NewsBits for May 13, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ 'Fizzer' computer virus spreading fast A new and complex computer virus called "Fizzer" spread rapidly across the Internet on Monday, infecting computers across the world via e-mail and the file-swapping service Kazaa, computer security experts said. Businesses in Asia were the first to report the attack, followed by reports of tens of thousands of infections in Europe, and experts were expecting more cases in North America. http://timesofindia.indiatimes.com/cms.dll/html/uncomp/articleshow?msid=46245033 Sneaky virus spreading rapidly http://news.bbc.co.uk/1/hi/technology/3021927.stm http://computerworld.com/securitytopics/security/story/0,10801,81150,00.html Fizzer worm attacks worldwide http://196.30.226.221/sections/internet/2003/0305130755.asp http://www.internet-magazine.com/news/view.asp?id=3408 http://www.latimes.com/technology/la-fi-rup13.2may13,1,518385.story - - - - - - - - - - Australian students face piracy trial The trial of three tertiary students arrested over a music piracy ring alleged to have cost the music industry around AU$60 million (US$39 million) has been adjourned until July 8. Charles Ng, Tommy Le and Peter Tran were last month charged with copyright offences by the Australian Federal Police (AFP), following an investigation assisted by Music Industry Piracy Investigations (MIPI) that lasted several months. They were charged over an Australian-based Web site, MP3 WMA land, which allegedly offered illegal downloads of copyright-protected music and received seven million visitors. http://zdnet.com.com/2110-1105_2-1001287.html - - - - - - - - - - Spammer makes deal with US watchdog Allegedly sent nine million emails to raise money via fake investment websites. A US spammer, alleged to have fraudulently raised over $100,000 through nine million emails, is facing charges filed by US financial authorities. KC Smith, 20, of Kentucky, is accused of using the logo of US regulator the Security and Exchanges Commission (SEC) to add authenticity to two websites that claimed to offer high-return, low-risk investment. http://www.vnunet.com/News/1140857 http://www.siliconvalley.com/mld/siliconvalley/news/editorial/5843935.htm http://computerworld.com/securitytopics/security/cybercrime/story/0,10801,81188,00.html - - - - - - - - - - The world's biggest convicted child pornographer Last week Pete Townshend lost his reputation and gained five years on the sex offenders register after accessing a child porn website. Should he ever feel the need to find out, his troubles began in a handsome but small red-brick building on the corner of Main Street in Fort Worth, Texas. That was where a geeky Texan called Thomas Reedy first set up an internet adult porn business. It was a business that mushroomed into something far more chilling. Reedy's desire for cash led him to galvanise an illegal but rampant desire for hard-core child pornography. Within two years, the hard drives on the computers of Thomas Reedy's Landslide Productions were bulging with credit card details from 250,000 internet customers across the globe. Child porn consumers from 60 countries were being satisfied by Reedy's operation. One of those who entered their credit card details was Pete Townshend of The Who. In February, Reedy's building was demolished to make a car park. A global centre for child porn was in ruins - as Townshend's career also appears to be. Reedy is now sitting in a Texan prison contemplating one of the world's longest ever sentences - 1,335 years, 15 years for each of the 89 charges, to run consecutively. His wife, Janice, who worked at the business, received 14 years. http://news.independent.co.uk/world/americas/story.jsp?story=405670 - - - - - - - - - - LONGVIEW MAN ASSESSED 180 MONTHS FOR CHILD PORN A Longview man was sentenced Friday to 15 years in prison on charges of child pornography. Tracy Reynolds, 41, was sentenced to 180 months by U.S. District Judge T. John Ward in Marshall after prosecutors said he "admitted to enticing six girls, under the age of 18, to permit him to take sexually explicit pictures" in Texas and California, according to a statement from the U.S. Attorney's Office, Eastern District of Texas. The pictures were allegedly taken from May 2000 to February 2002 in both states, the statement said. In each instance, prosecutors allege Reynolds saved the pictures to computer files and transported at least some of them over the Internet. A tip from Danish police led the U.S. Customs Service to arrest Reynolds on Feb. 24, 2002. The U.S. Customs Service investigated the case. Assistant U.S. Attorney Alan Jackson prosecuted the case. http://www.zwire.com/site/news.cfm?newsid=7969414&BRD=1994&PAG=461&dept_id=341384&rfi=6 - - - - - - - - - - Resentencing Ordered In Porn Case A federal appeals court has ordered that a former Yale professor convicted of child pornography charges be resentenced because the judge issued a harsher sentence than called for under federal guidelines. Antonio Lasaga, 53, is serving a 15-year sentence at a federal prison in Maryland for downloading child pornography and possessing videotapes depicting the sexual abuse of a boy he had befriended at a school mentoring program in New Haven. Though the court decision could help Lasaga shave nearly four years from his federal sentence, he is serving