NewsBits for May 22, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Cyber-punk arrested in new scam Smart-aleck Queens teen Shiva Sharma didn't learn his lesson. The computer-savvy young man, who was busted for identity theft four months ago, was charged again yesterday with targeting America Online users in a new and even more lucrative scam. "It is deplorable that the defendant, a young man, appears to so lightly regard the consequences of his allegedly criminal conduct," Queens District Attorney Richard Brown said. http://www.nydailynews.com/front/story/85857p-78336c.html http://www.nypost.com/news/regionalnews/76372.htm - - - - - - - - - - Software scamster nabbed in Bangkok A Ukrainian man sought by high-tech crime investigators in Northern California since 2000 for allegedly selling pirated software titles has been arrested in Thailand, prosecutors announced Wednesday. Maksym Kovalchuk, 25, of Ternopil, Ukraine, was nabbed Tuesday at an ice cream parlor in downtown Bangkok. In a complaint filed in San Jose in 2000, Kovalchuk is charged with trafficking in counterfeit goods, copyright infringement, money laundering and possession of unauthorized credit card information. http://www.usatoday.com/tech/news/2003-05-22-bangkok-collar_x.htm http://www.sfgate.com/cgi-bin/article.cgi?f=/chronicle/archive/2003/05/22/BU144323.DTL http://www.siliconvalley.com/mld/siliconvalley/news/editorial/5920226.htm http://www.news24.com/News24/Technology/News/0,,2-13-1443_1362931,00.html - - - - - - - - - - Man charged in sex assault of girl he met on Internet A Greeley man has been charged with sexually assaulting a teenager he met in an Internet chatroom. Greeley police went to Poudre Valley Hospital in Fort Collins last month when a teenager said she had been sexually assaulted. The 17-year-old told police she met Robert Eugene Renfro, 56, on the Internet and agreed to meet him at a Windsor fast-food restaurant, according to an arrest warrant. They went to a liquor store, and Renfro bought beer, tequila and vodka. At his home in Greeley, the teen drank alcohol, got drunk and vomited. As she was lying on his bed, he began touching her. She told police she tried to get up but he held her down. Then she passed out. When she woke up there were signs that she had been sexually assaulted, she said. http://www.greeleytrib.com/apps/pbcs.dll/article?AID=/20030522/NEWS/305220005 - - - - - - - - - - Child Porn Sentence Twenty-three-year-old Aaron Georgeson had agreed to plead guilty in March to possession of child pornography and promoting the sexual conduct of a minor. Authorities say Georgeson's girlfriend found pornographic pictures on his computer and called police. Prosecutor Cynthia Feland says investigators found several hundred pictures. Georgeson's attorney, Ralph Vinje, says two-and-one-half years is a long time for viewing images. Judge Bruce Haskell sentenced Georgeson to ten years with all but two-and-one-half years suspended for each of nine felony counts, and a year on the other count. The terms are to be served at the same time. http://www.kxma.com/news/local.asp?ID=2355 - - - - - - - - - - Man arrested on suspicion of possessing child pornography A Silver Springs man was arrested Tuesday on suspicion of multiple felony allegations of possession of child pornography, authorities said. James W. Leinberger, 56, was arrested without incident at his home Thursday morning, said Robin Hall, investigator for the Lyon County Sheriffs Office. He downloaded pictures from the Internet and saved them to other media, like CDs, Hall said. The arrest was the result of a year-long joint investigation between the sheriffs office and the FBI, he said, and may result in additional arrests. Leinberger is married and retired. He moved to Nevada in 1999 from San Jose, Calif., Hall said. http://www.rgj.com/news/printstory.php?id=42656 - - - - - - - - - - Former U.S. Coast Guard employee indicted for child pornography A former U.S. Coast Guard employee was indicted Wednesday for downloading and storing child pornography on his work computer. The indictment filed in U.S. District Court says that a Coast Guard computer team doing routine server maintenance in Boston last November found child pornography on Dennis Hood's computer, according to an affidavit from federal investigator Jennifer A. Walker. An investigation of Hood's computer use found he had visited about 170 Web sites that appeared to be pornographic over a 13-month period. About half of those sites made reference to teenagers or children, according to the affidavit. Hundreds of pornographic images some of them of children were found on his work computer. http://www.boston.com/dailynews/141/region/Former_U_S_Coast_Guard_employe:.shtml - - - - - - - - - - PayPal Scam Rises Again PayPal users are once again the targets of a hit-and-run e-mail scam aimed at conning them out of their personal and financial information. On Thursday, netizens began receiving a convincing forgery of a PayPal e-mail, with the subject line "PayPal Verification" and the