High Tech "NewsBits" for 06/10/03

NewsBits for June 10, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Liquidation Universe owner arrested in alleged eBay scam The owner of a South Salt Lake computer liquidation company that allegedly bilked thousands of buyers on the eBay Internet auction site has been arrested. South Salt Lake police detective and spokesman Darin Sweeten confirmed on Monday that the man had been arrested Sunday, but he said he will not release additional information until later this week. The FBI and eBay are cooperating with South Salt Lake police, he said. http://www.usatoday.com/tech/news/2003-06-10-liquidation-universe-scam_x.htm - - - - - - - - - - Government warns banks about virus-like infection The government is warning financial institutions about a virus-like infection that has targeted computers at roughly 1,200 banks worldwide, trying to steal corporate passwords. The FBI is investigating what private security experts believe to be the first Internet attack aimed primarily at a single economic sector. Virus experts studying the blueprints for the latest threat to Internet users were astonished to find inside the software code a list of roughly 1,200 Web addresses for many of the world's largest financial institutions, including J.P. Morgan Chase & Co., American Express Co., Wachovia Corp., Bank of America Corp. and Citibank N.A. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6053623.htm http://www.cnn.com/2003/TECH/internet/06/10/virus.banks.ap/index.html http://www.wired.com/news/business/0,1367,59186,00.html BugBear worm: New kind of crime? http://www.msnbc.com/news/922529.asp - - - - - - - - - - Man gets jail time for collection of child porn A Menomonee Falls father who downloaded hundreds of photos of child pornography and e-mailed some to Internet porn clubs has been sentenced to 10 months in jail. Michael Horvath, 23, also must serve eight years on probation, register as a sexual offender and attend sex offender treatment, Waukesha County Circuit Judge James Kieffer ordered. Horvath, who was arrested after a sting operation by the U.S. Postal Service told the judge that he was addicted to all pornography and that child pornography was only a small part of his collection. "I just wanted the biggest selection," Horvath said. "I am very ashamed and sorry for my actions." http://www.jsonline.com/news/wauk/jun03/146964.asp - - - - - - - - - - Trucker accused of 202 sex charges An over-the-road truck driver accused of soliciting parents over the Internet to have sex with their children now faces 202 felony sex charges. A Warren County grand jury indicted Michael Cooper, 30, of Elizabethtown, Ky, Monday with 200 counts of pandering obscenity involving a minor and two charges of importuning. County Prosecutor Rachel Hutzel said half of the pandering charges involve possession of child pornography; the remainder were for allegedly taking the pictures across state lines in his laptop. Cooper remains in the Warren County Jail in lieu of $100,000 bail since his arrest in early May. A wary mother in Akron, Ohio, called police after she saw Cooper's request in a chat room, in which he used the screen name "iwanttobeadad" and sent out messages seeking to meet parents with kids in the Monroe area. The woman responded to the messages, saying she had two kids under 12, and Cooper arranged for her to meet him at the Super 8 Motel off Interstate 75 in Monroe, police said. Officers found him there along with a laptop computer that included 2,000 pictures of children in various sex acts. http://www.enquirer.com/editions/2003/06/10/loc_warindict10.html - - - - - - - - - - N.J. Councilman Faces Child Porn Charges A Brick Township councilman has been charged with possessing and transporting child pornography. Steven Cucci pleaded innocent to the charges in federal court on Tuesday. Federal authorities say Cucci had images of child pornography on his home computer and transmitted them via his America Online account to another computer user in Toms River in February 2002. http://abclocal.go.com/wpvi/news/61003-njchildporn.html - - - - - - - - - - Lakeland Man Faces Charges in Sex Case A four-month investigation involving a Polk County sheriff's detective posing as a 12-year-old girl ended Friday when a Lakeland man was charged with soliciting a child for sex over the Internet. George Sulfridge, 39, of Christy Lane, was charged with four counts of soliciting a child for sex and one count of attempted lewd battery, officials said. He posted a $5,000 bail Saturday. Additional charges are being considered, detectives said. The joint investigation with the Clearwater Police Department began in January when a Clearwater detective came across Sulfridge's name during an Internet investigation. http://www.theledger.com/apps/pbcs.dll/article?AID=/20030610/NEWS/306100337/1004 - - - - - - - - - - New child porn charges brought about L. Providence man A Lower Providence man convicted of showing sexually explicit photos of an underage girl to friends in 1993 will stand trial on new charges he possessed child porn on his computer while living in Pottstown last year. After a pretrial hearing in Montgomery County Court last week, a trial was ordered for Christian J. Genuardi, 29, of the 2700 block of Egypt Road, who is charged with five counts of sexual abuse of children by possessing child pornography in connection with a May 17, 2002, incident in Pottstown. http://www.pottstownmercury.com/site/news.cfm?newsid=8268606&BRD=1674&PAG=461&dept_id=18041&rfi=6 - - - - - - - - - - Police crack down on Net pedophiles Investigators recently went to the home of a man accused of sexually abusing his grandson, looking for subtle clues that could support the allegation. They did not have to look long. "When we went to his home, the grandfather had a child pornography picture as the screen saver on his computer," said Capt. Darrell Stayton, head of the Arkansas State Polices Crimes Against Children division. "Not everyone is that helpful." http://www.nwanews.com/adg/story_Arkansas.php?storyid=32423 - - - - - - - - - - Universal Sees Red Over 'Hulk' Bootleg In the Universal Pictures movie "The Hulk," mild- mannered scientist Bruce Banner transforms into a fearsome creature when seized with rage. Universal executives had good cause to vent anger of their own this weekend after a rough, early version of the movie made its way onto the Internet just two weeks before the June 20 premiere. (LA Timnes article, free registration required) http://www.latimes.com/technology/la-fi-hulk10jun10,1,3527420.story - - - - - - - - - - Japans chilling Internet suicide pacts New trend highlights social problems, mental health crisis. The discovery Sunday of the bodies of four young Japanese men in a car at a vista point near Mount Fuji appears to be more evidence of a grim new trend in the prosperous country group suicides of strangers who meet over the Internet. The suicide pacts, which have resulted in at least 18 deaths since February, are shocking to experts, even in a nation plagued by an astronomical suicide rate. http://www.msnbc.com/news/922190.asp Web falls short on suicide prevention http://www.msnbc.com/news/924292.asp - - - - - - - - - - China tightening control over Internet cafes China said on Tuesday it had given licenses to 10 local firms to open Internet cafe chains, a move analysts said was designed to squeeze out smaller players and tighten control of sensitive political information. Most of the franchise licenses were given to state-owned companies such as China United Telecommunications, parent of China Unicom, Great Wall Broadband Network Service or those affiliated with the Ministry of Culture. http://www.usatoday.com/tech/world/2003-06-10-china-net-cafes_x.htm - - - - - - - - - - Appeals Court May Hear Copyright Case A federal appeals court may soon consider the entertainment industry's copyright-infringement claims against two popular online file-sharing systems. U.S. District Judge Stephen V. Wilson in Los Angeles cleared the way for the major record labels, music publishers and movie studios to appeal his preliminary ruling in favor of the Morpheus and Grokster file-sharing networks, without having to wait for a final decision in the case. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-rup10.9jun10,1,4057336.story - - - - - - - - - - High Court Refuses Sex.com Suit A $65-million judgment will stand in a case over a stolen domain name. The U.S. Supreme Court refused to revive an adult-entertainment executive's bid to avoid paying $65 million to the owner of the Sex.com Web site for stealing the Internet address. The justices turned down Stephen Michael Cohen's argument that he should be allowed to appeal the order that he pay Sex.com owner Gary Kremen for acquiring the domain name through fraud. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-sex10jun10,1,5692365.story - - - - - - - - - - Against the odds: Congress tackling online gambling Forget porn; the hottest action online these days is gambling, with an estimated 1,800 Web casinos and gaming sites offering the promise of easy money -- and all the action of Las Vegas or Churchill Downs -- right from a personal computer. With Congress about to vote on a federal law that would halt the practice, more sites keep going online, trying to lure customers with discounts, bonus bucks, easy credit-card betting and even free satellite-TV systems. The latest draw was last Saturday's Belmont Stakes, with online sites offering wagers on Funny Cide's eventually unsuccessful bid to take the Triple Crown. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6051310.htm http://news.com.com/2100-1028_3-1015475.html - - - - - - - - - - DOJ Net Surveillance Under Fire The Justice Department's statements -- and what it did not say -- in a congressional inquiry on the use of broadened surveillance powers authorized after the Sept. 11 attacks is raising a red flag among civil liberties groups. A central concern is the lack of clarity regarding the scope of Internet surveillance powers granted in the controversial USA Patriot Act. http://www.wired.com/news/privacy/0,1848,59150,00.html - - - - - - - - - - Police to sign up IT special constables in war on hackers Home Office plans on cybercrime strategy will pool expertise from police, government and business. The government will ask IT professionals to join the police force as special constables to help police track down hackers and virus writers, if plans for a new national computer crime strategy being considered in Whitehall get the go-ahead. The Home Office is leading the development of the strategy, which will look at ways businesses, government bodies and law enforcement agencies can pool resources to fight the rising tide of computer crime. http://www.computerweekly.com/articles/article.asp?liArticleID=122475 - - - - - - - - - - Spammers exploit Hotmail hole Junk mailers breach WebDav implementation to generate more automatic spam. Spammers are exploiting a little known vulnerability in Microsoft's Hotmail service to send more junk mail automatically. According to an advisory posted last weekend by Chip Rosenthal, of US systems developer Unicom, spammers have cracked the Distributed Authoring and Versioning (WebDav) interface which is used to send email to the Hotmail servers. http://www.vnunet.com/News/1141514 - - - - - - - - - - Is a new Trojan horse at the firewall? IT security professionals have found evidence that a stealthy new Trojan horse is infecting networks. Traffic apparently generated by the as-yet-unnamed malware was first reported in May by a security analyst for a Defense Department contractor, said Chris Hovis, director of product marketing for Lancope Inc. of Atlanta. Lancope announced Monday it had confirmed the behavior of suspicious packets on its own honeynet and on the network of a large university. http://www.gcn.com/vol1_no1/daily-updates/22371-1.html - - - - - - - - - - Hackers develop tools to thwart forensics Anti-forensics tools and skills to thwart investigators are emerging in the underground hacker scene. One example is a class of programs called the Loadable Kernel Modules (LKM) which, if used by hackers, can hide data even from forensics experts. LKMs are files that contain components that can run dynamically. Normally, LKMs are used to load hardware drivers. Hackers can create LKM rootkits that can access the kernel directly, while hiding processes, connections, directories and files without modifying the binaries of any program. A rootkit is a collection of programs that a hacker uses to mask intrusion and get access to a computer. http://www.computerweekly.com/articles/article.asp?liArticleID=122503 - - - - - - - - - - Phone Networks Open Doors for Hackers Corporate America spends untold amounts of time and money every year to ensure that its data systems are secure from cyberattacks, but there's one relatively low-tech flank that is often lightly guarded -- office telephone systems. Federal law-enforcement officials said last week that they are tracking numerous reports of hackers who gain access to corporate voice mail and telephone systems to launch Internet attacks http://www.washingtonpost.com/wp-dyn/articles/A39426-2003Jun10.html - - - - - - - - - - Spam Fight Unites Liberal, Conservatives Sen. Charles Schumer, a New York liberal who supports gay and abortion rights, is teaming up with an unlikely ally as he takes on annoying spam e-mails - the Christian Coalition. For Schumer, the pragmatic alliance makes sense to tap the conservative group's