a concurrent 20-year term on a state conviction for repeatedly raping the boy. That appeal is pending. http://www.ctnow.com/news/local/hc-lasaga0513.artmay13,0,7611413.story - - - - - - - - - - PROSECUTORS WANT CHILD PORN INFO BROUGHT TO COURT Attorneys for a young Tyler man accused in a love triangle conspiracy that ended in a bloody murder want evidence uncovered by prosecutors showing the victim was a child pornographer. Matt Bingham, chief felony prosecutor for Smith County, said in court on Monday Jeffrey Joplin's computer system, found in his Lake Palestine home, reveal images of child pornography. In a pretrial hearing, Bingham told state District Judge Diane DeVasto the state was not refusing to turn over evidence, but wanted a judge's order instructing him to do so because of the nature of the evidence. http://www.zwire.com/site/news.cfm?newsid=7991774&BRD=1994&PAG=461&dept_id=227937&rfi=6 - - - - - - - - - - Physician ordered released in Internet teen-sex case Federal prosecutors in Mobile today plan to appeal a judge's Monday ruling that would release a world-class chess player from jail pending his trial on charges he drove to Mobile to have sex with a 15-year-old girl. Alex Sherzer, a physician from the Baltimore area, was arrested Friday morning outside Strickland Youth Center, a juvenile lockup where he hoped to rendezvous with the teen whom he had romanced over the Internet, federal agents allege. At the conclusion of a Monday afternoon detention hearing, U.S. Magistrate Judge William Cassady announced he would set conditions of release for Sherzer, a 32-year-old who studied medicine overseas where he dined regularly with famed former chess champion Bobby Fischer, according to published accounts. http://www.al.com/news/mobileregister/index.ssf?/xml/story.ssf/html_standard.xsl?/base/news/1052817374151240.xml - - - - - - - - - - Three arrested in teen rape in Reno Three suspects have been arrested in the rape of a 17-year-old Reno teenager, the Washoe County sheriff's office said Monday. The victim apparently met one of the suspects in a teen chat room on the Internet, Sheriff Dennis Balaam said. She agreed to meet him and was taken to a party May 8 in Sun Valley that was attended by local gang members. Authorities said the victim became intoxicated and was driven to an address off McCarran Boulevard and West 7th Street, where she was sexually assaulted. Balaam said detectives, with assistance from the Regional Gang Unit, were able to locate, interview and subsequently charge three people. http://www.lasvegassun.com/sunbin/stories/nevada/2003/may/12/051210048.html - - - - - - - - - - LovGate worm reappears in Asia It's back. The Lovgate e-mail worm, last seen in February, has reappeared in Asia in several new variants. Security firm Trend Micro has reported seeing the virus in Singapore, South Korea and Japan and has given it a medium risk alert rating. WORM_LOVGATE.J, named after the virus program, is currently spreading in Korea, from where there has been a "significant number of infection reports", according the statement from Trend Micro. http://zdnet.com.com/2110-1105_2-1001290.html - - - - - - - - - - Court sets limits on digital snooping In a ruling that marks a victory for privacy proponents, a federal appeals panel is allowing a group of Web surfers to sue a company that gathered certain data about them without their consent. The decision, handed down Friday by the First Circuit U.S. Court of Appeals, clears the way for some pharmaceutical Web site users to pursue a class-action case against the operators of Boston- based Pharmatrak. The lawsuit alleges that the now- defunct Web traffic analysis company violated the Electronic Communications Privacy Act (ECPA) by intercepting communications without permission. http://zdnet.com.com/2100-1105_2-1001081.html - - - - - - - - - - Universal Music suit says Bertelsmann aided piracy The world's largest record label is suing Bertelsmann AG, saying the German media conglomerate's investment in Napster enabled music piracy on a massive and unprecedented scale -- and it should pay for the thievery. Universal Music Group's suit, filed Monday in U.S. District Court in New York, alleges that Bertelsmann not only rescued the ``infamous'' Napster service when it was near financial failure, but sanctioned unauthorized music downloads to further its business goals. Universal said Bertelsmann should be liable for ``millions upon millions of infringements'' by Napster's users. http://www.siliconvalley.com/mld/siliconvalley/5848803.htm http://www.nandotimes.com/technology/story/886115p-6174127c.html http://news.zdnet.co.uk/story/0,,t269-s2134622,00.html RIAA using guerilla tactics to stop piracy http://www.nandotimes.com/technology/story/886199p-6174579c.html RIAA apologizes for erroneous letters http://news.com.com/2100-1025_3-1001319.html http://news.zdnet.co.uk/story/0,,t269-s2134605,00.html - - - - - - - - - - Nelson to file legislation attacking junk e-mail With unsolicited e-mail consuming his staff members' time and crowding their inboxes, U.S. Sen. Bill Nelson said he will file legislation Tuesday to make such "spam" illegal. Nelson's bill would allow prosecutors to use federal racketeering laws against the worst of the marketeers, including those who conceal their identity with forged e-mail addresses. Nelson, a member of the Senate