NewsBits for August 14, 2003 sponsored by, Southeast Cybercrime Institute - ************************************************************ Federal security organizations repel Blaster worm Despite the rapid spread of the Blaster worm this week, it apparently had little or no effect on government agency operations here and around the country. Although analysts said the worm might have cost the private sector several hundred million dollars in repairs and downtime, federal officials credited their ability to stop the worm to a solid security process -- bolstered by a determination to rid systems of the vulnerability long before it could be exploited.,10801,83991,00.html Worm pushes Microsoft to change default Windows security Microsoft said Wednesday that it planned to change the way it distributes its flagship Windows XP operating system software, in response to a ``worm'' that has spread over the Internet in recent days attacking tens of thousands of personal computers by exploiting vulnerabilities in Windows. Dissemination of the worm, a virus-like program, slowed Wednesday as network administrators and individual computer users around the world took steps to protect their machines, even as Microsoft's critics stepped up their complaints that the company's industry-dominant software puts its customers at risk of such outbreaks. Internet worm confounds home users Making a profit off a PC worm Power Outage Not Internet Worm-Related Microsoft, Your PC's Security Guard? The Bright Side of Blaster Blaster virus inquiries mount in Japan,39020375,39115709,00.htm,1282,60029,00.html Wiping out the web worm Internet worm on the wane: FBI New worm blasts Microsoft (series of stories) Cleanup dampens Blaster worm Blaster worm variants make mischief Microsoft patch process called into question,4814,83989,00.html Blaster rewrites Windows worm rules Blaster threat extends to Cisco kit - - - - - - - - - - Tenn. Mayor Convicted in Child Porn Case A federal jury convicted a small-town mayor of possessing and sending child pornography on the Internet after they got a look at his e-mail records and his computer screen name: "Young Wanting." Thomas, a grandfather, said afterward that he would probably step down as mayor of Copperhill, an eastern Tennessee town of 511 residents and the former hub of a copper mining operation. The jury deliberated less than two hours. The panel had stacks of government evidence - hundreds of photos of nude children, some showing children in sex acts with other children and adults - that prosecutor Gary Humble said were copied from records of the mayor's e-mail account. - - - - - - - - - - Graduate student accused of hacking expelled The University of Michigan has expelled a graduate student accused of hacking a computer system and using information to forge e-mails and get copies of final exams, the state attorney general's office said Wednesday. Ning Ma, 24, a Chinese citizen on a student visa, was arrested last month and accused of collecting information from more than 60 students and professors. - - - - - - - - - - GNU Project Server Hacked by Intruder The system housing the primary FTP servers for the GNU Software Project has been compromised an intruder, the Free Software Foundation (FSF) announced Thursday, warning that a Trojan horse was also found. The GNU Project, which is a clearing house for a variety of freely available open-source software, was root compromised sometime in July 2003 but the FSF did not discover the intrusion until the end of the month, according to executive director Bradley Kuhn. Breaches, battles in Linux arena (series of stories) - - - - - - - - - - HP recovers $1.8m in grey market fraud case HP today announced it has recovered more than $1.8 million as part of its civil lawsuit against S-Systems and its owner, Leroy Anthony Sallee, over an alleged grey market fraud. Sallee recently pleaded guilty to federal charges for his participation in an alleged scheme to fraudulently acquire computer equipment at substantial discounts and then resell the products on the grey market - unofficial channels, in other words. The defendant obtained more than $5.7 million in computer equipment for only $3.1 million via misuse of a special educational discount, HP says. - - - - - - - - - - Record haul as China raids pirates In a logistical feat worthy of any Hollywood blockbuster, a record 42 million smuggled and pirated DVDs and video and audio CDs have been destroyed across China. All of the discs destroyed had been confiscated during crackdowns on smuggling cases, starting in 2001. Studios help thwart DVD piracy ring - - - - - - - - - - Fake bank email tries to con customers In Australia, an email purporting to be from a bank attempts to trick people into revealing their account details. Another fraudulent email is doing the rounds, this one attempting to trick people into providing their Westpac bank account details. According to Andrew Kent, the chief executive of SpamTrap, the emails were sent out in the early hours of this morning.,39020375,39115706,00.htm - - - - - - - - - - Court Rules Against 'Star Trek' Actress A federal appeals court rejected a ``Star Trek'' actress' lawsuit against dating service, ruling that a fake Internet