NewsBits for November 10, 2003 sponsored by, Southeast Cybercrime Institute - ************************************************************ Police investigate Internet stalking Police are investigating an Internet stalking case involving an Oakley woman who claims that someone has been providing her personal information to men via an online dating service. The 29-year-old woman filed a police report Tuesday after being contacted by a man who said he thought the two had arranged a date for sex through, an Internet dating service. A second man contacted the woman after what he thought was an online conversation with her on the Web site for a similar date the next day, Oakley Police Chief Jon Cox said. - - - - - - - - - - Hackers in attack on RBS credit card firm COMPUTER hackers have attacked a company that processes online credit and debit card transactions for thousands of UK businesses, it has emerged. WorldPay, which is part of Edinburgh-based Royal Bank of Scotland Group, said it had been bombarded with millions of bogus e-mails in the past couple of days, which had left the firm struggling to deal with genuine payments. Ukrainian Hackers Attack Royal Bank Many Think Banks' Anti-Fraud Safeguards 'Inadequate' New warning on credit card fraud - - - - - - - - - - Whiz-kids on attack COMPUTER whiz-kids have attacked 45 South Australian companies in a dramatic demonstration of cyber- terrorism. The university students exposed the firms as "highly vulnerable to attack" after probing their computer defences in a secret operation in Adelaide. Computer science student Ben Turnbull, 22, said he could have created havoc as a cyber-terrorist and no-one would have known.,5936,7810392%255E2682,00.html - - - - - - - - - - Veteran Miami-Dade Cop Arrested; Child Porn A veteran police officer was arrested Friday morning at his North Lauderdale home, charged with possession of child pornography. Gandhi Lora, 51, a 29-year veteran of the Metro-Dade Police Department, had been under investigation since Oct. 7 when the sheriff's office received a tip from police in Wilmington, Ohio, according to a press release from the Broward Sheriff's Office. An investigator in Ohio had obtained, through an AOL chat site, a pornographic photograph featuring a girl under 12 years of age, according to the sheriff's office. Further investigation established that Lora was trading images of child pornography online and a search warrant was obtained for his North Lauderdale home, the press release said. - - - - - - - - - - Kimble/ Schmitz charged with embezzlement Kim Schmitz, the German hacker-turned-gazillionaire, will have to defend himself in court against charges of embezzlement. Schmitz, who stills calls himself Kimble, allegedly rewarded himself with a "loan" of 280,000, paid by his company Monkey AG to his venture fund Kimvestor AG. Both companies are now bankrupt. - - - - - - - - - - County Orders Training Over Offensive E-Mail Employees of a Monterey County government department at the center of widely circulated anti-immigrant cartoon will receive racial sensitivity training. The cartoon, which was posted on the county's internal e-mail system last Monday, featured a mock photo of a sombrero-wearing bandito on a "Mexifornia" driver's license. It was traced to the radio shop in the Information Technology Department after one of an estimated 3,200 public employees who received it complained. (LA Times article, free registration required),1,5033701.story - - - - - - - - - - Web hijack riles Belkin router users Belkin is trying to defuse a potentially embarrassing situation that arose after network administrators learned the company's routers can periodically hijack users' Web connection and display an advertisement for parental control software. Every eight hours, a random computer that's hooked up to a local area network may receive an unsolicited advertisement for a trial version of parental control software, instead of the Web page the person had hoped to visit. The behavior can be permanently disabled, but it is turned on by default in new Belkin routers when they are shipped. - - - - - - - - - - IT obligations unclear under California privacy law Four months after new California privacy rules went into effect, more questions than answers have surfaced about what the law requires of IT organizations, according to legal and security experts. And answers are unlikely until at least a few cases are prosecuted and there's legal precedent that can be followed, they added.,10801,87004,00.html New laws to drive '04 security agenda,10801,87002,00.html Corporate Cybersecurity Bill Tabled After Vendor Pressure,10801,86984,00.html - - - - - - - - - - FBI on look-out for foreign government hackers How seriously does the U.S. government take computer intrusion? Seriously enough for the threat of foreign hacking to take a prominent role in new rules governing the FBI's national security investigations issued by U.S. Attorney General John Ashcroft this week. - - - - - - - - - - E-mail abuse rampant in U.K. Misuse of e-mails and the Internet in the workplace has become a big headache for British employers, and U.K. companies are increasingly disciplining staff for accessing racy Web sites or sending porn to colleagues. Nearly one in three British companies have disciplined staff for breaking company Internet and e-mail rules in the past year, according to a survey released on Monday by LexisNexis Industrial Relations Services, a publication that covers human resources issues. - - - - - - - - - - Spam Slayer: Laws Won't Solve Everything If you thought promising new antispam laws mean you can ditch your spam-filtering software sometime soon, think again. Come January, the nation's toughest antispam law takes effect in California, affecting e-mail marketers in all 50 states and doling out fines of up to $1 million to guilty spammers. At the federal level, the Senate unanimously passed