NewsBits for June 9, 2003 sponsored by, Southeast Cybercrime Institute - ************************************************************ Bugbear Variant Still a Threat Bugbear.b contains the Internet domain names of 1,300 banks and financial institutions. If it were to infect a computer that it identified as belonging to one of these banks, the virus would attempt to install a backdoor for hackers. The rate at which the Bugbear.b worm is spreading has reached a plateau, but the virus continues to pose a danger. Security companies have rated the risk level of the virus -- which attacks computers running any version of Windows -- as "high" for both corporate and home users. - - - - - - - - - - Warren County Man Indicted On Porn Charges Police in Warren County say it is one of the worst child porn cases they've ever seen. A grand jury indicted Matthew Cooper Monday for 200 counts of pandering obscenity involving a minor and two counts of importuning. Police arrested Cooper last month after they say he tried to meet a woman and her four children for sex at a Monroe motel. Investigators say they recovered more than 1000 images of children from his computer. Cooper is currently being held in the Warren County Jail on a $100,000 bond. - - - - - - - - - - Scout Master Charged With Possession Of Child Porn An Arlington Boy Scout Master has been arrested on child pornography charges and is being held on $50,000 cash bail. The police in Arlington were repulsed by the photographs when they were discovered on the computer hard drive -- and it was the father-in-law who turned the computer over to police. Christopher O'Connell, 26, had given his father-in-law his computer and asked him to fix it. "The defendant's father-in-law then opened the files and saw nude photographs of a known 13-year-old girl who was being violated sexually," the prosecutor said in court on Monday. - - - - - - - - - - County official acknowledges on-the-job visits to porn sites An Adams County commissioner has acknowledged using his office computer to visit pornographic Web sites during work hours, after the county's Internet-use monitoring system recorded more than 450 such visits during a three- month period. Thomas Collins said the activity was a way to handle the stress of his job. "The Internet was my escape mechanism," Collins told The Evening Sun of Hanover, which obtained the records by filing a freedom- of-information request. He called the matter a "mental- health issue." Tracking software installed on county computers in response to requests from department heads concerned about possible misuse by employees revealed 465 pornographic-site "hits" in the commissioners' office between November and February, officials said. All but three of the hits were traced to Collins' computer. - - - - - - - - - - Higher court is to hear garda porn case A District Court judge has refused to hear a case involving a garda who allegedly viewed sexual images of children at a computer in Garda Headquarters in the Phoenix Park. The man, who cannot be named for legal reasons, is charged under section 6.1 of the Child Trafficking and Pornography Act 1998. Judge William Early referred the case to a higher court, after viewing the images. He said 'about ten' of the images were pornographic. - - - - - - - - - - Child porn targeted Federal and state officials in the Kansas City area are embarking on the largest local crime initiative since a 1999 crackdown on gun-toting felons. U.S. Attorney Todd Graves, the top federal prosecutor for the western half of Missouri, said aggressive pursuit of people who traffic in child pornography is his top local priority. "We will commit whatever prosecutorial resources we need to make the good cases," Graves said. "We're encouraging investigative agencies to get more hooks in the water." Graves has hired a computer investigator and created the Computer Crimes and Child Exploitation Unit in his office. - - - - - - - - - - Van Drew drafts bill on Internet child porn In January, a Williamstown man showed up at a Vineland hotel, a bouquet of roses in his hand. He believed he was meeting a young girl. When he knocked, there was no girl there - only members of the Cumberland County prosecutor's Internet Crimes Against Children Task Force. The man was promptly arrested and, among other things, the roses were taken into evidence. The meeting of an adult with an underage child on the Internet happens all too often, but no statute makes that specifically a crime. State Assemblyman Jeff Van Drew, D-Cape May, Cumberland, Atlantic, wants to change that. He has drafted a bill to make it a crime to use the Internet or any other electronic means to lure a minor somewhere with the intention "to commit a criminal offense with or against the child." - - - - - - - - - - Cyber Crime Rate Increases 500-fold in 5 Years The number of domestic Internet criminal cases increased to 60,000 last year, increasing by more than 500-fold