending, she added. L'Heureux worked for the sheriff's office off-and-on since 1971 and retired about a year ago. http://www.heraldtribune.com/apps/pbcs.dll/article?Date=20030501&Category=APN&ArtNo=305011085 - - - - - - - - - - Another Man Arrested In Lake County Child Porn Ring Another suspect accused of being involved in a child pornography ring in Madison Township appeared in court Thursday. NewsChannel5's Lorna Barrett reported that police are investigating what could turn out to be an international child porn ring operating right out of Lake County. Perry Firestone, 40, pleaded not guilty to related charges. Authorities seized computers and other materials from his Madison Township home. Police fear that some of the victims had their pictures taken and sold over the Internet in a crime that could extend far beyond Madison Township. http://www.newsnet5.com/news/2173641/detail.html - - - - - - - - - - Danish company convicted, fined for sending e-mail spam A small software company in Denmark was convicted and fined Thursday for sending unsolicited commercial e-mail, known as spam. In the first such case in this Scandinavian country, the Maritime and Commercial Court in Copenhagen fined Fonn Danmark $2,200 under the country's ban on unsolicited advertising e-mail and faxes. The law was enacted in July 2000. Investigators said the company had sent 156 advertising messages. http://www.siliconvalley.com/mld/siliconvalley/news/5762085.htm http://www.siliconvalley.com/mld/siliconvalley/news/5761188.htm http://www.nandotimes.com/technology/story/874440p-6099494c.html - - - - - - - - - - Campus 'mini-Napster' suits settled The recording industry's trade association settled on Thursday copyright-infringement lawsuits against four university students, in deals that will see the students making payments to the industry for years to come. The four students were sued separately last month by the Recording Industry Association of America for running services that searched their college networks or other students' computers for MP3 song files and that also distributed songs off their own machines. The lawsuits were the first time the RIAA has directly sued students, as opposed to companies, associated with peer-to-peer piracy. http://news.com.com/2100-1027_3-999332.html http://www.usatoday.com/tech/news/2003-05-01-students-settle_x.htm http://www.wired.com/news/digiwood/0,1412,58703,00.html - - - - - - - - - - Sex.com conman continues ludicrous legal fight The conman found guilty of fraudulently stealing domain Sex.com and ordered to pay $65 million in damages has continued his farcical legal fight with a plea to the US Supreme Court. Stephen Michael Cohen, filed the appeal on Wednesday after both a San Francisco court in 2001 and the US Court of Appeals last year rejected his arguments. In the latter case, the three judges dismissed all grounds because Cohen had fled the country (with his ill-gotten gains secreted in various offshore accounts) and was a fugitive from justice in Mexico. http://www.theregister.co.uk/content/6/30520.html - - - - - - - - - - IBM denies charges of Unix theft IBM has denied SCO Group's allegations that it misappropriated Unix trade secrets, but Big Blue isn't giving hints about what its eventual strategy will be forbattling the lawsuit. In an 18-page filing in U.S. District Court in Utah, IBM said SCO Group's four formal charges are unfounded, denied the truth of dozens of SCO allegations, and accused SCO of trying to slow the work of the open-source community. http://zdnet.com.com/2100-1103_2-999261.html - - - - - - - - - - U.S. court approved 1,228 special terror warrants last year The government disclosed Thursday it requested and won approval for a record 1,228 warrants last year for secret wiretaps and searches of suspected terrorists and spies, a reflection of aggressive efforts to prevent terror attacks in the United States. U.S. Attorney General John Ashcroft disclosed the figures in a mandatory, two-paragraph report to the administrative office of the U.S. courts. Last year's total was significantly higher than the 934 warrants approved in 2001 and the 1,003 approved in 2000. http://www.securityfocus.com/news/4376 - - - - - - - - - - Bush cyber security czar going to eBay The White House cybersecurity adviser, Howard Schmidt, is leaving his position Thursday. He took over the job two months ago from Richard Clarke. Both men helped oversee the