NewsBits for June 6, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Government Creates New Cybersecurity Office New Homeland Security Unit Will Work With Private Sector The Department of Homeland Security today said it will establish an office to focus on U.S. cybersecurity, a move that may blunt criticism that the agency has not devoted enough resources and attention to Internet security. The National Cyber Security Division will "conduct cyberspace analysis" and issue warnings and alerts about online attacks, the department said. The division also will respond to major Internet attacks and assist in "national-level recovery efforts." http://www.washingtonpost.com/wp-dyn/articles/A24147-2003Jun6.html http://www.govexec.com/dailyfed/0603/060603td1.htm http://www.fcw.com/fcw/articles/2003/0602/web-cyber-06-06-03.asp http://www.gcn.com/vol1_no1/daily-updates/22360-1.html http://zdnet.com.com/2100-1105_2-1014067.html - - - - - - - - - - Men charged with using "skimmer" to clone diners' credit cards Prosecutors allege two men copied credit cards by using a hand-held device they affectionately nicknamed "the mojo" to read the magnetic strips of cards that diners used to pay their bills. Prosecutors said investigators at American Express uncovered the scheme when they noticed that several customers complaining about mysterious charges had all dined at either of two Philadelphia restaurants where one suspect worked as a waiter. Anis Kalthoumi and Faker Bensalem were charged this week with credit card fraud and other counts and arraigned in federal court Friday. http://pennlive.com/newsflash/pa/index.ssf?/base/news-2/105494574357940.xml - - - - - - - - - - The Large Theft has been prevented in Ukraine A student of the fifth course of the higher school has been arrested. He was engaged in manufacturing and selling abroad counterfeit credit cards "Visa", American Express, "MasterCard", Dinez club. 158 finished false cards and 2576 half-finished plastic cards with a magnetic strip but without essential elements of system, bank and the owner have been withdrawn from him. http://www.crime-research.org/eng/news/2003/06/Mess0605.html - - - - - - - - - - Beine sentenced to five years for child porn James A. Beine, the defrocked priest who resigned under pressure as a counselor from the St. Louis school system, was arrested and charged with exposing himself to a minor. Former priest James Beine was sentenced Friday to nearly five years in prison for his conviction on charges of possessing child pornography. U.S. District Judge Jean Hamilton gave Beine 57 months in prison, the maximum term allowed under sentencing guidelines, and ordered him to pay a $10,000 fine. Beine, 61, who legally changed his name to Mar James, was a St. Louis public school counselor last year when he was arrested on state charges of sexual misconduct involving a child. While he was in jail on those charges, he asked another prisoner to send a letter asking a friend to destroy compact discs containing the images of child pornography, prosecutors said. But the letter was turned over to authorities, who seized the discs from the friend's home in Arnold, and Beine was subsequently indicted on a federal count of possessing child pornography. http://www.stltoday.com/stltoday/news/stories.nsf/News/FA8D2A7AA875979B86256D3D005FA179 - - - - - - - - - - Soldiers in Iraq arrested over porn A British soldier in Iraq has been arrested after images of child pornography were discovered on a computer. The Ministry of Defence has confirmed the arrest of the soldier who is reported to come from Bedfordshire. He is being questioned in Iraq by the Army's Special Investigations Branch. A second serviceman has been detained in connection with the seizure of adult pornography. An MoD spokesman said equipment had been returned to the UK for analysis. "Two soldiers in Iraq are being investigated for alleged pornography offences. "No charges have yet been brought and the investigation is ongoing." http://news.bbc.co.uk/2/hi/uk_news/england/beds/bucks/herts/2968472.stm http://icnewcastle.icnetwork.co.uk/0100news/0200national/page.cfm?objectid=13039064&method=full&siteid=50081 - - - - - - - - - - Grand Jury Indicts Former Governor's Aide On Porn Charges A federal grand jury has indicted a one-time personal assistant to former Gov. A.B. "Happy" Chandler on child pornography charges. Thomas Arthur