the 100 or so recorded in 1997, according to data released by the Cyber Terror Response Center yesterday. There were 121 cases of cyber crime in 1997 but the figures reached 60,068 cases in 2002. The introduction of the Internet and the emergence of the information and technology era have suddenly boosted cyber crimes, with new types of crime being invented everyday, according to the response center. The police added that an overall and efficient system is urgently needed to control the increasing cyber crime. - - - - - - - - - - Internet Pharmacies in Canada Fight Back Fast-growing Manitoba companies selling discount drugs from Canada to U.S. customers now have a partner in their battle with the pharmaceutical giants - local regulators. Six months of mediated talks has brought a tentative agreement between the Manitoba Pharmaceutical Association and a group of Internet pharmacies on acceptable practices for an industry creating hundreds of jobs in this prairie province north of Minnesota and North Dakota. - - - - - - - - - - DHS division to push cybersecurity efforts The Bush administration last week created a new organization to improve security across the federal government and work with industry to secure the nation's major networks. The National Cyber Security Division, part of the Infrastructure Protection Office at the Homeland Security Department, will be dedicated to following through on the priorities laid out in the National Strategy to Secure Cyberspace released by the administration in February.,10801,81953,00.html - - - - - - - - - - Security holds its ground in IT crime survey The eighth annual IT crime survey by the Computer Security Institute of San Francisco and that citys FBIs computer intrusion squad shows a dramatic drop in financial losses caused by computer attacks. And a former chief of the FBIs cybercrime squad said government systems showed significant improvements. The number of significant security incidents appears to have leveled off since last year, according to the survey, which produces some of the most widely quoted numbers about the state of IT security. - - - - - - - - - - Government Standard May Be Useful for Private Sector Corporations should consider using the draft of a new National Institute of Standards and Technology standard as a starting point for their own risk-classification exercises, according to a recent Meta Group Inc. research note. The draft standard, called Federal Information Processing Standard (FIPS) 199 and released in mid-May, spells out how government agencies should categorize their systems from a risk standpoint.,10801,81895,00.html IT Managers See Need for Risk Metrics,10801,81897,00.html - - - - - - - - - - AOL filters out some Comcast e-mail America Online has been blocking an undisclosed number of Comcast subscriber e-mails since late last week and is in the process of resolving the problem. Affected Comcast subscribers discovered the blocks as early as last Thursday, and they continued to report difficulties through early Monday afternoon. By late that afternoon, America Online had fixed the problem, but was unable to provide information as to its nature, said AOL spokesman Andrew Weinstein. He added that technicians have been trying to isolate the issue and believe it could have been a case of mistakenly identifying legitimate Comcast e-mail as spam. - - - - - - - - - - AOL touts security for broadband plans America Online is urging broadband users to practice safe surfing. Conveniently, AOL's solution for broadband users concerned about security is AOL. The AOL Time Warner Internet unit said Monday that the next version of its proprietary service, AOL 9.0, will offer a package of security-related software, such as e-mail virus scanning, firewall protection, spam filtering and beefed-up parental controls. The announcement follows the launch of a public campaign to highlight the dangers of unprotected broadband access. - - - - - - - - - - Army prepping IA policy The Army is preparing an information assurance (IA) policy that will guide the way the service implements a Defense Department IA directive. An enterprise information assurance policy is one of three key pillars needed to support the Army Knowledge Management (AKM) imperatives of defending networks, supporting the Objective Force and lowering the total cost of information technology ownership, said Robert Ringdahl, chief integration officer at Network Enterprise Technology Command's Enterprise Systems Technology Activity. - - - - - - - - - - Wireless drive-by How easy is it to sniff out wireless networks with the intent to break in? Very easy, if you have the right antennae hooked to your laptop and you have freeware network-sniffer software such as NetStumbler. That is what the security director of Guardent Inc., a Waltham, Mass.