recent federal plan to secure cyberspace. Schmidt announced his resignation on April 21. During an interview with CNN on Thursday, Schmidt revealed that he will be returning to the private sector as eBay's chief security officer. The Internet site eBay is the top online auction service. http://www.cnn.com/2003/TECH/internet/05/01/cyber.czar/index.html http://www.washingtonpost.com/wp-dyn/articles/A1498-2003May1.html - - - - - - - - - - Lucent CEO tapped for U.S. security President Bush has enlisted Lucent Technologies' chief executive for a telecommunications group focused on national security. Patricia Russo joins a list of telecom luminaries who are members of the National Security Telecommunications Advisory Committee (NSTAC). The more than two dozen committee members include Verizon Communications Chairman Charles Lee, Motorola chief Christopher Galvin and SBC Communications CEO Edward Whitacre. http://news.com.com/2100-1037_3-999204.html - - - - - - - - - - Industry bodies hook up to crack e-crime A cross-industry group of vendors, lobby groups and users are to work together to identify problems with existing practices and legislation on cyber-crime. Parliamentary lobby group Eurim and the Institute for Public Policy Research, with support from vendors and users, plan to develop recommendations aimed at improving online security. http://www.vnunet.com/News/1140582 - - - - - - - - - - Security agents help track pilfered PCs, lower internal theft rates In the past, if a computer was stolen from an individual or corporation, there was little that could be done to recover it. The Stolen Computer Registry is one avenue that was used to help with recovery. The company, based in Tivoli, NY, registers a stolen computers serial number in its database. There is no charge to the owners of the stolen computers to have the serial number listed there. If the computer is recovered by a law enforcement agency, the serial number can be checked and tracked back to the original owner. http://www.techrepublic.com/article.jhtml?id=r00220030421gcn01.htm - - - - - - - - - - PayPal bans payments for porn on eBay PayPal has extended its ban on porn to include products from parent company eBay's 'mature audience' section. Other items include drugs, firearms and humans. PayPal, the payment service eBay purchased for $1.5bn (PS935m) in October, this month published its revised policy on processing payment for adult material. Only PayPal members can access the policy statement. http://news.zdnet.co.uk/story/0,,t269-s2134162,00.html - - - - - - - - - - Welsh nationalists in Citizens Advice Bureau hack outrage It appears that Welsh nationalists have launched an offensive on the source code of the Citizens Advice Bureau website. Yes, the Sons of Glyndwr have been busy behind the scenes on the site's page which encourages citizens to E-mail your MP! Fax your MP! Let your voice be heard! http://www.theregister.co.uk/content/28/30519.html - - - - - - - - - - AOL blocks 2bn spam emails in one day After committing to cut the amount of spam received by its members, AOL has more than doubled the number of emails being intercepted. AOL on Wednesday said it repelled more than two billion unsolicited commercial emails in a single day this week. Along with most Internet service providers and email services, the company has taken up arms to stem the waves of junk emails inundating peoples in-boxes. http://news.zdnet.co.uk/story/0,,t269-s2134168,00.html Lawmakers: It's open season on spam http://news.com.com/2100-1028_3-999020.html http://www.newsfactor.com/perl/story/21413.html http://www.washingtonpost.com/wp-dyn/articles/A60659-2003Apr30.html FTC court action seeks to block explicit spam http://www.usatoday.com/tech/columnist/ericjsinrod/2003-05-01-sinrod.htm Are blacklists killing more than spam? http://zdnet.com.com/2100-1105_2-999317.html Spam: Much Hated, Little Defined http://www.wired.com/news/politics/0,1283,58682,00.html Spam seen threatening e-mails future http://www.msnbc.com/news/907738.asp I will kill you if you stop this email http://www.theregister.co.uk/content/28/30498.html - - - - - - - - - - MS mulls external testing for security patches Microsoft is considering an external testing programme to improve the quality of its security patches. Difficulty in applying patches and instances where fixes fail to work properly - or cause unfortunate side effects - have long been an issue in Microsoft