NewsBits for May 9, 2003 sponsored by, Southeast Cybercrime Institute - ************************************************************ Virus at local retailer lands ex-employee in court Virus writing is beginning to feel the long arm of the law in SA, in line with international trends as the first case of its kind was heard in the Johannesburg Commercial Crimes Court last month. The case involves the ex-employee of a major local retailer appearing in court for allegedly introducing a virus into the company's computer system, resulting in losses for the company amounting to about R5 million. The virus first appeared in May 1999 in the company's mainframe computers and it was alleged that the employee released the virus after suffering a cut in salary due to certain IT functions at the company being outsourced. - - - - - - - - - - FTC accuses Web site owner of exploiting do-not-call list Federal officials have brought their first case against a Web-site operator they say was trying to exploit a new government do-not-call list, but the California man says he was only trying to help consumers fend off telemarketers. The Federal Trade Commission said Thursday that it filed a complaint in U.S. District Court in San Francisco against the Novato owner of two sites that promised to register consumers for the federal do-not-call list. The list will allow people to opt out of unwanted telemarketing calls. The FTC said the Web sites were misleading because the agency -- when it sets up the do-not-call registry this fall -- will not accept registrations from third parties.,10801,81103,00.html - - - - - - - - - - Man arrested for arranging for sex with 14-year-old boy A 30-year-old Ferndale man who thought he was meeting a 14-year-old boy to have sex discovered Wednesday he had been communicating with an undercover police officer. Norman Mikel Kovalchick was charged Thursday in 41B District Court in Mount Clemens with child sexually abusive activity and using a computer in the commission of a crime. Kovalchick communicated via computer in an Internet chat room with the pretend teen-ager from the Macomb Area Computer Enforcement task force and arranged to meet the boy at an unidentified location in Macomb County, Sheriff Mark Hackel said. The suspect was met by undercover and uniformed officers, and arrested. - - - - - - - - - - Police lure Valpo man to South Bend An investigator in the St. Joseph County prosecutor's office posed as a 13-year-old girl over the Internet and lured a potential child molester to South Bend. The suspect, 24-year-old Tony Mestrov of Valparaiso, was arrested at a 7-Eleven store, where he allegedly drove to meet the girl Wednesday night. But when he arrived, South Bend police officers were waiting to arrest him. According to the affidavit of probable cause, investigator Mitchell Kajzer said he logged into an Internet chat room Wednesday, pretending to be a 13-year-old female student. Just one minute after he entered the chat room, he received an instant message from a user called "sibenik -- hr." As the two exchanged messages, Kajzer allegedly told Mestrov that he was a 13-year-old girl who would like to meet him. - - - - - - - - - - Man nabbed at mall after setting up date with girl, 12 Ronald J. Grezmak arrived at Westfield Shoppingtown Belden Village prepared for his date with a 12-year-old girl. According to court records, the 41-year-old Wickliffe man brought a box of condoms with him. The van he drove had a mattress made up with blankets and pillows. But Grezmak actually arranged the date with an undercover police officer who posed as the 12-year-old girl while working with the Internet Crimes Against Children Task Force, which includes local police and FBI agents. When Grezmak arrived at the mall at about 5 p.m. Wednesday, Massillon and Jackson Township police arrested him. - - - - - - - - - - Police Sergeant Arrested On Child Porn Charges Police Sgt. Robert Gallen has been arrested for possession of child pornography, Police Chief Jeff Layman said Thursday. Gallen, a retired sergeant from the West Chester, Pa., police department, had been put on leave after an investigation was launched Feb. 28. Gallen was arrested Thursday by the FBI and taken to Denver, said Jeff Dorschner, spokesman for the U.S. Attorney. He could face up to five years in federal prison and a $250,000 fine. Gallen's arrest followed a tip to the Eagle County Sheriff's Office in February. Layman said. A search of Gallen's home and computers turned up child pornography, said Layman. "CBI let us know about the tip," Layman said. - - - - - - - - - - Police arrest woman accused of molestation, child pornography Child pornography, a dominatrix, and animals