profile posted with the star's comely image was not the company's fault. The 9th U.S. Circuit Court of Appeals said Wednesday the personal profile information published on Matchmaker's service is solely up to the user's discretion and the company is immune from the lawsuit.Christianne Carafano, who uses the stage name Chase Masterson, has appeared in numerous films and television programs, most notably starring as the alien character Leeta on the TV series ``Star Trek: Deep Space Nine.''Carafano sued Matchmaker after learning that an online profile using her photos had been created in 1999. The profile included her home address, phone number and text stating she sought a dominant man with ``a strong sexual appetite.'' - - - - - - - - - - Acxiom hack could force first interpretations of California law A new California law could come into play for the first time as the result of a hacker's intrusion into computer files of Acxiom, according to the California Office of Privacy Protection. The law requires any person or company doing business with Californians and owning or licensing computer data to tell customers when unencrypted combinations of personal and sensitive information have been illegally accessed. It went into effect July 1, applying to when breaches are discovered, not when the hacks occurred. - - - - - - - - - - U.S. attorneys' offices wide open to hackers, GAO says A government report released Aug. 12 cites years of IT security negligence at the U.S. Department of Justice office responsible for the day-to-day support of the nation's 93 U.S. attorneys' offices.,10801,83993,00.html - - - - - - - - - - FBI shakes up security in wake of IG report on spy As the Justice Departments inspector general this morning issued a critical report on the FBIs handling of bureau agent and Russian spy Robert P. Hanssen, agency director Robert S. Mueller III ordered security reforms that include sweeping IT policy changes. Glenn A. Fine issued the report on Hanssens damaging espionage, which spanned November 1979 to February 2001. The members of the IG investigative team generated 21 reform recommendations. - - - - - - - - - - Consumer Fights Subpoena Seeking File Sharers' Names After serving Internet providers with more than 1,000 subpoenas demanding the names and addresses of people who share copyrighted music online, the Recording Industry Assn. of America has run into someone who wants to fight for her anonymity. The woman is a Verizon Internet Services customer accused of offering copyrighted songs on a file-sharing network for others to download free. The woman, who has hired a lawyer to contest a subpoena, apparently is the first to try to prevent her identity from being disclosed to the record companies' trade association.,1,4067715.story Senator sets hearings on recording industry's piracy crackdown Refugee P2P outpost escapes authority - - - - - - - - - - Richer surfers feel less secure Survey shows wealthier US computer users are most concerned about security. Almost one-third of internet users in the US have fallen victim to a computer virus or hackers in the past two years - and the richer the surfer, the more vulnerable they feel. A survey of more than 1,000 US web users, conducted by marketing services firm Edelman, found that 43 per cent of Americans said they felt less secure on their home computers, compared with 17 per cent who felt less protected from viruses and hackers at work. - - - - - - - - - - Info agency gets new No. 2 Army Maj. Gen. Marilyn Quagliotti will soon take over the dual role of vice director at the Defense Information Systems Agency and commander of the Defense Department's Joint Task Force for Computer Network Operations, Arlington, Va. The appointment was announced Wednesday by Army Chief of Staff Gen. Peter Schoomaker. Quagliotti will replace Army Maj. Gen. J. David Bryan, though the exact transition date has yet to be determined, according to a DISA spokesperson. - - - - - - - - - - Teen Indian hacker spurns money for Stanford An Indian teenage hacking expert who has helped global think-tanks and police officials combat computer attackers and digital swindlers is spurning job offers to pursue a degree at the prestigious Stanford University. Ankit Fadia, 18, who turned into a technology wonderkid after authoring a book on hacking into computers two years ago, told Reuters he preferred a five-year-scholarship at California to lucrative consulting. - - - - - - - - - - Why Computer Worms Never Die Old computer worms are "an underestimated threat," says Security Response senior director Vincent Weafer. "From our evidence, there is still a very high degree of transmission. There's not a lot of attention, not a lot of bulletins or awareness of existing threats." Although Blaster and LovSan are the names crowding today's headlines, security bulletins and virus alerts, old computer worms -- such as Magistr, Sircam, Nimda and Bugbear -- continue to stay atop the threat lists of many anti-virus firms. While these worms may be outpaced by advancing technology and security, they continue to plague corporate, government and home computer systems. Why can't we squash them? *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2003,, Campbell, CA.