NewsBits for September 15, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Restrictions lifted on NY Times hacker Adrian Lamo, accused of attacking the networks of The New York Times, Yahoo and other companies, will have to live with his parents but can use a PC for some purposes. A federal judge on Friday said Adrian Lamo, the so-called homeless hacker, could go free on bail with only limited restrictions on his computer use until his next court date in October. http://news.zdnet.co.uk/0,39020330,39116344,00.htm http://www.cnn.com/2003/TECH/internet/09/15/hacker.arrest.ap/index.html - - - - - - - - - - MSN email spoofer pleads guilty to wire fraud An email spoofer who set up a simple scam to defraud MSN customers pleaded guilty last week to wire fraud. Matthew Thomas Guevara, 21, of Chicago, Illinois faces a jail sentence of up to 5 years and a fine of $250,000 for conning MSN customers into revealing their credit card details. http://www.theregister.co.uk/content/6/32820.html http://computerworld.com/securitytopics/security/story/0,10801,84964,00.html Microsoft thanks FBI for nabbing scammer Microsoft has thanked the FBI and the US Attorney's Office following the successful prosecution of an email scammer who passed himself off as its online service, MSN. The company stressed that it had cooperated with the investigation that resulted in Matthew Thomas Guevara pleading guilty last week to wire fraud. http://www.vnunet.com/News/1143613 - - - - - - - - - - Neighbors hail child porn addict's lengthy sentence Neighbors, counselors and prosecutors believe it was only a matter of time before James Charles Klueber would act on his sexual attraction to adolescent boys. Northampton County Judge Stephen G. Baratta agreed and handed down Friday what is essentially a life sentence to prevent the 43-year-old Palmer Township man from preying on children. Klueber, of the 2700 block of Crestmont Avenue, was sentenced to 33 to 67 years in state prison for sending more than 100 images of child pornography over the Internet to an undercover police officer on Dec. 21, 2001. Klueber pleaded guilty to 134 counts of sexual abuse of children -- one for each image -- after prosecutors dropped more than 400 counts, according to defense attorney Robert Patterson. http://pennlive.com/news/expresstimes/pa/index.ssf?/base/news-7/1063443846319660.xml - - - - - - - - - - Man who maintained child porn chatroom convicted A Joplin man will turn himself over to federal authorities for trading child pornography over the internet. 32 year old John Farlow will serve a 10 year prision term for the crime. He was charged last year when police in Germany informed U.S. Customs Services about a child porn chat room farlow was maintaining. A search warrent was issued for his house at 2529 South Minnesota and for his computer. Once Farlow is done with his 10 year term, he has to install hardware and software to moniter his computer use and also register on the sex offenders list. http://216.87.159.45/news/default.asp?mode=shownews&id=1849 - - - - - - - - - - Man accused in child porn case accepts plea agreement A Connecticut man arrested in Mexico after being indicted on child pornography charges in West Virginia has accepted a plea agreement. Paul David Rene, 38, was initially arrested in January 2002 after workers at a Martinsburg computer repair shop discovered child pornography files on his computer while repairing it in July 2001. http://www.stamfordadvocate.com/news/local/state/hc-13135808.apds.m0691.bc-ct-childsep13,0,6628291.story - - - - - - - - - - Internet sting case stands test of law in Montco court Prosecutors won a guilty verdict last week in the first trial in Montgomery County involving Internet sting investigations, in which police pose online as juveniles. Jimmy Jacob of Philadelphia was found guilty in a one-day trial heard by Judge Paul Tressler. Assistant District Attorney Todd Stephens said the guilty verdict was important because it demonstrated that online undercover investigations can pass legal scrutiny. "I think it's important to get the conviction as we did so that we can establish [that] what we are doing is within the parameters of the law and that the perpetrators should be prosecuted," Stephens said. He said it was the first trial in the county involving an online sting case. http://www.philly.com/mld/inquirer/news/local/6773314.htm - - - - - - - - - - Internet child sex sting nets 19 more The man from the computer chat room arrived for the rendezvous, as he had promised, with perfume and a brassiere. But the 13-year-old girl with whom authorities say he had arranged to have oral sex was a no-show. Over two weeks last summer, the gift bearer, Anil Kumar, 34, from Creve Coeur, chatted on the Internet with someone who presented herself as a bored teenage girl, police say. She was, in fact, as fictional as Nabokov's "Lolita." She was St. Louis County police vice detective Adam Kavanaugh, 37, pretending to be a prepubescent girl. Police arrested Kumar in a parking lot on Aug. 14 last year. They said it was the spot where he had arranged to meet the girl, and said the bra and perfume were evidence he'd come for a sexual encounter. Kumar later admitted as much, according to the complaint against him. He is one of six area men who have been charged in a long-running county sting. Prosecutors plan to roll out charges against 19 others in the weeks to come. http://www.stltoday.com/stltoday/news/stories.nsf/News/F05F3E114C0BAA2F86256DA20016FC4B?OpenDocument&Headline=Internet+child+sex+sting+nets+19+more+ - - - - - - - - - - 2 Arrests in Porn Cases A career counselor at Stony Brook University and a retired elementary school teacher from Holbrook were arrested Thursday in separate investigations after sexually explicit images of children were discovered on their computers, Suffolk and Stony Brook University police said. In each case, computer technicians found the photographs - some depicting pre-pubescent children having sex with adults - and notified authorities. http://www.newsday.com/news/local/longisland/crime/ny-lisex133452975sep13,0,2165079.story - - - - - - - - - - Garda charged with child pornography A member of the Gardai charged with possession of child pornography has been sent forward for trial to the Dublin Circuit Criminal Court. Thirty-eight- year-old Darrach Kennedy from Knocklyon in Dublin was stationed at Garda Headquarters in the Phoenix Park. He is facing two charges under the 1998 Child Trafficking and Pornography Act. The Dublin District Court heard today that the Book of Evidence had been served and the DPP had consented to the case being sent forward for trial. Judge Clare Leonard then sent the case forward to the next sitting of the Circuit Criminal Court. http://u.tv/newsroom/indepth.asp?pt=n&id=37097 - - - - - - - - - - FBI arrests area man in GA - travels to have sex with 3-year-old A Parkersburg man who allegedly traveled to Georgia to have sex with a 3-year-old girl was arrested by the FBI. Gary W. Powers, 52, of Core Road, Parkersburg, was arrested last Saturday at a restaurant in northeast Atlanta during an FBI sting operation. He was charged with traveling in interstate commerce to engage in sexual activity with a minor, the FBI said. "He had been corresponding online with a third party and had expressed his desire to travel to Atlanta to have sex with a 3-year-old girl," said Special Agent Joe Parris, media coordinator for the Atlanta Field Office of the FBI. http://www.newsandsentinel.com/news/story/0913202003_new02_Sex.asp Van Buren Man Arrested for Trying to Have Sex With 15-year-old http://www.katv.com/news/stories/0903/102683.html - - - - - - - - - - Teacher charged in child porn case Kansas City, Kan., police arrested an elementary school computer science teacher Friday for allegedly having child pornography on his school computer. Joseph T. Martin Jr., 46, of Olathe was charged in connection with pornography found at Whittier Elementary, 2600 S. 10th St., said police spokesman Capt. Michael Kobe. Wyandotte County Jail officials said Martin remained jailed on Saturday afternoon. School officials discovered "inappropriate materials" in Martin's classroom after school Wednesday, said Linda Murray, an assistant superintendent for the Kansas City, Kan., School District. http://www.kansascity.com/mld/kansascitystar/6764659.htm Teacher Convicted Of Having Child Pornography On Classroom Computer http://www.nbc4.tv/news/2485431/detail.html Former karate instructor admits owning child porn http://www.pottstownmercury.com/site/news.cfm?newsid=10159425&BRD=1674&PAG=461&dept_id=18041&rfi=6 Man indicted on federal child porn counts http://www.redding.com/news/stories/20030913lo021.shtml UC Davis Employee Busted For Child Porn