NewsBits for August 11, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ RPC DCOM Worm Hits the Net A malicious worm that exploits last month's RPC DCOM vulnerability struck the Internet Monday afternoon, targeting unpatched Windows 2000 and Windows XP machines. The worm, dubbed "Blaster" and "LovSan" by security and anti-virus companies, attacks vulnerable machines over TCP port 135, then spawns a shell and initiates a TFTP file transfer to retrieve the worm's code. http://www.securityfocus.com/news/6689 Windows worm starts its spread A worm that takes advantage of what some security experts have called the most widespread Windows flaw ever has started spreading, fulfilling the predictions of many researchers. Dubbed "MBlast" by its author, the worm is spreading quickly, according to an initial analysis posted to the Internet Storm Center, a digital threat-tracking site. Ever since mid-July, when Microsoft announced a vulnerability in a widespread component of Windows, security experts have been waiting for some online vandal to create a worm that takes advantage of it. http://news.com.com/2100-1002_3-5062364.html http://www.msnbc.com/news/951168.asp Internet infection spreading rapidly http://www.securityfocus.com/news/6692 The Lingering Ghost of Slammer http://www.securityfocus.com/columnists/178 - - - - - - - - - - Man charged in Acxiom cracking case A 24-year-old man appeared in court last Friday charged with cracking the systems of one of the world's largest consumer database companies. Daniel J Baas, from Milford, Ohio, is alleged to have illegally accessed and copied information stored at consumer database giant Acxiom last December while working for its partner, Cincinnati- based data-mining firm Market Intelligence Group. http://www.theregister.co.uk/content/55/32278.html - - - - - - - - - - Acquitted Man Says Virus Put Pornography on Computer One evening late in 2001, Julian Green's 7-year-old daughter came upstairs from the computer room of their home in the resort town of Torquay, in western England, and said, "The home page has changed, and it's something not very nice." When Mr. Green checked the machine, he found that the family PC seemed almost possessed. The Internet home page had somehow been switched so that the computer displayed a child pornography site when the browser software started up. Even if he turned the machine off, it would turn itself back on and dial the Internet on its own. http://www.nytimes.com/2003/08/11/technology/11PORN.html - - - - - - - - - - State Computers Seized in Child Porn Inquiry Authorities have seized 11 computers from offices of the state's transportation department that allegedly were used for viewing child pornography. The FBI is investigating, said David Beyer, an FBI spokesman in Louisville. Employees who used the computers were being interviewed by the FBI, said Bobby Russell, the department's inspector general. (LA Times article, free registration required) http://www.latimes.com/technology/la-na-briefs9.5aug09,1,7760808.story - - - - - - - - - - Internet Providers Question Subpoenas to Stop File Swapping Arguing that the record industry is trying to force its members to become the "police of the Internet," a group representing over 100 Internet service providers plans to deliver a letter to the industry's trade association today. The letter asks a series of pointed questions about plans to sue people suspected of illegally trading music files online. http://www.nytimes.com/2003/08/11/technology/11LETT.html http://news.com.com/2100-1027_3-5062372.html http://www.vnunet.com/News/1142930 http://www.usatoday.com/tech/news/techpolicy/2003-08-11-riaa-refile_x.htm Two universities win battle against RIAA subpoenas http://computerworld.com/securitytopics/security/privacy/story/0,10801,83903,00.html http://news.zdnet.co.uk/business/legal/0,39020651,39115615,00.htm Internet File Sharing: Theft or a Loan? http://www.latimes.com/technology/la-le-helwig10aug10,1,3756207.story P2P fingerprinter to get data from label http://news.com.com/2100-1027_3-5062426.html Download warning 101 http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2003/08/11/BU221002.DTL - - - - - - - - - - Habeas cans spammer Habeas, the company that fights spam with Japanese-style poetry, finally won a first lawsuit against a spammer. Rather than identifying which email is spam, Habeas helps users determine which email is not spam by including a haiku, a form of Japanese poetry, in the headers of outgoing email. This haiku is trademarked and copyrighted. Habeas says over 300 million e-mail addresses worldwide use the system. http://www.securityfocus.com/news/6683 - - - - - - - - - - Online gamblers sue their creditors A California couple that lost more than $100,000 gambling online is suing a host of credit card companies and banks, claiming the businesses shouldn't have processed the wagers. Lisa and Andrew Harding racked up tens of thousands of dollars in online gambling debt during 2002 and 2003, prompting a lawsuit from credit card company Retailers National Bank, which accused Lisa Harding of failing to pay the bills. http://news.com.com/2100-1023_3-5062411.html - - - - - - - - - - Korea hit by cybercrime wave With its enthusiastic take-up of technologies such as broadband and the Internet, South Korea is often seen as a flagship country that others such as the UK could learn from. Its transformation into a cybernation is not without its downside, though, according to latest reports. South Korean police warned this week that levels of cybercrime in the country are soaring. So far this year, 40,000 have been reported--an 18 percent increase on the same period in 2002. More than 22,000 of these cybercrimes involved online gaming sites, which are extremely popular in South Korea. http://asia.cnet.com/newstech/personaltech/0,39001147,39145592,00.htm - - - - - - - - - - SA Web sites 'soft targets' for hackers There has been a dramatic increase in the number of South African hacks reported to zone-h.org, with four university sites and 5fm's homepage being targeted by hackers last week. Latitude Information Technology Security consultant Karel Rode says local sites have been identified as soft targets by foreign hackers because many of the sites have not been protected properly. http://www.itweb.co.za/sections/internet/2003/0308111149.asp - - - - - - - - - - 20% of firms face serious security threat, says Gartner Analysts at international research firm Gartner say that through 2005, 20% of enterprises will experience a serious Internet security incident targeting information and intellectual property. While the majority of enterprises will not face such an attack, companies must still take the proper precautions, says Gartner. Being a victim of one of these security incidents could be much more costly for enterprises if they don't protect themselves. http://www.itweb.co.za/sections/enterprise/2003/0308111151.asp Insuring Security http://www.cioinsight.com/article2/0,3959,1215800,00.asp Security spending to hit $13.6bn by 2006 http://news.zdnet.co.uk/internet/security/0,39020375,39115625,00.htm http://www.theregister.co.uk/content/55/32260.html Study: New threats to boost security costs http://zdnet.com.com/2100-1105_2-5062169.html One in five firms to suffer cyber-attack http://www.vnunet.com/News/1142933 Hackers own all Wi-Fi hotspot data http://www.vnunet.com/News/1142920 - - - - - - - - - - Aussie gov't doesn't give a 4X for civil liberties A proposal to make it as difficult for Australians to open an Internet account as to open a bank account has drawn stinging criticism from online civil liberties group Electronic Frontiers Australia (EFA). The proposal, which was put to a parliamentary commission on preventing cybercrime in July, would require anyone wanting to open an Internet account in Australia to produce 100 points of identity documentation, on a scale where a birth certificate or passport rates as 70 points. http://www.onlinecasinonews.com/ocnv2_1/article/article.asp?id=3818 - - - - - - - - - - File security plan proposed New plan afoot to allow online security validation of software files from multiple vendors. A group of vendors led by US vendor Tripwire have announced plans to develop a database that IT managers could use to verify the authenticity and integrity of the files built into packaged software. Hewlett-Packard, IBM, RSA Security, InstallShield Software, and Sun Microsystems are also involved in the File Signature Database (FSDB) effort. The repository will store metadata about individual files created by each of the vendors, such as the file's name, a 'born-on' date and its digital hash values. http://www.techworld.com/news/index.cfm?fuseaction=displaynews&NewsID=349 - - - - - - - - - - Amcrin, i2 to provide fraud viewer Amcrin Corp. and analysis software developer i2 Inc. plan to develop a quick-use "visual link" Web-based viewer for the rapidly growing, multistate CrimeDex network. CrimeDex has online alerts and information about fraudulent activity for corporate and public sector investigators, with the aim of producing faster arrests and better strategic processes to reduce fraud. The FBI recently became a member of CrimeDex, as did the National White Collar Crime center. http://www.fcw.com/geb/articles/2003/0811/web-amcr-08-11-03.asp - - - - - - - - - - Zone Labs moves to secure instant messaging Zone Labs is to target consumers and small businesses by securing instant messaging on the desktop instead of the server, with the launch of its IMsecure Pro 1.0, its first step into the fledgling market for IM security. Expansion to the enterprise arena is planned for later this year, said Fred Felman, vice president of marketing at Zone Labs. http://www.computerweekly.com/articles/article.asp?liArticleID=124052 - - - - - - - - - - Spam fighters win battles, but the war rages on At 5-foot-10 and slightly built, Terry Fox, 51, won't be mistaken for a Green Beret or an intelligence operative. But Fox is on the front lines of Corporate America's escalating war against spam. He has deployed an arsenal of high-tech weapons, such as network gateways and software filters, to stanch junk e-mail at MasterCard International, where he is, some jokingly suggest, chief spam officer. The title sounds silly, but the job is not. http://www.usatoday.com/tech/news/internetprivacy/2003-08-10-spam_x.htm - - - - - - - - - - E-commerce and safety issues It is understandable, that in introduction of electronic commerce, the safety issue is crucial, and the increase in plastic cards circulation makes a safety problem more and more critical. The level of fraud grows. The stolen cards data, shops completely disappearing from the market after successful fraud actions, the fictitious shops intended for gathering the information on cards and their owners, - all these are concomitants of today's e-commerce. http://www.crime-research.org/eng/news/2003/08/Mess1102.html - - - - - - - - - - Black Ice: Cyber-terrorism and the Private Sector Corporate America is still in denial about the threat of cyber-terrorist attacks against critical facilities in the energy, telecommunications and financial industries. Editor's Note: Dan Verton's book gets itstitle from an emergency planning exercise for the 2002 Winter Olympics in Utah, code-named Black Ice. http://computerworld.com/securitytopics/security/story/0,10801,83841,00.html?SKC=home83841 Sidebar: A Definition of Cyber-terrorism http://computerworld.com/securitytopics/security/story/0,10801,83843,00.html Sidebar: Key Themes in Black Ice' http://computerworld.com/securitytopics/security/story/0,10801,83844,00.html - - - - - - - - - - DNS inventor says cure to net identity problems is right under our nose Meet Paul Mockapetris. He may not be an industry celebrity like Bill Gates, Michael Dell, Richard Stallman, Eric Raymond, or Linus Torvalds, but he should be. Mockapetris was a key figure in the development of the Domain Name System, the Internet protocol that maps domain names like zdnet.com to IP addresses like 206.16.6.208. Without a protocol like DNS, people, software, and computers would be cast adrift in a sea of incomprehensible and changing numbers. Although others were involved with the development of the DNS, Mockapetris wrote the protocol, and for this contribution he was recently awarded the prestigious IEEE Internet Award. http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2914447,00.html - - - - - - - - - - The secret tricks Joe Stewart was poring over the complex computer code of a widespread new virus named "SoBig," wondering what it was really designed to do. Then it hit him. This was not your typical attention-getting nuisance. The virus, he says, was actually designed to hack into home users' computers and quietly use them to send out spam. In the secretive world of spammers, where dirty tricks are standard practice, this was the dirtiest trick yet. http://www.msnbc.com/news/940853.asp - - - - - - - - - - Identity Crisis Meet Michael Berry: political activist, cancer survivor, creditor's dream. Meet Michael Berry: scam artist, killer, the real Michael Berry's worst nightmare. Michael Berry prowled the streets of South Central Los Angeles in a rented silver Volvo, searching for a clue. He turned onto a residential street called 12th Avenue, peered at each home and then slowed the car almost to a stop. His heart fluttered. http://www.washingtonpost.com/wp-dyn/articles/A25358-2003Aug6.html - - - - - - - - - - Internet discussion board for police shut down An Internet discussion board hosted by the Fraternal Order of Police has been shut down, less than a week after it attracted criticism from the NAACP. The South Bend chapter of the National Association for the Advancement of Colored People claimed that some of the discussions on the board were derogatory and offensive to minorities. http://www.usatoday.com/tech/news/2003-08-11-police-discussion-board_x.htm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.