NewsBits for July 8, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Users alerted to fake PayPal site scam US internet monitor Internet Storm Centre (ISC) has warned web users of a fake website capitalising on the PayPal e-wallet system. The fake site uses a valid secure sockets layer (SSL) certificate to dupe visitors into believing they are accessing a bona fide secure site. It then compounds the deception by using a CGI script to redirect the user to the actual PayPal login page. The scam, which hopes to gain information that can be used for identity or credit card fraud, makes use of a well-known technique called URL masking which uses a username and password prefix in the address to fool the unwary. http://www.vnunet.com/News/1142159 - - - - - - - - - - Major jailed over child porn on net AN Edinburgh Army Cadet Force Major, who downloaded from the Internet more than 338,000 sickening pornographic images and movies of children - the second highest number discovered in Britain - has been jailed for 30 months. Suspended Territorial Army officer, Brian Thomson, 48, who arranged ranger events for young cadets, admitted getting sexual kicks from images of girls as young as seven being raped, tortured and abused pled guilty when he appeared at the city's Sheriff Court last month. Sentence was deferred until today for background reports. http://www.edinburghnews.com/index.cfm?id=743502003 - - - - - - - - - - Man sentenced to jail for child porn A former Naval Station Everett civilian employee was sentenced to 60 days in jail Monday for downloading child pornography on his work computer, but a judge warned him he'd be going to prison if he ever does it again. Michael T. Schuhow, 46, of Everett will be allowed to do his time on work release if he can arrange it with the county Department of Corrections. http://www.heraldnet.com/Stories/03/7/8/17179083.cfm - - - - - - - - - - Collection of child porn found at infant school POLICE found 1,400 images of child pornography when they raided a private nursery and infant school. The photographs belonged to Alun Briggs, whose parents run the Radlett Nursery Infant School in Radlett. Briggs, 35, downloaded images of children which ranged from nude, erotic poses to ones where they were performing sexual acts, said Samantha Cohen, prosecuting. He was arrested in October last year after the FBI in the USA provided the British police with details of people who had used their credit cards to access Landslide Productions, which acted as a gateway to child pornography sites. http://www.watfordobserver.co.uk/news/localnews/display.var.390667.0.collection_of_child_porn_found_at_infant_school.php - - - - - - - - - - Julia Roberts sexes down UK PCs A new variant of the highly destructive MyLife worm has been detected and is deleting data from computers across the UK. The worm arrives in an attachment that purports to offer pictures of Julia Roberts or Colombian pop singer Shakira. But when executed the worm checks the PC clock and, if the number of minutes past the hour is 50 or more, the worm activates. http://www.vnunet.com/News/1142158 - - - - - - - - - - Thumbnails ruled ok Search engines' display of miniature images is fair use under copyright law, a federal appeals court ruled on Monday, but the legality of presenting full-size renditions of visual works is yet to be determined. The Ninth US Circuit Court of Appeals' decision is a partial win for defendant Arriba Soft -- an image search engine now known as Ditto.com -- in its case against photographer Leslie Kelly. Kelly sued Arriba Soft in April 1999 for copyright infringement when its software had recorded miniatures, or thumbnails, and full size versions of his digital photos and made them accessible via its search engine. http://news.zdnet.co.uk/story/0,,t269-s2137201,00.html - - - - - - - - - - Congressional subcommittee vets anti-spam bill In addition to being annoying, e-mailed spam costs American businesses billions of dollars in lost time, productivity and e-business as it reduces consumer confidence in the Internet, officials told lawmakers Tuesday. ``Consumers are getting inundated with pornographic or false and misleading e-mails that diminishes their faith in e-commerce, undermining many of the benefits,'' said Joseph Rubin of the U.S. Chamber of Commerce. One estimate shows that businesses lose about $10 billion a year because of lost productivity, bandwidth costs and money spent on anti-spam tools. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6258072.htm http://zdnet.com.com/2100-1104_2-1023740.html http://www.msnbc.com/news/936277.asp http://dc.internet.com/news/article.php/2232161 Send Spammers to Jail, U.S. Lawmakers Say http://www.washingtonpost.com/wp-dyn/articles/A27804-2003Jul8.html http://www.usatoday.com/tech/news/techpolicy/2003-07-08-spam-jail_x.htm Spam Believed to Cost Businesses Billions In addition to being annoying, e-mailed spam costs American businesses billions of dollars in lost time, productivity and e-business as it reduces consumer confidence in the Internet, officials told lawmakers Tuesday. "Consumers are getting inundated with pornographic or false and misleading e-mails that diminishes their faith in e-commerce, undermining many of the benefits," said Joseph Rubin of the U.S. Chamber of Commerce. One estimate shows that businesses lose about $10 billion a year because of lost productivity, bandwidth costs and money spent on anti-spam tools. http://www.washingtonpost.com/wp-dyn/articles/A26657-2003Jul8.html - - - - - - - - - - Dissertation Could Be Security Threat Sean Gorman's professor called his dissertation "tedious and unimportant." Gorman didn't talk about it when he went on dates because "it was so boring they'd start staring up at the ceiling." But since the Sept. 11, 2001, attacks, Gorman's work has become so compelling