NewsBits for June 18, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Evidence Barred in Ex-O.C. Judge's Child-Porn Case Writings and photos were illegally obtained from Ronald Kline's computer, court rules. A federal judge on Tuesday threw out most of the key evidence in a high-profile child pornography case against a former Orange County judge, ruling that sexually explicit diary entries and photos were discovered after illegal computer searches by a Canadian hacker who was working for police. http://www.latimes.com/technology/la-me-kline18jun18120422,1,262035.story - - - - - - - - - - Man gets 6 1/2 years in child porn case A Paulding County man accused of videotaping a 3-year- old girl as she used a Kennesaw restaurant restroom was sentenced Wednesday in federal court to 6 1/2 years for having more than 1,000 images of child pornography on his home computer. Chad Michael Crowley, 33, of Dallas was sentenced on federal charges of receipt of child pornography. The images were found on the computer during a search of Crowley's residence following his April 2002 arrest in connection with the alleged restaurant incident, federal authorities said. http://www.ajc.com/metro/content/metro/cobb/0603/19porncase.html - - - - - - - - - - Internet child-porn investigation leads to re-offender An man already convicted of possessing child pornography is going back to prison after FBI agents in Baltimore identified him during a separate investigation. Bruce Whalen, 54, of Medford, Oregon, will serve out a prison sentence of two years and three months after he was arrested Monday. Whalen pleaded guilty to possessing child pornography last year and was sentenced in April. http://www.usatoday.com/tech/news/2003-06-18-child-porn-again_x.htm http://www.katu.com/news/story.asp?ID=58506 - - - - - - - - - - Travis County seeking to indict seven men in child porn case Travis County prosecutors plan to seek child pornography indictments Thursday against seven men arrested as part of an investigation into the circulation of illegal images on the Internet. Investigators said the men, all of whom have been arrested and released on bond, had images of children in sexual poses. The images were downloaded from web sites. Authorities had looked into the activities of 75 people who may have tried gaining access to child pornography web sites. However, most of the cases could not be established because users likely deleted the images or sold computers that once contained illegal photos, investigators said. Of those who were arrested, one had as many as 30,000 images on disks and CDs, and another had a photo of a girl as young as 5, according to court records. http://www.statesman.com/metrostate/content/news/061803/0618childporn.html - - - - - - - - - - Man Accused Of Molesting Girl Online A Kansas City man is accused of molesting a 13-year-old girl that he has apparently never physically met. Christopher Oliver, 20, was arrested Wednesday after Idaho authorities made their case against him, KMBC's Peggy Breit reported. Investigators said the crime took place online. Oliver is accused of using his home computer, equipped with a video camera, to send lewd messages and sexually explicit pictures of himself, Breit reported. Court papers indicated Oliver had a past conviction for indecent exposure. An FBI task force made the arrest. FBI spokesman Jeff Lanza said the investigation could include an "autopsy" of Oliver's computer at a new computer forensics lab that will open in the next few weeks. Lanza said the lab can retrieve some of the information a suspect has deleted from a computer. http://www.thekansascitychannel.com/news/2279231/detail.html - - - - - - - - - - Bolivar man arrested on sex offense in Illinois A Bolivar man, registered in Tuscarawas County as a sexually oriented offender, was arrested in Olney, Ill., in Richland County Tuesday, and Tuscarawas County sheriff deputies are assisting with the investigation. Brandon Edward Roberson, 31, of 10581 Laurens Dr. NE was taken into custody by Olney police. Charges against Roberson were filed Wednesday morning by the states attorney for Richland County, Kay DeSelms. Roberson is charged with aggravated criminal sexual abuse, indecent solicitation of a child and child abduction. He was reportedly arrested at the Super 8 Motel in Olney where he was meeting a juvenile girl he met on the Internet for sex. Roberson allegedly drove to Olney to meet with the girl earlier in the week. http://www.timesreporter.com/left.php?ID=20188&r=2 - - - - - - - - - - Police aid in cyber sting Police posing as a naive 14-year-old cheerleader say they successfully baited and lured in a would-be sexual predator through Internet conversations and messages. Richard Disler, 43, of Amberville Road in North Andover, was arrested at his brand new $550,000 home on June 5 after police conducted a two-week sting