Manus, who has spent the last 17 years living in Woodford County under the name Reuben Roberts, is accused of using a young girl to create Internet pornography. The girl was sometimes subjected to "sadistic abuse," according to the indictment filed Thursday. Manus, 57, is also charged with 45 counts of using a computer to receive child pornography. Manus was first arrested in late April and charged with 12 counts of sexual abuse, news that stunned colleagues at the Woodford Sun, for which he wrote a gardening column. http://www.wave3.com/Global/story.asp?S=1311226 - - - - - - - - - - U.S. against Maxim Kovalchuk U.S. demands extradition of inhabitant of Ternopol (Ukraine) arrested in Bangkok. They assert that he is one of the most dangerous hackers in the world and has caused 100 million dollars of losses to the leading computer companies in the USA. Crime-research.org has already informed on arrest of Ukrainian citizen Maxim Kovalchuk. The case has received the international importance. According to the head of the press-service Ministry of Foreign Affairs of Ukraine Markijan Lubkivskiy, the criminal case on Kovalchuk (Vysochanskiy) is brought to court. Judicial bodies of Thailand will solve the problem of probable ex-tradition Kovalchuk to the U.S. within two months. The Ukrainian embassy in Thailand is kept in touch with Maxim Kovalchuk and is going to provide him with a high-skilled lawyer and translator. http://www.crime-research.org/eng/news/2003/06/Mess0603.html - - - - - - - - - - Verizon Identifies Download Suspects Firm Says Fight Goes On to Guard Privacy. Verizon Communications Inc. yesterday gave a music-industry trade group the names of four customers suspected of illegally downloading digital copies of songs, but promised to keep fighting the law that forced it to do so. The nation's largest telephone company was ordered to surrender the names to the Recording Industry Association of America by the U.S. Court of Appeals for the District of Columbia. Earlier in the week, the court rejected Verizon's request for a stay of the decision until Sept. 16, when Verizon is to challenge the law used by the RIAA to get the names. http://www.washingtonpost.com/wp-dyn/articles/A21198-2003Jun5.html - - - - - - - - - - Feds escape Bugbear bite The variant of the Bugbear computer worm that started to spread throughout the Internet on June 5 doesn't appear to have adversely impacted federal agencies, according to initial reports from cybersecurity experts. Hit by a wave of fast-spreading, Internet-borne viruses over the past few years, agencies, like many corporations, have moved to shore up virus protection and cyberdefenses, agency security officers and security experts noted. http://www.fcw.com/fcw/articles/2003/0602/web-virus-06-06-03.asp Bugbear worm variant on the prowl http://www.ciol.com/content/news/2003/103060601.asp Antivirus-killing virus threat upgraded http://news.zdnet.co.uk/story/0,,t272-s2135708,00.html http://zdnet.com.com/2100-1105_2-1014008.html Bugbear virus doubling every hour http://www.itweb.co.za/sections/internet/2003/0306060911.asp?O=FPT Virus could make for a freaky Friday http://news.com.com/2100-1002_3-1014008.html - - - - - - - - - - Virus sends confidential Stanford information out in e-mail People at Stanford University got some spicy spam Thursday: sensitive information, including highly confidential details about employee salaries and bonuses. The ``Bugbear.B virus'' that infected the university's computer system Thursday sent out files at random from campus PCs. http://www.siliconvalley.com/mld/siliconvalley/6027714.htm - - - - - - - - - - North Korea 'churning out cyberterrorists' American and South Korean officials warn that the communist country is training hackers for Internet warfare. In North Korea, computers are rare and Internet access is almost non-existent for most people. Yet the isolated country is suspected of training computer hackers for cyberterrorism, say American and South Korean officials. Although few details are known publicly about the North's cyberwarfare capabilities, Major-General Song Young Geun, chief of South Korea's Defence Security Command, warned last month that the reclusive communist country was churning out 100 hackers a year. However, he said he could not discuss the evidence. http://straitstimes.asia1.com.sg/asia/story/0,4386,193414,00.html - - - - - - - - - - Security