http://fox40.trb.com/news/ktxl-091203pornarrest,0,1896925.story Chat Room Conversations End in Local Man's Arrest http://kdka.com/local/local_story_258183810.html Child porn case sparks shock waves http://www.daily-journal.com/content/?id=33862 - - - - - - - - - - Ten on internet child porn charges A FATHER and his son were among ten men who appeared before Ipswich magistrates today charged with child porn offences. Computer consultant Michael Richards, 51, formerly of Hollesley, but now of Salehouse, Rackheath, Norfolk, is charged with 16 allegations of making indecent photographs of children under the age of 16. The offences were said to have taken place between 1999 and 2003. http://www.eveningstar.co.uk/Content/news/story.asp?datetime=15+Sep+2003+19%3A04&tbrand=ESTOnline&tCategory=News&category=News&brand=ESTOnline&itemid=IPED15+Sep+2003+16%3A09%3A47%3A577 - - - - - - - - - - Barclays customers conned by email The bank has warned users of its Internet bank not to disclose personal information, after a handful fell for a scam. UK bank Barclays warned on Saturday of an email scam that tricks its online customers into revealing their confidential details. The bank said fraudsters had sent an email message falsely purporting to be from Barclays, which included a link to what appeared to be the bank's Web site. http://news.zdnet.co.uk/internet/security/0,39020375,39116345,00.htm - - - - - - - - - - FCC, music biz face showdowns this week The media and entertainment industries face a pair of big policy hurdles this week as the Senate takes up an effort to roll back media rules put in place by the Federal Communications Commission in the spring, and the appeals court hears arguments over the music industry's attempts to name Internet copyright pirates. http://www.cnn.com/2003/SHOWBIZ/09/15/media.capitol.reut/index.html Recording industry in a bind http://www.siliconvalley.com/mld/siliconvalley/news/local/6776689.htm Insiders blamed for most online movie piracy http://www.newscientist.com/news/news.jsp?id=ns99994166 Record companies have reason to worry http://www.pittsburghlive.com/x/tribune-review/columnists/copeland/s_155108.html Record companies are right to sue over greedy music downloading http://www.siliconvalley.com/mld/siliconvalley/6775670.htm SBC Won't Name Names in File-Sharing Cases http://www.nytimes.com/2003/09/16/business/media/16SWAP.html Crackdown May Send Music Traders Into Software Underground http://www.nytimes.com/2003/09/15/technology/15DARK.html Hollywood Faces Online Piracy, but It Looks Like an Inside Job http://www.nytimes.com/2003/09/15/technology/15MOVI.html - - - - - - - - - - White House picks Symantec exec as cybersecurity chief The Bush administration on Monday selected Amit Yoran, a respected software executive from Symantec Corp., as the nation's new cybersecurity chief inside the Department of Homeland Security. Yoran, who is hardly a household name but well known within the cybersecurity community, will be the government's evangelist for convincing Americans to improve their computer defenses against hackers, disgruntled employees, commercial rivals and foreign governments. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6778104.htm http://www.securityfocus.com/news/6961 http://news.com.com/2100-7348_3-5076914.html http://www.washingtonpost.com/wp-dyn/articles/A14151-2003Sep15.html http://www.msnbc.com/news/966902.asp http://www.cnn.com/2003/TECH/ptech/09/15/cybersecurity.chief.ap/index.html http://computerworld.com/securitytopics/security/story/0,10801,84988,00.html - - - - - - - - - - It took him around 20 minutes to perform the "test" The french website zataz.com was hacked yesterday. ZataZ is famous for publishing news about technology and the underground. The french Whitehat Alex-Ploit simply broke into the computer of the journalist's colleague using an old well known windows vulnerability. Then he stole the configuration file of the colleague's ftp client, decrypted the login and password and proceeded to connect to zataz.com and could have changed the index page. http://www.crime-research.org/eng/news/2003/09/Mess1401.html - - - - - - - - - - Government laptops 'not secure' One in 17 key public sector workers, like government or defence officials, say they have either lost theirs or had them stolen, said security firm Thales. Those who do hold on to them admit they do not use any kind of encryption to