involved in sexual acts. This is actually a case the high-desert police are working on. Early this morning they arrested a middle- aged Yucca Valley woman accused of molesting a young boy and posting explicit pictures on the internet. This case is almost too sensational to seem real, but police say a 52 year old woman, who works in the sex industry, actually profited off of having sex with her 16 year old neighbor. - - - - - - - - - - Macalester student facing charges in child porn case A Macalester College student was arrested Thursday on charges of using the college's computer system to store and distribute child pornography on the Internet, allegedly sending and receiving thousands of images and movies depicting children as young as infants and toddlers engaging in sexual performances. The huge volume of illicit images suggests that authorities may have broken up a commercial child pornography operation, said Ramsey County Attorney Susan Gaertner. Joshua Stafford Bertsch, 22, of Sioux Falls, S.D., turned himself in to St. Paul police Thursday to face 20 counts of possessing and disseminating child pornography. - - - - - - - - - - Anger over Who star's child porn caution CAMPAIGNERS for the victims of child abuse today hit out after rock legend Pete Townshend escaped charges despite admitting looking at internet child porn. A spokesman for Phoenix survivors' charity, said: "We are appalled at the leniency of the punishment Townshend received." He said it should not have mattered that Townshend was not himself involved in the abuse of children. "It makes little difference to what happens to us if the sex offender is behind the monitor, the lens or the blanket ... our suffering doesn't change" . - - - - - - - - - - CERT warns of 'Peido-B' virus threat The CERT Coordination Center is warning Internet users to beware of a new e-mail-borne threat that could allow an attacker to run malicious code on a victim's computer. The new threat, known as "Peido-B," "VBS/Inor.B" or "Mother's Day Virus," arrives in an e-mail that masquerades as an administrative message. The e-mail contains the text "THIS IS A WARNING MESSAGE ONLY YOU DO NOT NEED TO RESEND YOUR MESSAGE" and contains an executable attachment named "sys_con.hta," according to an alert posted by Sophos PLC. When recipients launch the attachment, a Trojan program known as "Troj/DLoader-BO" is installed on the user's system. Trojan programs are malicious software, often masked as legitimate programs, that secretly compromise computer security.,10801,81106,00.html - - - - - - - - - - Canuck Cops Nab True Crime Writer Anxious over a pending court case launched by an aggressive provincial government, a Canadian author voluntarily shut down his personal website Thursday. "I pulled the whole site, not because there was anything on the remaining pages that were (sic) offensive,'' said Stephen Williams. Rather, the Canadian journalist said he was exercising "an abundance of caution" in the face of a double-barreled "criminal and civil assault" the Ontario provincial government is currently pursuing against him.,1284,58779,00.html - - - - - - - - - - Internet pirates hawk fake Potter Real theft boosts claims, but files just expropriated fan fiction. The tale is part true. Copies of the years most highly-anticipated book, Harry Potter and the Order of the Phoenix, have been discovered prior to its official release. But the text has not made its way onto the Internet. Instead, disappointed Web surfers who download supposedly pirated copies of the book are getting fan-written stories that have simply been relabeled. At least for now, an early glimpse of the latest Potter book remains a fantasy. - - - - - - - - - - Agencies warn SARS spammers Two federal agencies are targeting sites and spammers that promote SARS cures and prevention products, saying they must remove the misleading information or risk penalties. The Federal Trade Commission (FTC) and the Food and Drug Administration (FDA) are warning that people who hawk products related to SARS (severe acute respiratory syndrome) could be subject to fines because their claims are not backed up by scientific evidence. - - - - - - - - - - Scammers fake Information Commission ID Fraudsters claiming to be from the Information Commission are demanding data registration fees Companies have been warned to be on the lookout for a new scam concerning registration under data protection laws, which involves fraudsters arriving at offices and requesting a PS95 fee. - - - - - - - - - - Flaw found in Hotmail, Passport code Millions of Web surfers have been sleeping with their digital front doors open for months, thanks to a flaw in Microsoft software code. About 200 