Service of Ukraine will Investigate Cybercrimes The Verhovna Rada has empowered Security service of Ukraine (SSU) to investigate cybercrimes. A majority of deputies of Verhovna Rada has voted for the law "About Changes in the Code of Criminal Procedure of Ukraine". According to law, the pre-judicial investigation on the crimes related to "Production with the purpose of selling and selling the programs or the means intended for illegal penetration into computers, computer systems, networks or disruption of their functioning, will be carried out by the inspectors of Ukraine's Security Service. http://www.crime-research.org/eng/news/2003/06/Mess0604.html - - - - - - - - - - Air passenger rosters go to the Web A federal Web site now under development by the Homeland Security Departments Customs and Border Protection Bureau would securely receive mandatory passenger lists for international airline flights. Its the first time were allowing small carriers to submit information directly into our systems, said James Jeffers, a program officer at Customs and Border Protection. The Web site would feed the submissions to the Advanced Passenger Information System, designed after Sept. 11, 2001, to give federal officials time to deal with any high-risk passengers aboard international flights. http://www.gcn.com/vol1_no1/daily-updates/22354-1.html - - - - - - - - - - Slammed! An inside view of the worm that crashed the Internet in 15 minutes. "Gah!" Owen Maresh almost choked when the Priority 1 alert popped up on his panel of screens just after midnight on Saturday, January 25. Sitting inside Akamai's Network Operations Control Center, the command room for 15,000 high-speed servers stationed around the globe, he had a God's-eye view of the Internet, monitoring its health in real time. His job was to watch for trouble spots and keep Akamai's servers - and the sites of its clients like Ticketmaster and MSNBC - open for business. This was big trouble. http://www.wired.com/wired/archive/11.07/slammer.html - - - - - - - - - - UK's BT blocked by spam blacklist Despite maintaining a strong anti-spam stance BT has been rocked by allegations that its own servers are "dangerously misconfigured, insecure or abuseable" and are exposing e-mail users to the threat of increased levels of unsolicited mail. A number of BT customers attempting to e-mail friends and colleagues have been perplexed by their e-mails bouncing back with a delivery error message but a note on one spam blacklisting site, the Distributed Server Boycott List (DSBL.org), explains why this is happening. http://zdnet.com.com/2110-1105_2-1013959.html - - - - - - - - - - Return to sender, false address unknown Are spammers deliberately getting mail servers to bounce undeliverable messages towards their targets as a way of getting their junk read? Computer Mail Services (CMS), a Michigan-based e-mail security and management software provider, certainly thinks so and reckons the "Reverse Non-Delivery Report" (RNDR) technique is being used by spammers to steal server capacity and avoid detection. http://www.theregister.co.uk/content/55/31084.html - - - - - - - - - - File-sharing networks go into battle Altnet has warned that other file-sharing networks may be in violation of its patent for digital tags, and is threatening action. In a sign that file-sharing communities may start to turn on each other, Altnet said Thursday that rival networks may be violating its patent for digital tags and it plans to bring to them in line. http://news.zdnet.co.uk/story/0,,t269-s2135694,00.html - - - - - - - - - - Holy Grail of crypto to arrive in three years UK boffins have demonstrated unbreakable quantum cryptography over fibre links longer than 100km for the first time. Researchers at Cambridge-based Toshiba Research Europe say their work paves the way for commercial quantum cryptography systems within three years. Future development will now be partially funded by the Department of Trade and Industry (DTI). The focus of the DTI initiative, which also includes the University of Cambridge and Imperial College, London, is to build a quantum cryptography system which is secure from every type of hacking. http://www.theregister.co.uk/content/55/31077.html http://www.vnunet.com/News/1141438 - - - - - - - - - - Intrusion detection set for growth Worldwide intrusion detection and prevention system (IDS/IPS) product