formidable clout on Capitol Hill. For the Christian Coalition, it's a chance to broaden its appeal to the political mainstream. http://www.washingtonpost.com/wp-dyn/articles/A40537-2003Jun10.html AOL spam petitions cut both ways http://news.com.com/2100-1024_3-1015385.html Yahoo sets up spam roadblock http://news.com.com/2100-1032_3-1015247.html UK government urged to give spam the boot http://news.zdnet.co.uk/story/0,,t269-s2135840,00.html Spam will cost business $20.5bn this year http://www.vnunet.com/News/1141508 - - - - - - - - - - Media chiefs express fears of digital piracy For all of the new ways that digital technology and high-speed Internet connections are making music and movies available, many of the nation's media giants remain profoundly fearful that online distribution will open the door to massive piracy. At the National Cable & Telecommunications Association annual meeting here yesterday, AOL Time Warner chief executive Richard D. Parsons and Viacom Inc. president Mel Karmazin -- appearing with the heads of Microsoft Corp. and Comcast Corp. -- said solutions are urgently needed but may take considerable time to be developed. http://boston.com/business/tech_innovation/news/2003/06/10/digital_piracy.htm - - - - - - - - - - Wi-Fi Is Boost, Not Bane, to Secure Networks-Intel High-speed wireless computer networks, or Wi-Fi, are notoriously vulnerable to unauthorized intrusion, but that may actually help to sell companies on the need to embrace the technology. That counter-intuitive logic, put forth by a leading promoter of the technology, reflects a trend at many companies where employees are taking part in the Wi-Fi computing craze whether their employers are ready or not. http://www.reuters.com/newsArticle.jhtml?type=technologyNews&storyID=2908076 Wireless Security Not an Oxymoron http://wirelessnewsfactor.com/perl/story/21700.html Mobile spam: Is the next plague upon us? http://silicon.com/news/165/1/4599.html - - - - - - - - - - Microsoft to Offer Own Antivirus Product Microsoft Corp. said Tuesday it will acquire antivirus technology from a Romanian software company and develop its own antivirus product, stepping into a market it has long ceded to others specializing in software security. Microsoft signed an agreement to buy the intellectual property and technology assets of antivirus software and consulting firm GeCAD Software Srl. of Bucharest for an undisclosed amount. Some of the company's software developers will join Microsoft, but details haven't been finalized, said Mike Nash, corporate vice president of Microsoft's security business unit. http://www.washingtonpost.com/wp-dyn/articles/A40960-2003Jun10.html http://zdnet.com.com/2100-1105_2-1015096.html http://www.eweek.com/article2/0,3959,1122744,00.asp http://www.msnbc.com/news/924836.asp http://www.wired.com/news/technology/0,1282,59196,00.html http://www.usatoday.com/tech/news/computersecurity/2003-06-10-microsoft-antivirus_x.htm - - - - - - - - - - Industrial security gets a Linux lock Control-system specialist Verano has introduced a service and software package to help companies protect their critical infrastructure from digital attacks. The product, dubbed Industrial Defender, aims to close holes in the security surrounding control systems used by utility companies, manufacturers and other industries. Verano announced the first piece, a network monitoring appliance and service, on Tuesday. http://news.com.com/2100-1009_3-1015389.html - - - - - - - - - - Apple patches two Mac server holes Apple Computer warned users on Monday that security vulnerabilities had been found in the file- sharing server software and the directory-services software that are provided with the Mac OS X Server operating system. When the server shares files that use the network file system (NFS) or the Unix file system (UFS) through the Apple File Service, a flaw could allow a remote user to overwrite arbitrary files, the Cupertino, Calif.