High Tech "NewsBits" for 09/10/03

NewsBits for September 10, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Cybercrime Charges Slapped on Virus Suspect A 24-year-old Romanian man, accused of unleashing an Internet worm called "Blaster.F," has been charged with cybercrime offences carrying up to 15 years in prison, police said on Wednesday. Police said Dan Dumitru Ciobanu, had admitted spreading the virus, a low-grade variant of the highly damaging Blaster worm, but had told investigators it was an accident. Ciobanu's arrest last week followed that of an American teenager accused of creating another Blaster strain. Romania's tough new cybercrime law, which covers online fraud, hacking and virus-writing, carries a sentence of three to 15 years, more than twice the maximum sentence for rape. http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=3419555 http://zdnet.com.com/2100-1105_2-5073931.html http://computerworld.com/governmenttopics/government/legalissues/story/0,10801,84776,00.html - - - - - - - - - - Two Brits charged with releasing TK worm Two British men were charged on Monday with conspiring to take over computers using malicious code. Jordan Bradley, 20, of Bates Avenue, Darlington, and Andrew Harvey, 22, of Scardale Way, Durham, are believed by the National High Tech Crime Unit (NHTCU) to be members of an underground cracking group called the "Thr34t-Krew" who launched the TK Worm (AKA Troj/TKBot-A) sometime before February this year. http://www.theregister.co.uk/content/56/32751.html - - - - - - - - - - Hacker who altered Yahoo database surrenders A hacker who has acknowledged involvement in computer break-ins at the New York Times newspaper, Yahoo! and other large corporations surrendered Tuesday on a federal arrest warrant related to alterations of the Times' databases. Adrian Lamo, 22, turned himself in to marshals at the U.S. federal courthouse in Sacramento, said FBI spokeswoman Karen Twomey Ernst. He is charged with altering the Times' databases between February and April 2002, causing the New York Times Co. damages exceeding $25,000. http://www.ctv.ca/servlet/ArticleNews/story/CTVNews/1063157672056_37///?hub=SciTech http://www.cnn.com/2003/TECH/internet/09/10/hacker.arrest.ap/index.html http://www.theregister.co.uk/content/55/32747.html http://computerworld.com/securitytopics/security/story/0,10801,84766,00.html - - - - - - - - - - Paedophile jailed for life after befriending mother in Asperger's chat room A predator paedophile was sentenced to life on September 9 for abusing a seven-year-old girl whose mother he had befriended through a website chat room about Asperger's syndrome, Neil Robertson had conned his way into a family's friendship, seduced the mother and molested her daughter. And the judge, Lord Reed, won the praise of the young victim's family for his tough stance at the High Court in Dunfermline. http://www.awares.org/pkgs/news/news.asp?showItemID=266&board=&bbcode=&profileCode=SSion;= - - - - - - - - - - Online piracy criminal prosecution hailed as a world first Three Sydney men face jail after pleading guilty last week to breaking copyright laws in what the Australian recording industry believes is the world's first criminal prosecution for online music piracy. Until now legal action against music websites such as Napster have relied on civil law and record industry representatives said the criminal case sent a powerful message that music piracy would face the full force of the law. Tommy Le, 19, Peter Tran, 20, and Charles Kok Hau Ng, 20, last week pleaded guilty to infringing the copyright of music giants Universal Music, Sony, Warner, BMG , EMI and Festival Mushroom Records. http://story.news.yahoo.com/news?tmpl=story&cid=1509&ncid=738&e=6&u=/afp/20030907/tc_afp/australia_music_piracy - - - - - - - - - - Stiff sentences for biggest UK credit card fraudsters The computer technician at the centre of Britain's biggest ever credit card fraud was yesterday jailed for nine years. Sunil Mahtani, 26, a former IT worker at Checkline plc, the firm that processed Heathrow Express's credit card transaction, pleaded guilty last week to downloading almost 9,000 credit card numbers from Checkline's systems. He sold this information on to a gang of crooks who obtained goods worth PS2 million over three years using cloned cards that matched the data Mahtani supplied. http://www.theregister.co.uk/content/55/32755.html - - - - - - - - - - Knight Ridder newspaper sites hit by denial of service attack The Web sites of Knight Ridder's 31 daily newspapers slowed to a crawl or were made inaccessible by a denial-of-service attack that lasted for several hours earlier this week. The sites, which include the Internet homes of The Miami Herald, The Philadelphia Inquirer and San Jose Mercury News, came under attack Tuesday morning, and technicians had restored the services by 11:45 a.m., said Amy Dalton, spokeswoman for Knight Ridder Digital. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6738442.htm - - - - - - - - - - SoBig shuts down ... for the moment SoBig.F is due to deactivate today, but experts are already waiting for the next variant of the virus to start spreading. There have been six variants on the SoBig virus since it was first detected in January. Each successive version has displayed improved code and more adept social engineering, and future versions are expected to be developed along similar lines. http://www.vnunet.com/News/1143513 Sobig-F is dead http://www.theregister.co.uk/content/56/32760.html - - - - - - - - - - One Voice on Piracy Warner Music Group Chairman Roger Ames wouldn't budge. The industry veteran refused last summer to join an effort by his four major competitors to sue illegal downloaders who were crushing the industry's bottom line. Ames insisted that before the labels unleashed their attorneys and risked a potential public relations backlash, they needed to provide consumers with an alternative, a place where the pirates could legally download songs from all five major record companies. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-behind10sep10133420,1,7595174.story N.Y. Girl Settles RIAA Case http://www.latimes.com/technology/la-fi-girl10sep10230419,1,1349659.story http://zdnet.com.com/2100-1105_2-5073717.html http://www.wired.com/news/digiwood/0,1412,60366,00.html http://www.vnunet.com/News/1143512 http://www.theregister.co.uk/content/6/32740.html http://www.wnbc.com/technology/2465365/detail.html http://www.nypost.com/news/regionalnews/5349.htm http://www.nydailynews.com/front/story/116117p-104761c.html P2P group: We'll pay girl's RIAA bill http://news.com.com/2100-1027_3-5074227.html http://www.vnunet.com/News/1143514 File-Sharing Firms Await Suits' Outcome http://www.latimes.com/technology/la-fi-file10sep10,1,4585173.story Music downloading suits could drive backlash against industry http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6736694.htm http://www.cnn.com/2003/TECH/internet/09/10/backlash.music.ap/index.html File-swap suits strike a nerve (series of articles) http://news.com.com/2009-1032_3-5073343.html RIAA sued for amnesty offer http://news.com.com/2100-1027_3-5073972.html http://www.wired.com/news/digiwood/0,1412,60376,00.html Profiling the music pirates http://money.cnn.com/2003/09/10/technology/pirates/index.htm Murky laws make piracy suits less likely in Canada than U.S. http://www.globetechnology.com/servlet/story/RTGAM.20030910.wxmecdcd10/BNStory/Technology/ - - - - - - - - - - House moves toward passing identity theft legislation Legislation awaiting House approval would give people new arms against identity theft, offering free credit reports and an easier way to block thieves from opening fraudulent accounts. Those steps were among the changes that lawmakers were debating Wednesday to the Fair Credit Reporting Act, which contains provisions that must be renewed by year's end. http://www.usatoday.com/tech/news/techpolicy/2003-09-10-fed-idtheft-laws_x.htm - - - - - - - - - - Lawmakers aim to get tough on malicious code House subcommittee members were frustrated Wednesday in their efforts to find out just who is releasing all of these computer worms and viruses. Neither government officials nor industry experts testifying before the Government Reform Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census were able to identify the culprits. http://www.gcn.com/vol1_no1/daily-updates/23467-1.html Top Security Pros to Talk Worm Defense http://www.eweek.com/article2/0,4149,1259505,00.asp http://news.com.com/2100-1028_3-5074304.html - - - - - - - - - - Pa. stops blocking child porn sites Prosecutors in Pennsylvania have agreed to stop blocking Web sites that may contain child pornography until a court determines whether the procedure is constitutional, a civil liberties group said on Tuesday. Pennsylvania prosecutors will not ask Internet service providers to block suspected child-porn Web sites until Nov. 21, when a judge will consider whether the procedure violates free-speech and due-process rights, an official with the Center for Democracy and Technology said. http://zdnet.com.com/2110-1105_2-5073933.html - - - - - - - - - - P2P Taken to Task for Child Porn Senators turned a critical eye to file-trading networks Tuesday in a hearing the explored the use of peer-to-peer services for the exchange of illegal pornography. While no new legislation was introduced, the hearing, convened by the Senate Judiciary Committee, focused on increasing criminal exploitation of file-sharing technologies to distribute child-porn images. http://www.wired.com/news/business/0,1367,60368,00.html Music lobby frightens Congress with P2P kiddie-porn nightmares http://www.theregister.co.uk/content/6/32762.html - - - - - - - - - - Abbott Unveils Cyber Crimes Unit In S.A. Texas Attorney General Greg Abbott unveiled a new crime-fighting tool to track down suspected child predators. Abbott, who made the announcement Monday at a news conference at Vidaurri Park in San Antonio, said a new cyber crimes unit has been surfing the Web looking for criminals who prey on children. The unit has already arrested nine men who had been previously convicted of child-sex crimes for violating their parole, Abbott said. Posters of the suspects were displayed on an easel. http://story.news.yahoo.com/news?tmpl=story&u=/ibsys/20030908/lo_ksat/1777610 - - - - - - - - - - Microsoft discloses serious new Windows vulnerability Moments before a top Microsoft executive told Congress about efforts to improve security, the company warned on Wednesday of new flaws that leave its flagship Windows software vulnerable to Internet attacks similar to the Blaster virus that infected hundreds of millions of computers last month. Microsoft urged customers to immediately apply a free repairing patch from its Web site. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6738575.htm http://www.securityfocus.com/news/6932 http://www.sfgate.com/cgi-bin/article.cgi?f=/news/archive/2003/09/10/national1403EDT0660.DTL http://zdnet.com.com/2100-1105_2-5074008.html http://www.washingtonpost.com/wp-dyn/articles/A55819-2003Sep10.html http://www.msnbc.com/news/964552.asp http://www.usatoday.com/tech/news/computersecurity/2003-09-10-windows-hole_x.htm http://computerworld.com/securitytopics/security/holes/story/0,10801,84775,00.html IRS Blasts Worm With Autonomic Software http://www.eweek.com/article2/0,4149,1260357,00.asp http://www.theregister.co.uk/content/56/32761.html Industrious Worm vs. Lazy IT? http://www.newsfactor.com/perl/story/22253.html The Virus of Youthful Irresponsibility http://www.businessweek.com/technology/content/sep2003/tc2003099_6173_tc047.htm - - - - - - - - - - China shuts door to spam China has blocked 127 servers sending high volumes of unsolicited email, in an attempt to change its reputation as a spammers' safe haven. China has woken up to the problem of spam and blocked 127 servers identified as sources of high volumes of unsolicited email. http://news.zdnet.co.uk/internet/security/0,39020375,39116233,00.htm http://silicon.com/news/165/1/5930.html No Truce in the Spam Wars http://www.wired.com/news/business/0,1367,60357,00.html First UK ruling under new email marketing regime http://www.theregister.co.uk/content/67/32764.html - - - - - - - - - - Apparent security hole highlights danger of e-voting The strange case of an election tally that appears to have popped up on the Internet hours before polls closed is casting new doubts about the trustworthiness of electronic voting machines. During San Luis Obispo County's March 2002 primary, absentee vote tallies were apparently sent to an Internet site operated by Diebold Election Systems, the maker of the voting achines used in the election. http://www.usatoday.com/tech/news/techinnovations/2003-09-10-electronic-voting-problem_x.htm - - - - - - - - - - SuperGlue helps data stay legal Informatica's metadata-management system is designed to help corporations deal with increasingly stringent and complex data-protection requirements. Enterprise software developer Informatica on Wednesday launched a Web-based metadata management system, designed to help organisations meet the legal requirements set out in the UK's data protection act and the Sarbanes- Oxley legislation in the US. http://news.zdnet.co.uk/business/legal/0,39020651,39116232,00.htm - - - - - - - - - - Viruses are here to stay Thanks partly to human nature, we can expect no relief from virus attacks. It may never be safe to lower our guard. Combating viruses should be an easy job. If we could all promise not to send executable attachments to one another: be they programs or Microsoft Office documents that support macros; rude or clever screen savers; or even just fancy HTML pages that download something we don't see. http://www.vnunet.com/Comment/1143484 - - - - - - - - - - Hardening the TCP/IP stack to SYN attacks Most people know how problematic protection against SYN denial of service attacks can be. Several methods, more or less effective, are usually used. In almost every case proper filtering of packets is a viable solution. In addition to creating packet filters, the modification of the TCP/IP stack of a given operating system can be performed by an administrator. This method, the tuning of the TCP/IP stack in various operating systems, will be described in depth in this article. http://www.securityfocus.com/infocus/1729 - - - - - - - - - - BigChampagne is Watching You In fact, they're tracking every download and selling the data to the music industry. How one company is turning file-sharing networks into the world's biggest focus group. Joe Fleischer twists restlessly in his Aeron chair and nods at the voice on the other end of the telephone. Tapping his fingers on his computer's mouse, he stares out the window of his Beverly Hills office at the new BMWs and battered Celicas inching down Wilshire Boulevard. "Uh-huh, uh-huh," he says. "Got it." Fleischer is talking to a client, an executive at one of the major labels who's working a band he's sure could go platinum, if only radio would give the group a chance. http://www.wired.com/wired/archive/11.10/fileshare.html - - - - - - - - - - TVs to alert police when they're stolen Big Brother technology that already allows people to be tracked through their mobile phones could soon be installed in household objects, tipping off police if they are stolen. Televisions, DVD players and computers could be fitted with microchips identifying their location and their normal proximity to each other, automatically alerting police if they change unexpectedly, according to a scientist on Wednesday. http://www.cnn.com/2003/TECH/ptech/09/10/science.future.reut/index.html Big Brother's in the House http://www.wired.com/news/technology/0,1282,60373,00.html - - - - - - - - - - Flash Mobs Get a Dash of Danger Flash mobs, spur of the moment mass gatherings originally intended to foster foolishness, have turned ugly in some locations. The mob events, now happening around the world, are an e-mail driven experiment in organizing groups of people who suddenly materialize in public places, perform some silly scripted activity, and then disperse as suddenly as they appeared. http://www.wired.com/news/culture/0,1284,60364,00.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.