NewsBits for September 4, 2003 sponsored by, Southeast Cybercrime Institute - ************************************************************ Romanian Virus Arrest Denied Police on Thursday denied reports that a man has been detained in connection with a computer-crippling Internet worm, but confirmed they were investigating a suspect whom they declined to name. A computer security company reported Wednesday that police had detained a suspect for allegedly creating MsBlast.F, a worm that infected computers of a university in northeastern Romania.,1283,60294,00.html Second Man Arrested in Blaster Attacks,1,4065467.story Romanian worm suspect faces stiff charges - - - - - - - - - - Blaster suspect 'surprised' at arrest A Minnesota teenager who was arrested last week and charged with releasing the W32.Blaster-B Internet worm has spoken of his surprise at being arrested and also said the media has mischaracterized him as a loner and reckless. Jeffrey Lee Parson, 18, made the statements during his first media interview since his arrest last Friday. The interview was given off-camera to a producer from NBC's "Today" show and a transcript of the interview was posted on the Web site of MSNBC.,10801,84578,00.html - - - - - - - - - - Investigators review Internet records following fatal fire Investigators are reviewing Internet records to determine if conversations in an online chat room led to a house fire that killed a woman and her 3-year-old son this week. Tammy Morrill, 37, and her son, Richard, died of smoke inhalation in a fire Monday at their home in Jefferson Township, Butler County, about 30 miles northeast of Pittsburgh. - - - - - - - - - - Man Held in Lucrative Web Porn Scam Federal agents Wednesday arrested a man they say runs Web sites that exploit misspellings by computer users to direct children looking for Disneyland or the Teletubbies to explicit sex instead.,1,4033362.story,39020369,39116132,00.htm - - - - - - - - - - Chuluota man arrested for Internet sex scam with teen girlfriend A 23-year-old man allegedly coerced his 14-year-old girlfriend into an Internet scam that extorted men looking for sex. Curtis B. Howard, of Chuluota, is accused of having his girlfriend meet men in chatrooms and agree to have sex with them. When the men arrived at the designated meeting place, Howard would interrupt the liaisons and threaten to call the police unless the men paid him money, Brevard County Sheriff's Agent Sandy Jensen said Wednesday. - - - - - - - - - - Defiance man nabbed in Internet sex sting A Defiance man is the latest to be arrested by Lima police after he drove to Lima for what he believed was to be a sexual encounter with a 14-year-old child. Matthew Haviland, 20, was arraigned yesterday on a charge of importuning. He was arrested Tuesday after driving here for the meeting. Mr. Haviland allegedly initiated contact with a Lima police officer posing as a young girl in a chat room and asked the "girl" to meet with him for sex. He is the 16th person arrested in Lima in the last year as a result of similar sexual solicitations over the Internet. - - - - - - - - - - Man Caught Trying To Solicit Sex With Child ... Again An Ypsilanti Township man is expected to face a judge Thursday for violating his probation by trying to lure young girls online. Matthew Mankoff, 28, was caught in an Internet chat room designed for children, but was trying to solicit sex, authorities said. Mankoff reportedly communicated with an undercover officer posing as a child. The same officer busted Mankoff four years ago for the same alleged crime, according to a Local 4 report. He was convicted of soliciting a minor over the Internet, but did not receive jail time. Mankoff was at the time a high school band teacher who thought he was meeting two 14-year-old girls for sex, the station reported. - - - - - - - - - - City man charged in child sex abuse allegations A 64-year-old Bloomington man has been charged with sexually abusing a 15-year-old boy with whom he became acquainted through an Internet chat room for children. The alleged victim, of Burnsville, had placed his name and listed his interests on a young peoples' chat site hoping to make friends his own age, according to a criminal complaint filed last week in Hennepin County District Court. The complaint alleges that the Burnsville boy began receiving sexually explicit e-mails from Bensfield soon after placing his profile on the Internet site. The messages continued over several months, during which Bensfield repeatedly asked to meet the boy in person. The boy agreed in July, the complaint states. - - - - - - - - - - Child porn found on military base BRITISH military police questioned a man after a stash of child pornography was found at a Royal Air Force base, the Ministry of Defence said. "We can confirm that an investigation by MoD (Ministry of Defence) police is ongoing in relation to the discovery of indecent material at RAF Kinloss," a defence ministry spokeswoman said after the find last April at the base in east Scotland. The man questioned is not thought to be a member of the armed forces and the allegations date back to last April, it is believed.,4057,7173552%255E1702,00.html - - - - - - - - - - Teens investigated for possessing child porn from Internet Three teenagers, one as young as 13 years old, are being investigated for possessing child pornography downloaded from the Internet. Search warrants were executed by Internal Affairs inspectors on the teenagers and two adults alleged to have collections of extreme child pornography. Investigators say older friends of the 13-year-old may have been responsible for downloading the banned images.,2106,2649089a11,00.html - - - - - - - - - - Arkansas AG: We must protect our children from predators on the Internet Attorney General Mike Beebe is emphasizing the need for Internet safety and his office's efforts to educate parents, children, educators and law enforcement about the issue "The Internet is an amazing tool for communication," Beebe said in a press release. "However, it's also created opportunities for pedophiles to anonymously stalk our children online. If we work together, we can protect them through increased education and awareness." - - - - - - - - - - Australian Judge Finds L.A. Webmaster Liable In an unusual Internet case crossing international borders, an Australian judge imposed $61,000 in damages against a Los Angeles man earlier this week for defaming a Perth journalism professor on a series of Web sites. Bill White, 60, of Los Angeles, did not attend the civil trial in the Supreme Court of Western Australia in Perth and was found by default to have defamed Trevor Cullen, of Edith Cowan University. (LA Times article, free registration