million users of Microsoft's free Hotmail e-mail service and Passport online identity service were vulnerable to having their accounts stolen, until a hacker publicly exposed the security hole and Microsoft closed it Thursday. The hole is another in a string of embarrassing security slip-ups for Microsoft. This incident attracted attention for two unusual reasons: It affected so many users, and anyone who knows how to use e-mail and a Web browser could have stolen people's private e-mails, or even purchased online merchandise using stolen credit-card data. $2 trillion fine for Microsoft security snafu?,,t269-s2134469,00.html Trust Us: MS Admits Security Gap,1282,58787,00.html Microsoft: Customised security is safer,,t269-s2134471,00.html Week in review: Passport predicament - - - - - - - - - - PITAC nominees strong in cybersecurity President Bush announced May 8 that he plans to appoint 25 new members to the President's Information Technology Advisory Committee (PITAC), which offers advice on maintaining America's dominance in advanced information technologies. The panel provides information to the president, Congress and federal agencies involved in IT research and development, and helps guide the Bush administration's efforts to accelerate the development and adoption of IT policies for the nation. - - - - - - - - - - Feds Doing More Secret Searches A record number of searches and wiretap orders granted by the Foreign Intelligence Surveillance Court in 2002 underscores a growing trend of reliance on the secret court in government investigations, privacy advocates say. Since FISA's inception in 1978, the court has approved every FBI application it has received, despite disclosing last year in a report that the agency had misled FISA judges in 75 cases.,1283,58774,00.html - - - - - - - - - - UK bookies toe the US government line The US government is pressurising bookies and credit card companies to block US citizens from gambling online, in an effort to save 'the American Family' UK bookies are this week ruing a US decision to press on with attempts to stop Americans accessing overseas betting sites. Most US states remain strongly anti- gambling and many Americans have to register with offshore services in order to place a wager. However, the government is now moving to block that activity -- claiming it has the interest of 'the American family' at heart.,,t269-s2134495,00.html - - - - - - - - - - Broadband 'increases security risk fivefold' While DSL gives businesses a performance boost, it also opens up a nasty can of worms, viruses and hackers - something many firms are still ignorant of Analysts have calculated that a business running a broadband Internet connection is five times more vulnerable to a security breach than one that uses dial-up.,,t269-s2134485,00.html - - - - - - - - - - Two-thirds of staff write down passwords Two-thirds of corporate computer users admit to having written down IT access passwords at least once, a recent survey has revealed. According to the study, conducted online at and sponsored by security firm Rainbow Technologies, the reason is that 75 per cent of all companies require end users to change passwords at least every 13 weeks. - - - - - - - - - - Security problems persist with instant messaging Security problems relating to the unfettered use of consumer chat software on corporate networks are fueling the adoption of tougher security measures and more commercial-grade products, users and analysts said. Ongoing concerns about instant messaging (IM) security were heightened this week by the disclosure of six vulnerabilities in America Online Inc.'s Mirabilis ICQ IM client software. Two of them are particularly dangerous and could result in hackers gaining full administrative control of a victim's computer, according to Ejovi Nuwere, a security engineer at Core Security Technologies Inc., the Boston software company that discovered the flaws.,10801,81104,00.html - - - - - - - - - - Companies are unprepared for California data privacy law Companies doing business in California have a compelling reason to bolster their data security. A tough new state law that goes into effect July 1 will require companies that maintain data on California residents to inform individuals of any security breaches that result in their personal information being stolen. Apart from those in the financial services and health care sectors, few companies appear to be aware of the pending rules, according to some legal experts. That could be dangerous, since failure to comply with the statute's requirements could expose companies to potentially costly lawsuits, legal experts warned. "The law is a sleeper that has not received much