protect sensitive information. Most rely on passwords to prevent access to files and a surprising number write their passwords down. http://news.bbc.co.uk/1/hi/technology/3109602.stm - - - - - - - - - - HPD combats Web predators The Internet has become a virtual playground for child predators. A predator can anonymously slip into a childrens chat room, extract personal information from the children in the room and potentially use the information for a meeting or abduction that could lead to sexual abuse. While Internet usage has steadily grown over the past 10 years, many local law enforcement agencies are ill-prepared to deal with cases that have high-tech implications. The Huntington Police Department, while struggling to adequately staff its personnel-strapped department, is taking steps to be ready to work cyber-stalker cases in the future. http://www.herald-dispatch.com/2003/September/15/LNtop1.htm - - - - - - - - - - CERT to partner with Homeland Security Department The federally funded Computer Emergency Response Team at Carnegie Mellon University will partner with the Department of Homeland Security and receive additional funds and staff, federal and university officials said Monday. The partnership between the National Cyber Security Division of the federal agency and CERT will be known as US-CERT, and is intended to prevent, protect and respond to viruses and other cyber attacks on the Internet. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6779687.htm http://www.gcn.com/vol1_no1/daily-updates/23534-1.html http://www.fcw.com/fcw/articles/2003/0915/web-cyber-09-15-03.asp http://www.govexec.com/dailyfed/0903/091503tdpm1.htm http://www.washingtonpost.com/wp-dyn/articles/A15829-2003Sep15.html http://computerworld.com/securitytopics/security/story/0,10801,84985,00.html DHS creates emergency response team http://www.fcw.com/fcw/articles/2003/0915/web-dhs-09-15-03.asp Feds set up cyberfighting group http://zdnet.com.com/2100-1105_2-5076745.html 'NET Guard:' An idea still waiting for its time to come http://www.govexec.com/dailyfed/0903/091503cdam1.htm - - - - - - - - - - Companies Scramble to Patch Software Holes A series of major software security alerts issued by Microsoft Corp. over the past two months is causing headaches for corporate system administrators worldwide. Testing new Microsoft patches and rolling them out to affected systems is taking weeks or months at many companies, stretching overworked IT departments and delaying other technology projects. The patching task has been made more burdensome by the fact that at least one software fix recently released by Microsoft failed provide complete protection. http://www.washingtonpost.com/wp-dyn/articles/A12004-2003Sep15.html - - - - - - - - - - Cybercrime insurance growing Almost every week brings a new revelation of a computer breach somewhere in the business world. Companies spend billions of dollars erecting firewalls, buying anti-virus software and taking other defensive measures, but sometimes those safeguards aren't enough. For firms that still feel vulnerable, cyberinsurance provides another layer of protection. Cyberinsurance or e-commerce insurance covers a laundry list of high- tech dangers, from lost income if a hacker interrupts your business to the costs of recovering data destroyed by a virus or malicious code. http://www.azcentral.com/arizonarepublic/business/articles/0915insure15.html - - - - - - - - - - Paying Spammers Not to Spam Founders of a new antispam service say they have developed a system to convince spammers to remove specific e-mail addresses from their mailing lists, but two major spam-fighting groups are warning potential subscribers to stay away. The service, offered by San Antonio, Texas-based Global Removal, charges subscribers a $5 lifetime fee to have their e-mail addresses put on a permanent do-not-spam list. Addresses on the list are then compared with, and removed from, mailing lists maintained by Global Removal's partnering businesses -- more than 50 known spammers and an equal number of legitimate e-mail marketers. http://www.wired.com/news/business/0,1367,60431,00.html Spam falls after South Korea strengthens e-mail law http://computerworld.com/securitytopics/security/story/0,10801,84963,00.html - - - - - - - - - - PGP makes email encryption easier PGP Corporation today introduced simpler email encryption in which the