required),1,6659398.story - - - - - - - - - - New worm tries to bring down Downing Street website AV firms are warning of the appearance of a new Internet worm which attempts to launch a distributed denial of service attack on the Downing Street website. The Quaters worm spreads via email, using a variety of subject lines relating to account information, and by internet chat systems posing as an attempt to break an Internet chain mail world record. Few incidents of the worm have been spotted thus far, and it doesn't appear to be any great risk, nonetheless the overtly political nature of the worm is likely to capture the attention of UK authorities. - - - - - - - - - - SoBig opens a new can of worms The flurry of worms, Trojans and other malware is forcing corporates to rethink their security systems, boosting interest in alternatives to traditional antivirus software. - - - - - - - - - - New Zealand police warn of new net banking scam New Zealand police are warning of a new online banking scam that is targeting customers in both Australia and New Zealand, according to local press reports. The scam is reportedly being run out of Denmark and uses two Web sites. One site, called "Devancy" is targeted at New Zealand customers whilst the other, called "Avantyx", is aimed at Australians. Each site falsely claims to represent a financial services firm that has business partnerships with major banks including ANZ, Westpac, ASB Bank, National Bank of New Zealand and the Bank of New Zealand. - - - - - - - - - - First of perhaps many 9/11 viruses emerges Antivirus researchers late yesterday discovered what is being described as the first of potentially many "9/11" anniversary viruses spreading on the Internet. While it's too early to tell what, if any, damage the new virus is causing, Eric Kwon, president and CEO of San Jose-based Hauri Inc., the company that discovered the virus, said its impact seems to be similar to that caused by the recent outbreak of the Sobig worm, which overloaded e-mail servers with large volumes of spam. The 9/11 virus contains the headline "It's Near 911" or a similar variation, as well as an attachment labeled "911.jpg." Users should not open the e-mail or the attached file.,10801,84589,00.html - - - - - - - - - - Cybersecurity legislation may go to Congress As the U.S. Congress reconvenes this week after a month long break, legislation imposing cybersecurity requirements on private industry, including a proposal that would require public companies to report their cybersecurity efforts, may be on the way.,10801,84586,00.html - - - - - - - - - - FTC: Identity theft strikes 1 in 8 adults In the most comprehensive look to date at a fast- growing crime, the Federal Trade Commission said Wednesday nearly one in eight U.S. adults fell victim to identity theft in the last five years. With 9.9 million victims last year alone, the FTC warned the thefts cost businesses $48 billion and $5 billion in out-of-pocket expenses to individuals in 2002. - - - - - - - - - - Universities Rush to Protect Networks Area Schools Adopt Strict Policies Aimed at Getting Students to Upgrade Computer Security. George Mason University administrators, anxious to protect the school's computer network from a raft of viruses and worms plaguing the Internet, today unplugged thousands of students from the network. At 1:35 p.m. today, network administrators at the Northern Virginia school cut Internet access for all 3,600 students living on campus. - - - - - - - - - - MS launches Office security blitz Microsoft issued five security alerts yesterday. Thankfully, only one, involving a buffer overflow vulnerability with the software giant's applications development suite, is serious enough to merit the dreaded "critical" designation. As explained in an advisory here, a flaw with Visual Basic for Applications SDK (versions 5.0 to 6.3) might permit an attacker to run code of their fancy on targeted systems if they trick an user into opening an infected document. - - - - - - - - - - Many more worms will wriggle into our future Now that most businesses have recovered from the Blaster and SoBig worms, and the FBI has arrested one of the alleged virus writers, the computer world is settling back to normalcy. Until the next hacker decides to whip up a little Internet mayhem. Then the whole dispiriting process of computer shut-downs and emergency alerts will begin again. And next time, it will probably be worse. Experts' fear over computer virus Viruses, Worms: What's in a Name?,1377,60281,00.html - - - - - - - - - - Shops play tag with consumer privacy Consumers need to know about the potential privacy issues if retailers want to use smart chips to crack down on shoplifting, according to civil rights group Liberty. The organisation has started a campaign to raise awareness of the potential for the data storage and tracking abilities offered by Radio Frequency Identification Tags (RFIDs). - - - - - - - - - - Bugwatch: Protecting your domain name Registering a domain name is child's play, but losing it can be just as easy. Each week asks a different expert to give their views on recent security issues, with advice, warnings and information on the latest threats. This week Yurong Lin, chief executive at CommonName, warns against the perils of losing your domain name to a cyber-squatter. - - - - - - - - - - Security means keeping the system up When it comes to technological security, officials should shift their focus from guarding with the latest features to ensuring that critical processes keep running in the face of attacks, an expert said this week. "We've spent a lot of effort in building interconnected systems, but not a lot of effort in how to secure those systems and ensure continuance of critical operations," said Tim Shimeall of Carnegie Mellon University's CERT Analysis Center. - - - - - - - - - - Advanced Instant Messengers Password Recovery 2.0 If, like most folks, you set up instant-messaging on your machine so long ago that you don't remember the passwords, this program's an absolute must-have before you buy your next computer. Beyond that circumstance, you may rarely need this helpful little recovery package, which can retrieve chat login and password information that you've stored on your computer and have since forgotten. - - - - - - - - - - Password Overload If you're anything like the rest of us, you have user names and passwords floating around cyberspace and, even worse, you're doing a poor job at keeping them a secret. I'll admit that I have at least a half- dozen names and passwords taped to the outer part of my computer screen. I know that's a bad thing, but I also know that I'm not alone. *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2003,, Campbell, CA.