national attention," said Christopher Wolf, a partner in the Washington office of Proskauer Rose LLP.,10801,81096,00.html - - - - - - - - - - Student's Sense of Privacy Disappears on the Internet Seventeen-year-old Jordan Shiffler felt exposed. There was his unsmiling face on a school-related Internet site. His date of birth, home phone number and address. His SAT scores, grade-point average and class rank. The Riverside County teenager was ribbed by classmates about his test scores and, with his life out there for the world to see, Shiffler and his parents feared the site might attract identity thieves, sexual predators, stalkers, child abductors or killers who troll the World Wide Web for prey. (LA Times article, free registration required),1,2347849.story - - - - - - - - - - Before Friday Comes Spamday Study identifies trends, growth of unsolicited e-mail. Nearly half of all e-mail messages sent are spam, according to research conducted by the British ISP BT Openworld and antivirus firm Brightmail, and the spammers' favorite day to stuff your mailbox is Thursday. BT monitored more than 25 million e-mail messages sent by its customers over a two-week period in March. It found that nearly 11 million-- 41 percent--of the messages were junk e-mail.,aid,110639,00.asp Spam, spam, spam, spam - - - - - - - - - - Sprint adds security to FTS 2001 Sprint has added new managed security services to the General Services Administration FTS 2001 contract. The services, including multitier security profiles, expand the options for agencies trying to keep data safe. Sprint also has added private-key infrastructure, intrusion detection and increased user authentication capabilities to the contract. - - - - - - - - - - Smart disk to protect laptops Firms looking for a way to secure sensitive information on staff laptops may be interested in a new encryption tool from Thales E-security. Guardisk automatically secures all files placed on the hard disk, preventing them from being accessed if a laptop is lost or stolen, according to Thales. Guardisk is currently being deployed by UK government departments, but will be available in a commercial version later this year. It consists of a module that replaces the hard disk of a laptop, plus a contactless smartcard. The user must have the smartcard and supply a password before the laptop will boot up. - - - - - - - - - - Security forum to be held in June Infosecurity Canada will hold its trade show and conference from June 3 to 5 at the Sheraton Centre in Toronto. The conference is designed for business owners and managers along with IT professionals interested in IT security so they can gather information, exchange ideas and shop for the products and services. - - - - - - - - - - Is Your PC Infected with 'Spyware'? Most free file-sharing programs, such as Kazaa, Morpheus, BearShare, and Grokster, contain spyware programs that track users' habits as they swap songs and other digital files. Does it seem like your computer has a mind of its own? When you go on the Internet, for instance, does it seem like you're always seeing the same pop-up advertisement for a new car? Or perhaps every time you open up a Web browser, it takes you to a strange site that offers free games or a search engine that you've never heard of? Chances are you're one of the many millions of Net surfers whose computer has been infected with so-called spyware -- programs that can monitor your online habits, change your computer's settings, and send personal information Latest News about personal information back to advertisers. - - - - - - - - - - Feds, health insurers focus on sharing bioterror data The U.S. Department of Homeland Security on Monday plans to begin a five-day exercise to test government and private- sector information-sharing in response to mock terrorist attacks involving weapons of mass destruction. The White House is billing the exercise, called TopOff 2 (for Top Officials 2), as the most comprehensive terrorism-response exercise ever undertaken in the U.S. It will include 19 federal agencies, the American Red Cross and officials from Washington, Illinois, the District of Columbia and Canada. The scenario will consist of near-simultaneous mock attacks involving a radiological device in Seattle and the covert release of a biological agent in Chicago. A key aspect of the exercise will be the ability of state and local officials in the U.S. and Canada to identify medical patients complaining of symptoms that indicate exposure to a biological agent and to communicate that information in a timely manner to other federal and state officials.,10801,81109,00.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2003,, Campbell, CA.