NewsBits for August 20, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ E-Mail Worm Strikes Corporate PCs AOL Time Warner Inc., Verizon Communications Inc. and Starbucks Corp. were among the companies scrambling Tuesday to block a new mass e-mail worm dubbed Sobig.F from wrecking their networks. The worm, which appeared to be spreading rapidly, attempts to download files from the Internet and potentially can leave computers vulnerable to further attack. It is at least the fourth major new Internet worm to hit computers worldwide in the last week. http://www.latimes.com/technology/la-fi-sobig20aug20,1,4029802.story http://www.itweb.co.za/sections/internet/2003/0308201047.asp http://news.com.com/2100-1002_3-5066444.html http://www.newsfactor.com/perl/story/22126.html http://www.usatoday.com/tech/news/computersecurity/2003-08-20-sobig-follow_x.htm Symantec security response upgrades W32.Welchia.Worm to level four threat Symantec, the world leader in Internet security, today announced that it has upgraded the W32.Welchia.Worm from a level two to a level four threat. Symantec is receiving reports of severe disruptions on the internal networks of large enterprises caused by ICMP flooding related to the propagation of the W32.Welchia.worm. In some cases enterprise users have been unable to access critical network resources. http://www.itweb.co.za/sections/internet/2003/0308200810.asp Geeks Grapple With Virus Invasion http://www.wired.com/news/infostructure/0,1377,60109,00.html Virus, worms wreak havoc on computer networks http://govexec.com/dailyfed/0803/082003tdam1.htm E-mail deluge triggered by 'worm' http://money.cnn.com/2003/08/20/technology/worms.reut/index.htm http://www.washingtonpost.com/wp-dyn/articles/A19306-2003Aug20.html http://www.msnbc.com/news/954470.asp Auto-responders magnify Sobig problem http://www.theregister.co.uk/content/56/32434.html Virus spawns more airport chaos http://www.canada.com/technology/story.html?id=83FBB889-8F1F-4B50-AEA8-15589B2001FC http://www.cnn.com/2003/TECH/internet/08/20/aircanada.virus.reut/index.html Cyber attack hits New Zealand http://onenews.nzoom.com/onenews_detail/0,1227,214398-1-7,00.html Windows admin 'feature' poses latest hazard http://news.zdnet.co.uk/0,39020330,39115836,00.htm Will anti-virus earnings be 'SoBig'? http://money.cnn.com/2003/08/20/technology/worm/index.htm In wake of worm, Microsoft considers automating updates http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6573436.htm - - - - - - - - - - Computer glitch halts stock exchange trading for hours in New Zealand A software glitch wiped out trading at the New Zealand stock exchange Wednesday, forcing it to close for five hours. Trading halted at 11:30 a.m. and reopened for 30 minutes at the end of the day. Volume was down, with only 58 million New Zealand dollars ($34 million US) worth of shares changing hands, compared with an average day's turnover of $80 million NZ ($47 million US). http://www.canada.com/technology/story.html?id=F19B5402-7A9F-4B72-8FB2-E6A10C898CF0 - - - - - - - - - - Child porn verdict derails career A 41-year-old man convicted of downloading child pornography avoided jail time but had his career goal of becoming a teacher derailed Tuesday. At the time of his arrest last summer, Douglas F. Reid was living in Bethel Manor with a friend in the Air Force. He was providing child care for the friend's children, a 7-year-old girl and a 9-year-old boy, according to York County Assistant Commonwealth's Attorney Leslie Siman-Tov. Reid's friend contacted authorities after he discovered several direct links to pornography sites on a computer in the residence, deleted the links, discovered them again, deleted them again, then discovered a computer disk with obscene pictures of children on it, Siman-Tov said. http://www.dailypress.com/news/local/dp-61573sy0aug20,0,6195801.story - - - - - - - - - - 2 plead not guilty in Internet sex case Two men accused of using the Internet to arrange sex with minors pleaded not guilty to federal charges in separate cases. Michael Adrian Lee, 19, of Billings, and Trevor Jason Bjerke, 25, of Bozeman, were arrested when they showed up at rendezvous sites thinking they were meeting a girl, who in fact was an FBI undercover agent working on a task force on crimes against children. http://www.billingsgazette.com/index.php?id=1&display=rednews/2003/08/19/build/local/62-internet.inc - - - - - - - - - - 28-year-old accused of luring teen boy from New Mexico A local man has been arrested for allegedly pretending to be a 16-year-old girl on the Internet and luring a 16-year-old New Mexico boy to his home, officials said. Thomas Wesley Reynolds, 28, of Hope, Ark., faces charges of possession of child pornography and sexual solicitation of a child, according to information released from the Hempstead County Sheriff's Department Monday. Sheriff's deputies and investigators with the Arkansas State Police served a search warrant at Reynolds' apartment about 9:30 p.m. Sunday after receiving a report form the 16-year-old male victim's mother. The victim told investigators he had been talking in an Internet chat room with a person who identified himself as a 16-year-old girl from Hope. http://www.texarkanagazette.com/articles/2003/08/19/news/news12.txt - - - - - - - - - - Child sex charges filed against New York man A 43-year-old New York man caught in a La Crosse motel with a 15-year-old Bangor, Wis., girl he met over the Internet was charged Tuesday with five felonies including sexual assault