-based managed security service provider, used last week during a "war drive" through the business district and Capitol Hill area of Washington, D.C. Wi-Fi - your security Achilles heel? - - - - - - - - - - 'The Spam Report' Time to can the spam... We've all received spam email - whether it be offers of generic Viagra, miracle herbal 'enhancements', septic tanks, consolidated loans, XXX hot girls, university diplomas, unclaimed fortunes, lottery winnings... the list goes on. In the last year the amount of spam has increased at an alarming rate - to the situation we now find ourselves in where spam makes up more than half of all email traffic worldwide. In fact the escalation of the problem over the past year has led some industry figures to raise serious concerns about the very future of email as an effective communication tool - with some even daring to suggest it could become unusable. Spam: Can the law offer any relief? Surge in spam costs billions - - - - - - - - - - Spam makes kids feel 'uncomfortable and offended' More than 80 per cent of kids say they receive "inappropriate" spam every day. So says security software outfit Symantec which found that half of those who took part in its survey felt "uncomfortable and offended" when seeing dodgy emails. The survey, which advises parents to talk to their children about what they see online, touches on all the usual issues concerning spam. Said Steve Cullen of Symantec in a statement: "As with any email user, kids are just as susceptible as adults to being bombarded by spam advertising inappropriate products and services, such as Viagra and pornographic materials. "Parents need to educate their children about the dangers of spam and how they can avoid being exposed to offensive content or becoming innocent victims of online fraud." - - - - - - - - - - E-Mailers Turn Isolationist in Battle Against Spam Halt! Who goes there? Friend or foe? Internet users frustrated by a rising deluge of spam, or junk e-mail, are resorting to a new arsenal of software tools that block or quarantine mail of unknown origin. The anti- spam options range from address-book based systems that redirect mail from unknown senders, to image- blocking software, to collaborative reporting tools that allow users to report bulk e-mails with a single button click. - - - - - - - - - - MPAA extends Net crusade to domains The Motion Picture Association of America has extended its heavy-handed approach in all things Internet-related to the matter of domains. UK-based owner of, Laurence Skegg from York, has received a letter from no less than the charming Barbara Rosenfeld herself, informing him that the domain he purchased on 15 June 2000 infringes the MPAA's trademark. "There appears to be no good faith reason for you to have registered this domain name," he is informed, "since you have no connection to the MPAA or its motion picture rating system." - - - - - - - - - - Math Wiz Claims Piracy Solution When Internet users started ripping off songs from the online Museum of Musical Instruments, they angered the wrong guy: millionaire mathematician Hank Risan. Risan's unorthodox museum is a Web site devoted to guitars and their role in music history, reflecting his personal interests as a collector, restorer and musician. The original version of the site boasted a virtual jukebox with thousands of songs from various musical eras and genres. (LA Times article, free registration required),1,7152618.story - - - - - - - - - - Device Drivers Shipping With Windows Leak Data Several third-party device drivers that ship with Windows Server 2003 contain a vulnerability that causes them to leak potentially sensitive data during TCP transmissions. The flaw does not affect any Microsoft Corp. drivers; it has only been found in drivers provided by outside vendors. The vulnerability is quite similar to a class of flaws first described in a paper published by @stake Inc. in January.,3959,1121487,00.asp - - - - - - - - - - Avecho goes toe to toe with MessageLabs Avecho, a managed service scanning the email of consumers and SMEs for viruses and spam, is branching out into the enterprise. The company has gone live with services designed to protect ISPs and corporate customers. The firm's virusCENSOR and spamCENSOR packages are run from a secure server farm and are designed to protect customers from viruses without having to wait for signature updates from AV vendors. - - - - - - - - - - Oracle Drives Security Deeper Oracle Corp. is developing several security tools to help users of the company's software find vulnerabilities and lock down their systems. The tools, which will be released over the next several months, are part of an effort by the company to extend its security commitment to customers beyond simply writing secure code and shipping software in a secure configuration, company officials at the Gartner IT Security Summit here said.,3959,1120074,00.asp?kc=EWRSS02129TX1K0000531 - - - - - - - - - - Sourcefire Tool Aims to Help Intrusion Detection Security vendor Sourcefire Inc. is rolling out a