that companies want to seize it, government officials want to suppress it, and al Qaeda operatives -- if they could get their hands on it -- would find a terrorist treasure map. Tinkering on a laptop, wearing a rumpled T-shirt and a soul patch goatee, this George Mason University graduate student has mapped every business and industrial sector in the American economy, layering on top the fiber-optic network that connects them. http://www.washingtonpost.com/wp-dyn/articles/A23689-2003Jul7.html - - - - - - - - - - FSB calls for e-fraud 'liability shift' The huge rise in Internet fraud is threatening the success of e-commerce, The Federation of Small Business (FSB) warned today. In a letter to E-commerce Minister Stephen Timms, the FSB explained credit card fraud over the Internet or telephone was of particular concern to small firms because the retailer, rather than the issuing bank, is liable. http://www.theregister.co.uk/content/67/31626.html - - - - - - - - - - P2P's little secret File swappers hoping to share music and other works online without exposing their identity to the prying eyes of copyright enforcers face a tough choice. Popular peer-to-peer networks such as Kazaa, where the lion's share of online trading of music and other files takes place, are designed such that participants who wish to remain completely anonymous must pay a severe price in terms of convenience and usability, experts warn. http://zdnet.com.com/2100-1105-1023735.html - - - - - - - - - - Exchange shores up security Microsoft is to offer users more security and flexibility with the next version of its Exchange messaging server, which went to manufacturing last week. But although Exchange 2003 is due to ship in August, users will have to wait a month or two longer for the upgrade to its companion client product, Outlook. http://www.vnunet.com/News/1142152 - - - - - - - - - - Sypris picked for rugged security device An unnamed government agency that deals in homeland security recently selected Sypris Electronics LLC to produce a ruggedized system to be the primary interface with secure communications equipment used by the military and other federal agencies. The system is composed of a handheld host computer and integrated PCMCIA security card, both of which Sypris Electronics designed under government contract. The two-year base contract is valued at $20.2 million, but the deal could be worth up to $43 million with options, according to a company spokesman. http://www.fcw.com/fcw/articles/2003/0707/web-sypris-07-08-03.asp - - - - - - - - - - Critical Path Introduces Password Management Software Critical Path plans Tuesday to introduce software for centrally administering passwords across systems and applications. Critical Path Password Management is designed to provide self-service resets of forgotten passwords, centralized definition and enforcement of password policies, dynamic password synchronization across systems for reduced sign-on, and auditing of all password change activities. The software is designed to help enterprises cut helpdesk costs, improve security, and boost user productivity. http://www.internetweek.com/story/showArticle.jhtml?articleID=10818359 - - - - - - - - - - Careless PDA users threaten corporate security Billions of pounds continue to be wasted each year on corporate security that is easily bypassed because so many employees leave unprotected passwords and corporate information on their personal digital assistants (PDAs), according to a recent survey. The second annual PDA Usage Survey, which was carried out on behalf of Pointsec Mobile Technologies, has discovered that a third of PDA owners store work passwords and cash machine PIN numbers on their PDAs, but do not secure access to their PDA in case the device is stolen or lost. http://news.zdnet.co.uk/story/0,,t272-s2137153,00.html - - - - - - - - - - Experts Say Hacker Hype Is Threat on Its Own After a widely publicized hacking contest failed to cause as much damage as expected last weekend, computer security experts are advocating a novel response for Internet hackers out for a digital joy ride: ignore them. Security firms frequently notify companies about attacks in which hackers can steal data, crash systems or do other nefarious acts. But excess publicity of relatively low-risk threats, such as Web site defacements, can do more harm than good, experts said. http://www.washingtonpost.com/wp-dyn/articles/A29479-2003Jul8.html - - - - - - - - - - Requiem for a Hacker Security has become a very big business in IT over the past few years. You'd think its growth as a commercial market would have made all our information more secure. It hasn't. Aside from the vendors that provide scanning, assessment and protection products, there are many specialized security consulting firms that will analyze your exposure and help secure your systems, as well as keep your company informed as new problems arise. With the growth of security as an industry, there have been many federal laws that aim to improve security standards and reporting requirements. http://www.eweek.com/article2/0,3959,1185275,00.asp - - - - - - - - - - Goodbye bar codes: Packages with transmitters on the way Razor blades and medicines packaged with pinpoint-sized computer chips and tiny antennae to send retailers and manufacturers a wealth of information about the products and those who buy them will start appearing in grocery stores and pharmacies this year. Within two decades, the minuscule transmitters are expected to replace the familiar product bar codes, and retailers are already envisioning the conveniences the new technology, called "radio frequency identification," will bring even as others are raising privacy concerns. http://www.usatoday.com/tech/news/2003-07-08-rfid-chip_x.htm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.