shops. Craig Fiebig, general manager of the Secure Business Unit at Microsoft, acknowledges this is an issue and outlined some of the steps Microsoft is taking to address the problem in the next phase of its Trustworthy Computing push. http://www.securityfocus.com/news/4377 MS reputation: Tarnished but not irreparable http://zdnet.com.com/2100-1105_2-999278.html - - - - - - - - - - Smartcard industry set to soar Increased security demands in government, financial services and healthcare will drive major growth in the smartcard industry over the next three years, according to analysts. http://www.vnunet.com/News/1140580 - - - - - - - - - - "A New Way to Catch a Hacker" The nonprofit Honeynet Project, the brainchild of computer security expert Lance Spitzner, has spent the last four years studying hackers and the intrusion methods they use by allowing them to break into honeypots --systems intentionally designed to be compromised. Spitzner's latest area of concentration is honeytokens, a 17-year-old security methodology in which seemingly important information that actually serves no useful purpose triggers an alert whenever it is viewed, captured, or downloaded. http://www.nytimes.com/2003/04/28/technology/28NECO.html - - - - - - - - - - What's the difference between a viral attack and a scan? Infosec exhibitors were yesterday urged to check their systems for a virus after the performance of the security conference's network took a severe hit. Exhibitors received an advisory from eForce, which is responsible for the networking and security of Olympia, Infosec's venue, that warned of an attack linked to a Trojan called Deloader. According to exhibitor MIS Corporate Defence Solutions, the virus had "some effect on the performance of the eForce Ethernet network", and "not all exhibitors were affected but undoubtedly some were". http://www.theregister.co.uk/content/55/30490.html - - - - - - - - - - Address security problems with a solid PDA use policy Although there are numerous security threats associated with PDAs, the two biggest issues are viruses and the theft of sensitive data. At first, the thought of losing sensitive data or contracting a virus because of a PDA may seem ridiculous. However, both threats are very real, and Ill explain why. Ill also give you a few tips on constructing an effective PDA policy for your users. http://www.techrepublic.com/article.jhtml?id=r00320030429pos01.htm - - - - - - - - - - Strengthen your network defenses with these four steps Recently, Microsoft has publicized the idea that if you want to have a truly secure network, you must focus your efforts in five primary areas: perimeter defenses, network defenses, application defenses, data defenses, and host defenses. In this article, I'll focus on network defenses, and provide four steps you can use to secure them. http://www.techrepublic.com/article.jhtml?id=r00220030430pos01.htm - - - - - - - - - - CIA opens new terrorism intelligence center The federal governments new hub for analyzing terrorism-related intelligence opened Thursday with a ribbon-cutting ceremony at CIA headquarters in Langley, Va. Named the Terrorist Threat Integration Center (TTIC), it is made up of counterterrorism analysts and agents from the CIA and the FBI. The center is the latest initiative in the Bush administrations ongoing realignment of federal agencies with responsibilities for fighting terrorism. The White House has said TTIC will fuse intelligence from across government about terrorists, their plans and operations to better understand where future threats lie. http://www.govexec.com/dailyfed/0503/050103h1.htm Homeland Security has not consolidated terrorist watch lists http://www.govexec.com/dailyfed/0403/043003h1.htm - - - - - - - - - Spammed by mom.love Parental e-mail takes an unexpected and unwelcome turn, but who's going to say no? Did you ever want to know that there are 17 uses, aside from the obvious, for Bounce dryer sheets? Do you yearn for the Irish prayer of the day? Do you need to know the definition of a True Friend, or want to read the latest USA-chest-pounding poem written by "a veteran"? Me neither. But I am being bombarded with the above-described e-mails, and many others, by a most unlikely source: my mom. She's spamming me. (LA Times article, free registration required) http://www.latimes.com/technology/la-wk-stay1may01,1,6910021.story *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.