security appliance that company executives say will make IDSes more efficient and valuable in enterprise networks. The Real-Time Network Awareness appliance combines vulnerability assessment and correlation with change management in an effort to reduce or even eliminate the false positives and negatives that plague intrusion detection systems. The RNA box is meant to work in conjunction with Sourcefire's Intrusion Management System, which is based on the open-source Snort IDS.,3959,1121873,00.asp - - - - - - - - - - The Two Faces of Foundstone A leading computer-security company is accused of software piracy. George Kurtz may be his own worst enemy. In just four years Kurtz, CEO of Foundstone, and Stuart McClure, its president, created one of the best-known U.S. computer-security companies by exposing the vulnerabilities of software firms. Thousands of FORTUNE 500 executives and government officials--from the FBI and the National Security Agency to the Army, the Federal Reserve, and even the White House--have taken Foundstone's Ultimate Hacking courses, at up to $4,000 per person.,15114,457276,00.html - - - - - - - - - - Cryptography at the core of sound IT security Whitfield Diffie, chief security officer at Sun Microsystems Inc., likes to dole out his first tenet of IT security -- one no one should forget. "Whenever you have a secret, you have a vulnerability." The tenet, given during the keynote at the Infosecurity Canada conference in Toronto last week, points to one of cryptography's -- and IT security's, for that matter -- basic pillars: if you have something you want to control, you have a problem.,10801,81955,00.html - - - - - - - - - - Adding Security to the Cert Shiftless third-party prep courses have made MCSE certification less valuable. Is Microsoft's new security cert doomed to the same fate? When you and I consider the word "traffic," images of data packets and protocol streams inevitably spring to mind. However, the everyday users that we all support would undoubtedly have visions of slowly- moving automobiles in congested masses on our road systems-- agitated drivers honking their horns and exchanging vulgarities with gestures of digital impudicus as they attempt to travel from source to destination in utter frustration. - - - - - - - - - - Overcoming 'Security By Good Intentions' Last week Microsoft announced plans to revise the process it uses to provide patches that fix problems with its software. While IT executives around the world may be swooning in gratitude at this latest demonstration of 'Trustworthy Computing' in action, those in the real world of IT, such as system administrators, network engineers, and security staff - in other words, the "doers with a clue" - have little to rejoice about with this latest news from Redmond. - - - - - - - - - - Lawmaker decries 'disconnect' between intelligence, security House Homeland Security ranking member Jim Turner, D-Texas, is planning to send a letter to President Bush Monday to decry what he sees as significant inadequacies in the intelligence branch of the Homeland Security Department. "Hopefully this office [of intelligence] will get the attention internally that it needs," Turner said Monday in an interview with CongressDaily. Turner said he hoped the administration would "take immediate steps to beef up" the department's information analysis operation. - - - - - - - - - - The untapped potential of Caller ID Knowing who is phoning you before you answer their call is normal on mobile phones - but there's much more that could be done with the system when you're at home. If you call anyone from the pub payphone and try to make out that you're stuck in a meeting at work, there's a good bet that you could be rumbled. An increasing number of people are subscribing to caller ID service, which provides the telephone number of the incoming call on their phone line. - - - - - - - - - - FYI: yr e-mail can haunt u 4ever A word to the unwary: Private missives don't belong on the Internet. Why can't we behave? When the risks are huge and the potential consequences dire, why can't we stop ourselves from typing those suicidal e-mails, hitting the send key and sealing our doom? This month, it's West Virginia Gov. Bob Wise's turn to ponder those questions. Until a few weeks ago, incumbent Wise was a shoo-in as Democratic candidate in his state's next gubernatorial election. Now, members of his own party are suggesting he resign; Republicans are savoring their improved chances and Wise, 55, has proved he is anything but. The reckless fingers of fate his own may have typed him right out of the governor's office. And his cyber-trail of decidedly unromantic e-mails to a state employee with whom he may have been romantically involved are making him something of a literary laughingstock as well. (LA Times article, free registration required),1,5771765.story *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2003,, Campbell, CA.