operation which included numerous online conversations with Disler and surveillance of his home. Police will try to use transcripts of the conversations and evidence seized from his home to convict Disler under the state's new luring law. http://www.townonline.com/woburn/news/local_regional/wob_newwoarrest06182003.htm - - - - - - - - - - Man, 55, accused of sharing child porn A 55-year-old man in Asbestos, Que. is facing charges of producing and transmitting juvenile pornography. The Surete du Quebec says it was tipped off by authorities in Marseilles, France. The man appeared in Sherbrooke court on Wednesday on 12 charges, including producing and sharing juvenile pornographic material. He is also charged with assaulting three girls, aged five to 10. Crown attorney Denis Petitclerc says the cyber-crime unit of the SQ received a tip from Marseilles police, who traced pornographic material they had seized to an address in Asbestos. The man is suspected of using the Internet to share the pornography with others, Petitclerc says. http://montreal.cbc.ca/regional/servlet/View?filename=qc_porn20030618 - - - - - - - - - - Orinda Youth To Be Tried As A Juvenile In Web Porn Case Authorities have decided to charge a 17-year-old Orinda boy as a juvenile after police arrested him this week and seized a computer saturated with thousands of pornographic images, including dozens of "very young" children, officials said Tuesday. The Orinda Police Department capped a five-week investigation with the arrest Monday of the Miramonte High School student in his Orinda home. Scheduled to be released from juvenile hall later this week, he faces a misdemeanor charge of possession and a felony charge of intent to distribute the child porn images, said Orinda police Chief Dan Lawrence. http://www.ktvu.com/news/2276711/detail.html - - - - - - - - - - Tennessee brothers convicted in Internet drug scheme A federal judge convicted two Tennessee brothers who sold an industrial solvent with other ingredients over the Internet as muscle enhancers or sexual stimulants, taking in more than $800,000 from 1,300 customers in about a year. Orders from 47 states and Puerto Rico came into the basement operation run by brothers Kevin Layne Brown and Ronald Keith Brown in Sparta, Tenn. They were indicted in September in the Southern District of Alabama where the drugs showed up in Mobile nightclubs. http://www.usatoday.com/tech/news/2003-06-18-drug-deal-down_x.htm - - - - - - - - - - Vietnam Internet dissident gets 13-year sentence Vietnamese doctor, accused of publishing anti-government texts on the Internet including a translation of a U.S. essay on democracy, was jailed for 13 years on Wednesday for spying. ``Pham Hong Son was sentenced to 13 years in prison for espionage and he will be subjected to three years of administrative detention at his residence after serving the prison sentence,'' the Hanoi People's Court said in a statement. http://zdnet.com.com/2110-1105_2-1018474.html - - - - - - - - - - Guess settles Web-security charges Designer-clothes maker Guess has agreed to patch up its Web site to settle charges that it exposed thousands of customer credit-card numbers to Internet hackers, U.S. regulators said Wednesday. The Los Angeles-based retailer and wholesaler of trendy fashions told Web customers that their credit-card numbers and other personal information would be adequately protected, but in fact hackers could easily access customer accounts, the Federal Trade Commission charged. http://www.usatoday.com/tech/news/2003-06-18-guess-hackers_x.htm - - - - - - - - - - Hackers Replace Singapore Party Web Site with Porn Hackers transformed the Internet home page of Singapore's main opposition Democratic Party into a pornographic Web site, featuring raunchy photos of naked women and advertisements for "mature sex." The party was forced to change its www.singaporedemocrats.org Web site to www.singaporedemocrat.org, secretary-general of the Singapore Democratic Party, Chee Soon Juan, said. http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=2947757 - - - - - - - - - - Cracker spills the beans on PDF flaw A confidential security alert from security clearing house CERT has once again been leaked onto a full disclosure mailing list ahead of schedule. The premature disclosure of information on security risks involving PDF files on *nix platforms comes after a spate of similarly leaked alerts back in March, including information about a vulnerability involving the Kerberos security protocol. http://www.theregister.co.uk/content/55/31281.html http://computerworld.com/securitytopics/security/story/0,10801,82197,00.html - - - - - - - - - - Fresh variant to tedious worm bores users into submission Virus writers have released yet another variant in what we must now refer to as the Sobig series. Sobig-D, which first appeared today, is a little different