false return address verification@paypal.com. The text of the message claims that PayPal -- owned by online auctioneer eBay -- has launched an anti-fraud initiative that requires the recipient to verify their account information on a particular website, "as part of our continuing commitment to protect your account." http://www.securityfocus.com/news/5039 - - - - - - - - - - US anti-terror law used against hackers, thieves The enhanced search and surveillance powers Congress gave the Justice Department in the USA-PATRIOT Act haven't just been used in the war on terror: it turns out they're helpful in everything from spying on credit cards fraudsters to tracking down computer hackers. On Tuesday lawmakers on the House Judiciary committee publicly released the Justice Department's written response to a laundry list of congressional questions probing law enforcement's use of the Act, which passed as an anti-terror measure in October 2001. http://www.theregister.co.uk/content/55/30824.html Panel presses Ridge on cybersecurity, information analysis http://www.govexec.com/dailyfed/0503/052203tdpm1.htm - - - - - - - - - - Gates: Spam erodes trust in technology Bill Gates told a US Senate committee that spam costs businesses billions of dollars. He also made some suggestions about how to deal with the growing problem. Microsoft chairman Bill Gates weighed in on the spam debate for a congressional hearing Wednesday, outlining in a letter the legal measures he believes are necessary to stop junk email. "The torrent of unwanted, unsolicited, often offensive and sometimes fraudulent email is eroding trust in technology, costing business billions of dollars a year, and decreasing our collective ability to realise technology's full potential," Gates wrote to Senators John McCain and Ernest "Fritz" Hollings of the US Senate Committee on Commerce, Science and Transportation. http://news.zdnet.co.uk/story/0,,t269-s2135093,00.html First Anti-Spam Day launched http://news.zdnet.co.uk/story/0,,t269-s2135081,00.html http://zdnet.com.com/2100-1105_2-1009016.html http://www.siliconvalley.com/mld/siliconvalley/news/editorial/5920220.htm - - - - - - - - - - Federal, state rape laws in conflict The questions are moot for Alex Sherzer, the 32- year-old Maryland man accused of driving to Mobile earlier this month to have sex with a 15-year-old girl. But had the circumstances of the case been slightly different, some interesting problems might have popped up. For instance: If a teen is 16 -- the legal age of consent in Alabama, but still a child in the eyes of the federal government -- who would decide whether an adult has broken the law? How much do the impressions of a teen's parents affect the law in determining whether an adult has committed any crime? Does it matter, in a legal sense, whether the adult has wooed the younger person on the Internet, over the telephone, in person or with the mail? http://www.al.com/news/mobileregister/index.ssf?/xml/story.ssf/html_standard.xsl?/base/news/10535949557170.xml - - - - - - - - - - Concern over rise in child porn The Dutch anti-child porn group Meldpunt Kinderporno said in its 2002 annual report, that 80 of the 226 cases reported to the investigation department of the national police, KLPD, wound up in court, double the amount in 2001. It said the public reported 6,119 cases of child pornography being spread on the Internet last year, 20 percent more than in 2001. The growth was mainly attributed to unsolicited spam email, with the majority of the pornography being traced back to foreign websites, primarily in the US, Russia and Spain. http://www.expatica.com/index.asp?pad=2,18,&item_id=31456 - - - - - - - - - - Don't copy Matrix hacking, says BCS Copy Trinity and you could face jail, warn lawyers Computing enthusiasts tempted to emulate the hacking scene in box office smash The Matrix: Reloaded will face tough legal penalties including jail, industry experts have warned. The British Computer Society (BCS) is concerned about the film's highly accurate depiction of hacking, and has warned users that the practice is illegal and that perpetrators face tough prison sentences. http://www.vnunet.com/News/1141103 - - - - - - - - - - Gator 'spyware' investigated by Harvard Gator's 'pop-up advert' utility has been the subject of numerous court battles in the US. A recent investigation by Harvard University has provided insights into the controversial software. A Harvard University researcher has completed an investigation of the Gator advertising utility, offering a glimpse into the workings of one of the Web's most controversial pop-up networks. http://news.zdnet.co.uk/story/0,,t269-s2135089,00.html - - - - - - - - - - "Hacker" is actually Nowadays, hacker is an extremely actual concept. Recently, special services of the USA arrested 130 person suspected in hacking. Arrest became a result of operation "E-Con", which has been carried out by FBI, Secret Service, Customs Service and other federal law enforcement bodies in 43 states and the adjoining countries. In total