committee that regulates electronic commerce, intends to introduce the legislation Tuesday in Washington. http://www.usatoday.com/tech/news/2003-05-13-spam-nelson_x.htm - - - - - - - - - - Security research exemption to DMCA considered Computer security researchers would be allowed to hack through copy protection schemes in order to look for security holes in the software being protected, under a proposed exception to the Digital Millennium Copyright Act (DMCA) being debated in official hearings this week. Enacted as an anti-piracy measure in 1998, after fierce lobbying from the motion picture and recording industries, the DMCA's anti-circumvention provision generally makes it unlawful for anyone to "circumvent a technological measure that effectively controls access" to DVD movies, digital music, electronic books, computer programs, or any other copyrighted work. http://www.securityfocus.com/news/4729 - - - - - - - - - - U.S. Agencies Defend Data Mining Plans Government officials in charge of two data mining projects that have been criticized by privacy advocates told Congress last week that the information to be collected will be much more limited in scope than opponents have feared. James Loy, director of the U.S. Transportation Security Administration (TSA), and Anthony Tether, director of the Defense Advanced Research Projects Agency (DARPA), both tried to assuage concerns that large amounts of personal data about U.S. citizens will be gathered and stored as part of the two IT projects. Loy and Tether testified at a House subcommittee hearing on whether data mining programs could help improve national security. http://computerworld.com/securitytopics/security/privacy/story/0,10801,81063,00.html - - - - - - - - - - China censors text messages about Sars In order to stop rumours about Sars and 'protect the government', China is using a tracking technology to block certain text messages from mobile phones. China has cracked down on rumours about Sars being spread through mobile phone messages with a tracking system used to guard against perceived threats to the government, industry sources say. http://news.zdnet.co.uk/story/0,,t269-s2134617,00.html http://zdnet.com.com/2110-1104_2-1001273.html - - - - - - - - - - Hackers claim to use iTunes for music sharing A new version of Apple's iTunes software appears to be enabling Internet-based music sharing, something that could land the computer maker in hot water. Apple Computer's iTunes software has apparently opened up a new way for Macintosh owners to share music collections across the Internet. http://news.zdnet.co.uk/story/0,,t269-s2134602,00.html http://zdnet.com.com/2100-1105_2-1001121.html - - - - - - - - - - Taking aim at denial-of-service attacks Graduate students from Carnegie Mellon University on Monday proposed two methods aimed at greatly reducing the effects of Internet attacks. In two papers presented at the IEEE Symposium on Security and Privacy here, the graduate students suggested simple modifications to network software that could defeat denial-of-service attacks and that could be implemented in the current protocol used by the Internet. The symposium, sponsored by the Institute of Electrical and Electronics Engineers, began Sunday and lasts through Wednesday. http://news.com.com/2100-1009_3-1001200.html http://news.zdnet.co.uk/story/0,,t269-s2134626,00.html - - - - - - - - - - Hacking 2003: The new agenda Bank robbers rarely choose a target at random when planning a heist. They usually have intimate knowledge of their target, scope it out and plan the attack. We see a similar approach now being used on the Internet. But the goal for hackers is changing. Five or six years ago, most were mere vandals, attacking vulnerable targets with an experimental, shotgun approach. Malicious hackers concentrated their efforts on destructive viruses and swiftly spreading worms that crawled haphazardly across the Internet, infecting individuals and corporations indiscriminately. The only real payoff these hackers received was a perverse pride--bragging rights and the ability to regale others with the scope of their destruction. http://news.com.com/2010-1071_3-1001016.html - - - - - - - - - - Policy Driven Security Most security vendors don't know what policy driven security is. And, frankly, neither do most users. Yet they talk about it as if it is obvious. What they refer to as policy is little more than configuration rules. For example, rules that determine how firewalls, IDS or access control mechanisms allow access to a resource. Such rules lack the granularity that allows them to adequately represent business and business function objectives and to link interactively with overarching operational policies and standards. http://www.it-director.com/article.php?articleid=10829 - - - - - - - - - - Can a wicked website stop youth crime? A third of boys aged between 14 and 15 say they have committed a crime. Can a PS1.1m government website keep such teenagers on the straight and narrow? Having been chucked out by her mum for smoking weed, Jodie winds up living in a squat and stealing to buy heroin. Jasper is in a hospital bed recovering from a stab wound inflicted, ironically, by an illegal knife he carried as protection against the estate hard men. http://news.bbc.co.uk/2/hi/uk_news/3023199.stm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.