-based company said. When logging into the server's directory services, the software could send the password in clear text, not encrypted, as it should do. http://zdnet.com.com/2110-1103_2-1014892.html - - - - - - - - - - DOD to pilot facility access card The Defense Department is close to launching a pilot program that would arm DOD employees and contractors with a single access card for entering any DOD facility. The pilot program is part of the department's Defense Cross-credentialing Identification System, which will consist of a collection of shared government and contractor databases of personnel information. The shared information will make it easier for the department to manage who has access to their facilities. http://www.fcw.com/fcw/articles/2003/0609/web-dod-06-10-03.asp - - - - - - - - - - Hackers: who is who? More than 80 thousand cases of cyberattacks have been fixed in 2002 (hackers' attacks, information thefts, etc.). Their number has sharply increased in comparison with 2001, by then it has been fixed about 58 thousand such infringements (hardly more than 20 thousand - in 2000). The piracy copying music, software, video and texts from the Internet are expected to bring in an illegal income 112 billion dollars by 2005. Unfortunately, the current official statistics do not allow to get authentic data on criminals attacking computer systems. http://www.crime-research.org/eng/news/2003/06/Mess1001.html - - - - - - - - - - Whose Job Is It, Anyway? Should there be a federal standard for encryption, and if yes, who should enforce it--government or industry? The debate rages on. (Well, sort of.) One of the hottest topics in the digital economy these days is intellectual property. It's amazing how much passionate debate there is over copyrights and patents. Advocates for the creators of digital information and entertainment see threats to their livelihood with every unauthorized download. Populist consumer advocates see greedy profiteers every time someone tries to stop them from accessing the info they think should rightly be theirs. http://www.fortune.com/fortune/washington/0,15704,370982,00.html - - - - - - - - - - Net security becoming corporate priority: Survey Internet security is slowly creeping up as a priority among top corporate executives, a new study reveals. The study, called Pulse of Internet Security in Canada, shows that 73 per cent of Canadian "C-level" executives are investing more in security than they were 18 months ago. http://www.globetechnology.com/servlet/story/RTGAM.20030610.gtsecurityjune10/BNStory/Technology/ Survey: Security cuts both ways on IT plans http://www.nwfusion.com/news/2003/0609nw500.html Bugwatch: Integrating IT security http://www.vnunet.com/News/1141419 - - - - - - - - - - Wired Slammed For Publishing Slammer Code Some security experts are criticizing the decision by Wired magazine to publish the complete source code to the SQL Slammer worm in its July issue, which hits newsstands Tuesday, saying it amounts to an algorithm on how to wreak havoc on IT systems worldwide. The Slammer worm struck the Internet on Jan. 25, infected about 75,000 systems in about 10 minutes, and, according to several researchers, cost an estimated $1 billion in damage and clean-up costs. It was the fastest-spreading worm in Internet history and struck unpatched Microsoft SQL Servers or systems running Microsoft SQL Server Desktop Engine 2000. http://www.informationweek.com/story/showArticle.jhtml?articleID=10300664 - - - - - - - - - - Radio ID tags get Microsoft backing update Microsoft is enlisting in a venture designed to help develop standards for radio frequency tags intended for use by retailers and manufacturers to track goods. The software maker said Tuesday that it will work with Auto ID, a joint venture of the Uniform Code Council and EAN International, to develop commercial and technical standards for radio frequency ID (or RFID) tags. http://news.com.com/2100-1020_3-1015058.html - - - - - - - - - - Surveillance video a `gift' to police in kidnap case Surveillance cameras like the ones that gave police critical details in the Friday kidnapping of a 9-year-old San Jose girl are no longer limited to the wealthiest neighborhoods. Today, a four-camera system similar to what neighbor Karen Kamfolt has can be purchased and installed for about $1,500, a bargain over high-end commercial systems that can run tens of thousands of dollars. http://www.siliconvalley.com/mld/siliconvalley/6053107.htm - - - - - - - - - - Buck Stops for Web Panhandlers Karyn was saved from a mountain of credit card debt. Now Michel has gotten her boobs. Cal State senior Michel (she wouldn't give her last name), who launched giveboobs.com six months ago, stands as the second notable Web celeb to have reaped a financial windfall through so-called cyberbegging. While Karyn Bosnak scored $13,000 through donations to pay off her credit cards, Michel earned $4,500 to fund breast augmentation for her self-confessed "itty-bitty" 34A chest. http://www.wired.com/news/culture/0,1284,59165,00.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.