the CAN-SPAM Act, which still needs House approval to become law. That promising bill also endorses a do-not-spam list modeled after the wildly popular do-not-call registry.,aid,113329,00.asp Services fight email threat - - - - - - - - - - Kaspersky Labs opens Paris virus center Kaspersky Labs, a Moscow developer of data security software, Monday said it has opened a European computer virus center in Paris. The center will focus on real- time monitoring of viruses in Europe and technology research, in collaboration with the company's global research center in the Russian capital. - - - - - - - - - - Increased awareness key to ensuring card security Statistically, credit and debit card fraud is highest across the industry in the month of November, and in an effort to curb a rise in card fraud this year, First National Bank (FNB) has introduced a Card Security Week' running from 10 to 16 November 2003. - - - - - - - - - - Zantaz upgrades data retrieval In the latest storage industry move to help companies comply with regulations, e-mail archiving company Zantaz announces tools for better data retrieval. On Monday Zantaz unveiled Audit Center, a set of tools designed to let companies perform large, complex searches of information archived using Zantaz's Digital Safe service. That service keeps company e-mails, instant messages and documents on computer systems owned and managed by Pleasanton, Calif.-based Zantaz. - - - - - - - - - - CA Bundles Backup and Antivirus Together "With disk-to-disk backups, you are constantly overwriting data to a hard drive. And if there is no time mark on the data, you could be overwriting data with corrupted data or files," says Greg Knieriemen, vice-president of marketing at reseller Chi. Computer Associates (CA) has put storage management and virus protection functions into a single package by bundling its Brightstor ArcServe Backup 9.0 software with its eTrust Antivirus scan-protection application. Heat Is On for Next-Gen Virus Protection - - - - - - - - - - Cisco Enables 'Clientless' Corporate Security Secure access through the browser is significant improvement for businesses communicating with workers in the field, says IDC research manager Steven Harris. Cisco Systems has announced the addition of SSL (secure sockets layer) technology to the company's VPN (virtual private network) platform, enabling "clientless" security connections to corporate networks. - - - - - - - - - - Ignore standards for web services security Analysts tell firms to take proprietary route to secure web services-based transactions. Companies should take the proprietary route to provide security for web services-based transactions over the next three years, according to analysts. - - - - - - - - - - Hackers: is it so bad? Is it right to name the people attacking computer systems the "hackers"? A lot of representatives of a computer underground believe that according to a history, the term "hacker" define the person up- grading the functionalities of computers. Hence, hackers are the "good" people working with a noble purpose: they train a computer in new operations. Using the term "hacker" concerning computer vandals deforms not only sense of the term, but the historical concept of "hacking" as well. - - - - - - - - - - Is Hollywood Failing to See the Big Picture? As piracy spreads from music to films, studios may be in danger of acting too slowly to meet changes in technology. On a Monday morning in late September, just weeks after the music industry hit hundreds of file-sharing consumers with lawsuits, News Corp. Chairman Peter Chernin held an anti-piracy summit meeting in his executive conference room on the studio lot. (LA Times article, free registration required),1,2121383.story - - - - - - - - - - Cybercrime - it's the outsiders wot's to blame Outsiders are responsible for the vast majority of cybercrime attacks against companies. So claims Ubizen, which last week set up a computer forensics bureau in the UK, joining an existing US facility. The IT security firm reports that only one in 50 "incident responses" it handled in recent months was a suspected inside job. And the accusation in that case was not substantiated, either. - - - - - - - - - - Proposed: a Bounty for Bugs Instead of paying hard cash to punish computer criminals, vendors should reward grey hat hackers for responsibly finding and reporting the security holes that make cyber attacks possible. Microsoft recently announced a $500,000 bounty for the arrest and prosecution of those responsible for the SoBig and Slammer attacks. This is, in essence, offering to pay money to catch the guys who stole the horse after the barn door is left open. I have another idea: a bounty for security holes, paid to the grey hat hackers who find them. - - - - - - - - - - Students aren't using info technology responsibly Colleges and universities that invest a lot of money in technology may want to focus more on teaching students to use it responsibly, a survey suggests. More than eight of 10 undergraduates (83%) regularly use information technology in their academic work, but an even larger share (87%) say their peers at least "sometimes" copy and paste information from the Web without citing the source, according to the 2003 report from the National Survey of Student Engagement (NSSE). - - - - - - - - - - Gore to Bush: Rescind Patriot Act Former Vice President Al Gore says the Bush White House is using the Sept. 11 terrorist attacks to justify a major offensive against the freedoms and liberties Americans have enjoyed for centuries. "They have taken us much farther down the road toward an intrusive, 'big brother'-style government -- toward the dangers prophesied by George Orwell in his book 1984 -- than anyone ever thought would be possible in the United States of America," Gore charged in a speech.,1283,61170,00.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2003,, Campbell, CA.