of a child, abduction of a child and child enticement. When police found the couple in a French Island motel Friday morning, Steven J. Karris, 43, of Selden, N.Y., would neither admit nor deny that he and the girl had sex, according to a criminal complaint. Karris said he and the girl are in love and are planning to get married when she turns 18. http://www.lacrossetribune.com/articles/2003/08/20/news/z03sex.txt - - - - - - - - - - Court official charges Interior destroyed data The Interior Department unlawfully destroyed computerized information tracking the evaluation of right-of-way fees for oil and gas companies that run pipelines across Navajo lands, according to an official of the U.S. District Court for the District of Columbia. Alan Balaran, a court official appointed by U.S. District Judge Royce C. Lamberth, stated in a filing that Interior officials erased information in their computer systems relating to the valuation of oil and gas pipeline ROWs across Navajo lands. Lamberth is overseeing a 7-year-old series of lawsuits in which American Indians are suing the Interior Department for restoration of funds lost as a result of the departments mismanagement of individual American Indian trust funds. http://www.gcn.com/vol1_no1/daily-updates/23215-1.html - - - - - - - - - - Entertainment industry appeals file-swap ruling Record labels and movie studios are appealing an April court ruling that legitimised some file-swapping Record labels and movie studios said on Tuesday that they have appealed an April federal court ruling that held for the first time that some file-swapping software was legal. http://news.zdnet.co.uk/internet/0,39020369,39115829,00.htm http://www.usatoday.com/tech/news/techpolicy/2003-08-20-riaa-vs-judge_x.htm Grokster defiant as music industry appeals http://www.vnunet.com/News/1143122 http://www.theregister.co.uk/content/55/32437.html Vague Limits Vex Music Traders http://www.wired.com/news/mp3/0,1285,60110,00.html http://www.theregister.co.uk/content/6/32420.html Music Parody Site Pulls the Plug http://www.wired.com/news/digiwood/0,1412,60088,00.html - - - - - - - - - - VeriSign misses Sex.com trial deadline Domain registration giant VeriSign has missed a deadline to ask a federal appeals court to reconsider a landmark decision in the Sex.com case, which established that Internet domain names are subject to state property law. Last month, Gary Kremen, rightful owner of the Sex.com domain name, won the right to sue VeriSign-subsidiary Network Solutions (NSI), the registrar duped into transferring the lucrative domain to a convicted felon, Stephen Cohen. http://www.theregister.co.uk/content/6/32429.html - - - - - - - - - - Head of FTC Opposes Bills To Curb Spam The head of the Federal Trade Commission yesterday criticized several federal legislative efforts designed to combat junk e-mail, remarks that could cloud the prospect for congressional action this year. http://www.washingtonpost.com/wp-dyn/articles/A17156-2003Aug19.html http://dc.internet.com/news/article.php/3066111 http://www.usatoday.com/tech/news/techpolicy/2003-08-20-ftc-spam-list_x.htm What your e-mail is bouncing back http://www.msnbc.com/news/954687.asp - - - - - - - - - - EFA says cybercrime code will violate net users' privacy A proposed Cybercrime Code of Practice for ISPs would result in massive invasion of internet users' privacy, Electronic Frontiers Australia, a group which campaigns for online rights and freedoms, has warned. The draft code was recently issued for public consultation by the Internet Industry Association of Australia. The EFA said it had been developed in secret over the last two years by the IIA and law enforcement agencies. http://www.theage.com.au/articles/2003/08/20/1061261191732.html - - - - - - - - - - Patch management on the way for VA The Veterans Affairs Department expects to roll out an aggressive patch management system over the next year, the departments head of cyber and information security said Wednesday. The need became apparent during the current waves of worms swamping the Internet, Bruce Brody, associate deputy assistant secretary for cyber and information security, told an audience at a Washington conference sponsored by Unisys Corp. http://www.gcn.com/vol1_no1/daily-updates/23206-1.html http://www.fcw.com/fcw/articles/2003/0818/web-va-08-20-03.asp - - - - - - - - - - Powerful Wireless Security Tools for Free For a network administrator or curious end-user looking to do basic sniffing of the airwaves for WLAN traffic and locations, Kismet, NetStumbler and AirSnort have a price that's hard to beat. Despite the best efforts of developers and standards bodies, wireless LANs (WLANs) are still the poster child for unsecured networks. Wireless network- security protocols contain enormous loopholes, coverage areas leak like a broken faucet, and many administrators do not even bother to turn on the security features that come with their systems. http://www.newsfactor.com/perl/story/22124.html - - - - - - - - - - Plastic cards in Ukraine fraud classification According to Ukraines National Bank Payment System Department, on July 1, 2003, eighty-five banks (nearly 55% of their total number) were fixed as members of intrastate and international payment systems that issue and acquire payment cards. In the second quarter of 2003, the full quality of operative cards issued by Ukrainian banks has increased by 8% and makes more than 8016 pieces. The number of card cash dispensers has grown up to 3770, payment terminals