from its predecessors the Sobig-B (support@microsoft.com) and Sobig-C (bill@microsoft.com) worms. This time around infectious emails sent out by Sobig.D appear to come from admin@support.com. The worm is spreading modestly and causing only a minimal amount of damage. Most vendors rate it as low risk. It's still out there, though. So watch out. http://www.theregister.co.uk/content/56/31292.html - - - - - - - - - - Task force to target computer crimes in Hawai'i U.S. Attorney Ed Kubo Jr. is forming a cybercrimes task force in response to what he calls an "increasing number of problems" with identity theft and fraud on O'ahu. "It's of substantial federal interest," Kubo said. O'ahu has seen a spike in the number of identity theft and computer fraud complaints, Kubo said. Cybercrime is a large state and national concern, investigators say. The formation of a cybercrimes task force comes at a time when computer crime numbers are rising all over O'ahu and the nation. http://the.honoluluadvertiser.com/article/2003/Jun/18/ln/ln15a.html - - - - - - - - - - Government to fight cyber crime The National Intelligence Agent has identified cyber criminals and private intelligence companies as a serious threat to national security. Lindiwe Sisulu, Intelligence Minister, told Parliament today, that special interception centres would be set up to counter cyber criminals seeking to undermine the country's national security. Networks are needed for communication, transport, public safety, and energy. However, it is becoming easier for criminals and terrorist organisations to abuse them. The government wants to set up interception centres. http://www.sabcnews.com/politics/parliament/0,1009,60659,00.html - - - - - - - - - - Homeland security industry group is launched An industry group has been created to connect private- sector companies with the Department of Homeland Security. Executives of the new Homeland Security Business Executive Council announced the launch of the nonpartisan, nonprofit group today in Washington. The Department of Homeland Security supports the creation of the group, an administration official said. http://www.gcn.com/vol1_no1/daily-updates/22496-1.html Streamlined communications called key to homeland security http://computerworld.com/securitytopics/security/story/0,10801,82244,00.html - - - - - - - - - - DOD teaming on critical infrastructure The Defense Department is working with government officials at all levels, as well as with the private sector, to ensure that the nation's critical infrastructure assets are protected and that contingency plans are in place in the event of an attack or disaster. Navy Capt. Robert Magee, deputy director for industrial base capabilities and readiness in the Office of the Secretary of Defense, said infrastructure protection is really "mission assurance" for DOD because the failure of critical assets would disrupt operations. http://www.fcw.com/fcw/articles/2003/0616/web-dod-06-18-03.asp - - - - - - - - - - Firms at risk on email legal liability Email is increasingly being cited as primary evidence in high-profile discrimination, sexual harassment, and antitrust legal claims, according to research. According to a study conducted by the American Management Association, The ePolicy Institute and security vendor Clearswift, last year 14 per cent of firms were ordered by a court or regulatory body to produce employee email - a figure up from nine per cent two years ago. http://www.vnunet.com/News/1141688 'Info security for the rest of us' http://www.fcw.com/fcw/articles/2003/0616/web-cyber-06-18-03.asp NASD advises brokers to monitor instant messages http://www.usatoday.com/tech/techinvestor/2003-06-18-brokers-im_x.htm - - - - - - - - - - Spam, Security, Upgrades Top E-Mail Spending Priorities Through '04 Reducing spam remains the No. 1 concern for IT professionals on the e-mail front, but security and migration issues are also top priorities for 2003, according to a recent survey. In a survey released by the Radicati Group Monday, roughly 52 percent of the 50 responding corporations said reducing spam is mission No. 1 during the next 18 months. On average, 24 percent of all incoming corporate e-mail is spam, according to Radicati's report titled "Corporate Messaging Survey, 2003-2005." http://www.internetweek.com/breakingNews/showArticle.jhtml%3Bjsessionid=U2BQRKJX0FVRCQSNDBCSKH0CJUMEIJVN?articleID=10700360 - - - - - - - - - - Deep-Six Computers to Sink Net Pirates? Orrin G. Hatch, a songwriting Republican who chairs the Senate Judiciary Committee, suggested Tuesday that stealing music and movies online may warrant the death penalty for pirates' computers. His incendiary proposal came at a hearing on security and privacy risks posed by peer-to-peer networks such as Kazaa, which enable an estimated 80 million people to copy files from one another's computers