suspected are brought to 90 cases with 89 thousand victims who have lost more than $17 million. Besides the mentioned operation, federal agents have arrested 50 people in addition and 12 people have been recognized guilty. http://www.crime-research.org/eng/news/2003/05/Mess2201.html - - - - - - - - - - Hackers flex growing cyber muscle in China Trojan horses don't just rear their heads in ancient Greek mythology, as Chinese Internet search engine Baidu learned the hard way. In a classic assault, hackers launched a carefully planned attack on the firm last week by first installing a rogue program on computers used by one of its trading partners. That program soon began calling on Baidu's Web site at a rate of more than 1,000 times per second, effectively blocking out everyone else for 60 hours. http://www.usatoday.com/tech/world/2003-05-22-chinese-hackers_x.htm - - - - - - - - - - Microsoft leaves IE users "defenceless" to trojan attack KASPERSKY LABS said that the StartPage trojan, which exploits a hole in Internet Explorer, sets a particularly dangerous precedent because Microsoft hasn't issued a patch for it yet. The firm said that the trojan infects computers using the "Exploit.SelfExecHtml" hole in what it describes as IE's "security" system. And, Kaspersky claimed that because Microsoft hasn't yet released the patch for the hole, it is "essentially leaving users defenseless in the face of this and other, potentially more dangerous threats choosing to exploit the very same vulnerability". http://www.theinquirer.net/?article=9625 http://196.37.50.65/sections/internet/2003/0305221102.asp - - - - - - - - - - HP Releases Trusted Computing Platforms Hewlett Packard (HP) has launched its first PCs containing a separate chip on the motherboard for encryption and data security. The company's d530 range of business PC includes an optional hardware chip to handle encryption and identity management. The Infineon chip allows the user to set up multiple identities on the same computer with different security ratings for each, and offers public key management for data encryption. The company will be rolling out the chip across its entire business PC range. Users will be able to disable the chip, either from the BIOS or by physically removing it from the motherboard. http://www.newsfactor.com/perl/story/21577.html http://www.vnunet.com/News/1141115 - - - - - - - - - - Startup launches secure storage gear The security of storage data distributed out of data centers has become paramount now that IP - with the advent of iSCSI and other IP storage technologies - is being used more often to transport storage information across networks. Startup iReady Corp. is one of the first vendors to offer storage adapters that combine IP Security (IPSec) authentication and encryption capability with the iSCSI transport protocol, while preserving hard-to-maintain performance at a price that is inexpensive enough to spur rapid deployment in IP storage networks. http://computerworld.com/securitytopics/security/story/0,10801,81350,00.html - - - - - - - - - - Software simplifies e-mail encryption somewhat I'm well aware that sending e-mail is no more private than sending a postcard, but who wants to bother with protecting messages? It's so inconvenient. So, too lazy to phone, I e-mail gossip to friends. And even as I chide my father for e-mailing tax data, I send myself passwords. Software for encrypting e-mail has always been cumbersome. But the newest version of Pretty Good Privacy, at least, makes the task easier than ever. http://www.usatoday.com/tech/techreviews/products/2003-05-22-pgp_x.htm - - - - - - - - - - Iraq's Crash Course in Cyberwar While the United States deployed its troops to the Persian Gulf in March, some Iraqis prepared for war by surfing the Web. Internet traffic records kept by the operator of C4I.org reveal that Iraqis developed an avid interest in psychological tactics and military links just prior to the combat action against them. The private Web portal provides links to sites that detail how information is used in warfare. C4I.org logged hundreds of visits from Internet addresses assigned to Iraq's government-controlled Warkaa and Uruklink Internet services between November 2002 and March 2003. http://www.wired.com/news/conflict/0,2100,58901,00.html - - - - - - - - - - IT risks and physical threats are changing security deployment Companies need a unified strategy for real protection. Growing IT and physical risks and emerging regulatory requirements are transforming the manner in which security functions need to be viewed, implemented and managed, said executives at the SecurIT 2003 Summit here this week. For instance, it is becoming increasingly important for companies to look at IT and physical threats from a common, unified risk- management perspective, said Dennis Treece, director of corporate security at the Massachusetts Port Authority in Boston. http://computerworld.com/securitytopics/security/story/0,10801,81444,00.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.