burden of securing email messages is shifted from the client to the network. PGP Universal software suite, launched today, represents a new architecture for the company. The complexity of email encryption systems has long been a factor holding back deployment. Some vendors have responded to by repackaging encrypted email as a Web-based service. http://www.theregister.co.uk/content/55/32828.html http://news.zdnet.co.uk/internet/security/0,39020375,39116351,00.htm - - - - - - - - - - Offshore security: Considering the risks The economics driving the globalization of IT infrastructure is putting the spotlight on the security of offshore IT operations, primarily in India. Huge investments are being made that assume that the risk of offshore security can be managed, as long as the necessary homework is done. http://computerworld.com/managementtopics/outsourcing/story/0,10801,84671,00.html - - - - - - - - - - Immunity from the Pop-Up Plague A judge has ruled that it's up to Web surfers to keep adware and spyware out of their hard drives. Here's what you can do. One lesson from the Internet bust: If something seems too good to be true, it probably is. Take those thousands of pieces of "free" software available on the Net for everything from file sharing and instant messaging to e-mail and calendar applications. http://www.businessweek.com/technology/content/sep2003/tc20030912_0013_tc073.htm - - - - - - - - - - Ballmer: Stop viruses before they start Microsoft Chief Executive Steve Ballmer warned Monday that recent security vulnerabilities represent a "new and growing challenge to innovation" and conceded that his company is under attack from "thieves, con artists, terrorists and hackers." In response, the Redmond, Wash., software giant plans to develop new means for thwarting such attackers and aims to shut down the invasions before they wreak the havoc seen with recent viruses such as MSBlast. http://news.com.com/2100-1002_3-5076903.html http://www.securityfocus.com/news/6965 Microsoft's New Security Road Map http://www.newsfactor.com/perl/story/22289.html - - - - - - - - - - These tips could help keep your PC virus-free Normally, the aisles are fully stocked at one of the large computer stores where I shop. But a recent trip to buy anti-virus software found me looking at picked- over shelves, with little left. Perhaps the Blaster worm and SoBig.F virus provided the wake-up call many of us needed regarding anti-virus software. The two malware programs certainly caught my attention. I had anti-virus software on my computer, but my subscription for software updates had lapsed. http://www.signonsandiego.com/news/computing/choney/20030915-9999_mz1b15choney.html - - - - - - - - - - Dynamic Honeypots For the past eight months we have been discussing what honeypots are, their value, their different types, and how they can be used and deployed. Today we will do something a little different. Instead of discussing what honeypots can do and how they work, we will take a look into the crystal ball and see what honeypots should do, how they could work. If I had a dream honeypot, this is what I would like to see in the future: the dynamic honeypot. http://www.securityfocus.com/infocus/1731 - - - - - - - - - - IBM tags new RFID services IBM expanded its presence in the market for radio frequency identification on Monday with the introduction of services to help companies adopt the supply-chain management tool. Radio frequency identification (RFID) has generated interest among retailers and consumer-goods companies as a method to more effectively track inventory. The technology allows companies to closely follow movement of products via computer networks linked with microchips that are attached to specific items. http://zdnet.com.com/2100-1103_2-5076368.html http://www.wired.com/news/privacy/0,1848,60408,00.html - - - - - - - - - - Kansas police to use wireless remote cameras Police officers in this south-central Kansas town plan use a wireless remote camera system to monitor potential trouble spots from headquarters and patrol cars. The miniature portable cameras, linked to a wireless broadband system, will be placed in multiple locations, ranging from banks to parks and alleys, said Pratt police chief Lonnie McCollum. http://www.usatoday.com/tech/news/internetprivacy/2003-09-15-kansas-cameras_x.htm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.