free. http://www.latimes.com/technology/la-fi-boom18jun18,1,2347781.story http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6113673.htm http://www.miami.com/mld/miamiherald/business/6109851.htm http://www.cnn.com/2003/TECH/ptech/06/18/hatch.songwriting.ap/index.html http://www.wired.com/news/digiwood/0,1412,59298,00.html - - - - - - - - - - Survey: Financial firms prey for hackers A global survey has revealed that 39 percent of financial institutions experienced at least one security breach within the past year. Deloitte Touche Tohmatsu's Global Security Survey, which was released Wednesday, showed that two-thirds of the security breaches were breaches from outside the organization. http://news.com.com/2100-1009_3-1018482.html http://news.zdnet.co.uk/story/0,,t269-s2136212,00.html http://www.msnbc.com/news/928240.asp The credit and financial sphere appeared the most vulnerable for criminal encroachments. http://www.crime-research.org/eng/news/2003/06/Mess1804.html - - - - - - - - - - Wireless security entangles HIPAA Although most health organizations still have another 22 months to comply with new federal security standards, securing wireless networks may pose a problem as they near the deadline. "There are so many security issues around wireless and the [security] rule gives you no substantial guidance on how to secure wireless," said Marne Gordon, director of regulatory affairs at TruSecure Corp., referring to the Health Insurance Portability and Accountability Act of 1996 guidelines on security. http://www.fcw.com/geb/articles/2003/0616/web-hipaa-06-18-03.asp - - - - - - - - - - Law Society of Scotland buys 'cybersquatter' domain The Law Society of Scotland has just been confirmed as the new owner of Lawscot.co.uk, five days after it branded our story that revealed it has paid PS10,000 for the domain "inaccurate". The Law Society has been chasing the previous owner of the generic domain, Tommy Butler, through its own law courts to take hold of the domain, insisting that he was infringing its rights and the trademark that it took out after he initially refused to hand it over to them. http://www.theregister.co.uk/content/6/31277.html - - - - - - - - - - Son of Slammer on the cards Each week vnunet.com asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week Tim Ecott, managing consultant of Integralis, warns of the danger of a return of SQL Slammer, the fastest propagating worm on the internet to date. http://www.vnunet.com/News/1141694 - - - - - - - - - - Cyber crimes has a mercenary nature Formally hactivism assumes the organization of civil disobedience actions providing the pressure upon the state institutes. Hactivism provides active actions; therefore it is illegal, as well as the majority of similar actions. Form the standpoint of psychological characteristic hacker is a creative personality, professional, capable to run risks. Hackers-amateurs are the most numerous but the least dangerous (80% of computer attacks). They are interested in no aim but the attack process itself. They enjoy overcoming systems of protection. Their actions are often easy to suppress because hackers-amateurs prefer not to enter into a conflict with the Law. According to practice, most hackers do not have the traditional criminal past. http://www.crime-research.org/eng/news/2003/06/Mess1803.html - - - - - - - - - - Tracking Down the Phantom Host Most information systems security professionals are familiar with the procedures for identifying malicious traffic among their routine data, and many of the same professionals are familiar with the forensic procedures required once you have identified a compromised host. But on more than one occasion, I have been asked how to locate a problem host when you are not sure where it is physically located. http://www.securityfocus.com/infocus/1705 - - - - - - - - - - Security Researchers Nibble at Bluetooth On Tuesday the organization responsible for the Bluetooth wireless standard unveiled version 1.2 of its official spec at the Bluetooth World Congress in Amsterdam. But for real evidence that that the technology is finally gaining acceptance turn to the conference program for this summer's DefCon hacker convention, or the front page of the Packetstorm security tools site. After years of neglect, security researchers are beginning to gently sink their teeth into the technology. http://www.securityfocus.com/news/5896 - - - - - - - - - - DOD buying into facial recognition The use of facial recognition solutions is rapidly gaining steam in the Defense Department, as evidenced by the recent award of two contracts to further develop the technology. DOD's Technical Support Working Group awarded one of the contracts; the other was from the Defense Advanced Research Projects Agency. http://www.fcw.com/fcw/articles/2003/0616/web-face-06-18-03.asp *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.