revenue is forecasted to rocket to $1.3bn by 2006. Sales reached $105m in the first quarter of this year, up only one per cent from the fourth quarter of 2002, but growth is on the way, according to analyst firm Infonetics Research. http://www.vnunet.com/News/1141436 - - - - - - - - - - Hacker gathering is a roundup of cyberspace cowboys The way Louis Trumpbour sees it, most computer hackers aren't criminals, they're more like cowboys -- frontiersmen most at home on the range known as cyberspace. The 29-year- old tavern owner from Berlin, Germany, is leading SummerCon, a gathering of roughly 200 hackers in Pittsburgh that began Friday and runs through Sunday. The event has been held every year but one since 1985 and this year organizers hope to convince the public -- and federal regulators -- that there are "black hats" and "white hats" in Hackerville. http://www.cnn.com/2003/TECH/internet/06/06/hacker.convention.ap/index.html - - - - - - - - - - Vogon unveils digital forensics pod Digital forensics and data recovery firm Vogon has updated its investigation technology to keep pace with legislation on evidence gathering and the increasing volumes of data it needs to sift through. Designed to be used largely by law enforcement agencies such as the National Hi-Tech Crime Squad or Customs and Excise, the VBus pod is a 32-bit imaging system that allows users to investigate a computer without breaking the legislative rules on gathering evidence. http://www.vnunet.com/News/1141427 - - - - - - - - - - Fighting for a new Net copyright deal Five months after losing a high-profile argument in front of the U.S. Supreme Court, foes of federal copyright law are launching a public campaign to create a policy that they see as better in step with the Internet age. Lawrence Lessig is leading the charge. The Stanford University law professor, who was once the court-appointed "special master" in Microsoft's antitrust trial and is a noted Internet privacy and intellectual property advocate, on Monday launched an online petition as the first salvo in what he expects to be a long battle to change the way the U.S. government renews patents. http://news.com.com/2008-1082_3-1013830.html - - - - - - - - - - The Wireless-Security Balancing Act If you choose an EAP that doesn't gain de facto standard status, the access point will be to other EAP clients what a two-hole electrical outlet is to three-pronged plugs. Wireless LANs have been billed as the great security wasteland. But thanks to the 802.11b Wi-Fi community's frenetic activity in the last year, an abundance of good security choices now exist, with more on the way. http://www.newsfactor.com/perl/story/21676.html - - - - - - - - - - Security tool double-checks identity A new biometric device checks not only a user's signature but also their fingerprints before granting access. Interlink Electronics is set to ship a security device that can capture handwritten signatures as well as thumbprints for security applications. The device is designed for access control and to support the digital signing of sensitive documents. http://www.vnunet.com/News/1141422 - - - - - - - - - - Wal-Mart pushes RFID tracking tags Inventory management technology that uses wireless signals to track products from the factory to store shelves is set to win a major new ally next week: Wal-Mart. The retail giant is expected to throw its weight behind RFID (radio frequency identification) technology at the Retail Systems 2003 industry conference in Chicago on Tuesday. Sources familiar with the company's plans said executives will make a presentation encouraging its top 100 suppliers to start using wireless inventory tracking equipment --chips affixed to products, and scanners in warehouses --by 2005. http://zdnet.com.com/2100-1103_2-1013767.html http://news.zdnet.co.uk/story/0,,t269-s2135717,00.html - - - - - - - - - - New research looks inside the brain to catch liars in the act In the quest to build a better lie detector, scientists are seeking to go beyond the body's indirect signals to the very seat of deceit: the brain. One researcher has built a headband outfitted with lights and detectors able to ``see'' blood-flow changes in the brain. Another uses magnetic resonance imaging to snap several split- second pictures. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6030948.htm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.