up to 23817 and imprinters up to 26162. Payment card operations have also risen up to 35 million, card turnovers reaching 7762 million UHR. Card account balances have increased as well up to 2579 million UHR (for physical persons up to 2486 million UHR, for juridical ones up to 92.8 million UHR). http://www.crime-research.org/eng/library/Golubev_august.html - - - - - - - - - - Check Point targets MEs with firewall/ VPN combo Internet security firm Check Point is targeting medium- sized companies with a firewall/VPN package designed for organisations with up to 500 employees. Check Point Express includes firewall, VPN, network and application attack protection combined with multi-site, centralised management functions. The package is designed to be easy to purchase, install and manage. The product - the Israeli vendor's first all-in-one security product for smaller shops - is essentially a cut-down version of Check Point's flagship VPN-1/FireWall-1 Next Generation with Application Intelligence product. http://www.securityfocus.com/news/6773 - - - - - - - - - - Passwords are evil and expensive Some interesting facts about people's use of passwords have emerged from a survey of over 3,000 IT professionals and business execs carried out in the US. Just under a quarter have eight or more different names and passwords to access different parts of their computer system. Eighteen per cent are lucky enough to have just one, with most stuck with between three and four. With this many to remember, you'd think some people would write them down. They do. Over half (55 per cent) of people have written their password down at least once, with most having written them down about three times. Nine percent of people always write their passwords down. http://www.techworld.com/news/index.cfm?fuseaction=displaynews&NewsID=382 - - - - - - - - - - Keeping your computer safe from Internet nastiness I'm no hacker. But when I found myself without broadband access to the Internet a week ago while on vacation, I inserted a Wi-Fi networking card in my laptop with hopes of finding a nearby wireless connection. Sure enough, I found one piggybacking on a neighbor's network. He or she probably never knew I was freeloading. My intentions were benign; all I wanted was to check my own e-mail and the Web. But there's no telling how much havoc a skilled and sinister hacker might have wreaked. http://www.usatoday.com/tech/columnist/edwardbaig/2003-08-19-baig_x.htm Small firms ignore security protection http://www.vnunet.com/News/1143125 http://www.theregister.co.uk/content/67/32426.html - - - - - - - - - - Penetration Testing for Web Applications (Part Three) In the first installment of this series we introduced the reader to web application security issues and stressed the significance of input validation. In the second installment, several categories of web application vulnerabilities were discussed and methods for locating these vulnerabilities were outlined. In this third and final article we will be investigating session security issues and cookies, buffer overflows and logic flaws, and providing links to further resources for the web application penetration tester. http://www.securityfocus.com/infocus/1722 Penetration Testing for Web Applications (Part One) http://www.securityfocus.com/infocus/1704 Penetration Testing for Web Applications (Part Two) http://www.securityfocus.com/infocus/1709 - - - - - - - - - - Tampa drops facial-recognition system; no bad guys spotted Tampa police have scrapped their controversial security camera system that scanned city streets for criminals, citing its failure over two years to recognize anyone wanted by authorities. The system was intended to recognize the facial characteristics of felons, sexual predators and runaway children by matching passers-by in Ybor City with a database of 30,000 mug shots. ``It's just proven not to have any benefit to us,'' Capt. Bob Guidara, a department spokesman, said Tuesday. The cameras have led only to arrests for such crimes as drug deals. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6578227.htm http://www.fcw.com/geb/articles/2003/0818/web-face-08-20-03.asp http://www.msnbc.com/news/954882.asp http://www.usatoday.com/tech/news/techinnovations/2003-08-20-tampa-cameras_x.htm http://www.theregister.co.uk/content/55/32437.html - - - - - - - - - - Nation's first automated alert network activated After 16 months of development and testing, a public/ private security partnership based in Oregon today officially activated what is being described as the nation's first fully automated, Web-based regional security alert system. Known as RAINS-Net and developed by the Regional Alliances for Infrastructure and Network Security, a partnership of 60 IT vendors and more than 300 public and private organizations, the system will provide automated alerts from the Portland 911 center to schools, hospitals and downtown corporate building managers. http://computerworld.com/securitytopics/security/story/0,10801,84204,00.html - - - - - - - - - - Homeland Security still seeking to consolidate 'watch lists' Homeland Security Department Deputy Secretary Gordon England said Wednesday that the department has not completed the task of combining a dozen separate "watch lists" of potential terrorists because it is a "technical challenge" to consolidate databases and computers that were not designed to share information. http://govexec.com/dailyfed/0803/082003td1.htm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.