NewsBits for December 9, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Worm hits Windows-based ATMs Automated teller machines at two banks running Microsoft's popular Windows software were infected by a computer virus in August, the maker of the machines said Monday. The ATM infections, first reported by SecurityFocus.com, are believed to be the first of a computer virus wiggling directly onto cash machines. http://zdnet.com.com/2100-1105_2-5117285.html http://news.zdnet.co.uk/internet/security/0,39020375,39118381,00.htm http://www.msnbc.com/news/1003259.asp http://www.wired.com/news/business/0,1367,61526,00.html http://computerworld.com/securitytopics/security/story/0,10801,88028,00.html - - - - - - - - - - Man charged with iPod email hoax A man has been charged with an attempted denial of service attack on Cambridgeshire police. Cambridgeshire Police have confirmed they have made an arrest in connection with the denial of service attack that hit the force last week. The suspect is a 21-year-old man from the town of St Neots in Cambridgeshire. The man has been bailed and is expected to appear in court to answer the charges in March next year. http://news.zdnet.co.uk/internet/security/0,39020375,39118403,00.htm - - - - - - - - - - Former Asst. Principal Sentenced In Child Pornography Case A former assistant principal who admitted sending child pornography to someone who turned out to be an undercover postal inspector was sentenced Monday to 64 months in federal prison. Albert Pinedo, 60 -- a 27-year veteran of Los Angeles Unified School District and former assistant principal at Samuel Gompers Middle School in South Los Angeles -- pleaded guilty in September to one count of distributing child pornography. FBI agents served a search warrant on Sept. 12, 2002 at Pinedo's home, where they seized a computer that allegedly had 106 additional child porn images, according to a criminal complaint filed in the case. http://www.nbc4.tv/news/2691021/detail.html - - - - - - - - - - Tucson Police Officer Charged In Internet Sex Case A Tucson police officer is accused of trying to lure a child for sex, using an Internet game site. But in this case, the child turned out to be an undercover police officer. Police say the investigation against Officer Charles Walter started with a tip to 88-CRIME. Investigators believe Walter used a computer at a police substation to enter gaming sites and send sexually explicit emails. http://www.kold.com/Global/story.asp?S=1552139&nav=14RTJV0d - - - - - - - - - - Lejeune Marine Charged In Child Sex Case A Marine sergeant was arrested in an Internet sting operation at a Johnson City motel where he had gone to meet a 12-year-old girl for sex, authorities said. John Molendyk, 26, based at Camp Lejeune, N.C., was arrested late Friday and arraigned Monday in U.S. District Court in Greeneville on a charge of traveling across state lines to have sex with a minor. According to an affidavit, the Knoxville Police Department's Internet Crimes Against Children Task Force became aware of Molendyk in October and worked with the FBI to set up a sting. The task force spotted a message allegedly posted by Molendyk to a Yahoo chat room "PERTEN: Parents who Share" seeking parents who share their children in the Virginia and North Carolina areas. http://www.nbc17.com/military/2693872/detail.html - - - - - - - - - - Little Chute man arrested on child enticement charge Police arrested a 24-year-old Little Chute man early Saturday for soliciting sex with a 16-year-old Menasha girl over the Internet. Ryan Hungerford was being held in the Winnebago County Jail on a felony charge of child enticement. Hungerford was apprehended in the parking lot of Perkins Family Restaurant, where he had arranged to meet the girl. Lt. Ron Bouchard said Hungerford arrived in a sport utility vehicle with a bed in the back "thinking he was going to have sex with a 16-year-old girl." The girl reported last Monday that she was corresponding with a man who had become sexually explicit and wanted to have sex with her. Police took over the Internet account and continued to correspond with the man throughout the week, leading to the rendezvous in the parking lot. http://www.wisinfo.com/postcrescent/news/archive/local_13589793.shtml - - - - - - - - - - UK police moot paedo hard disk amnesty UK police are mulling over launching an interesting initiative in which paedophiles can avoid a court appearence if they offer themselves and their hard drives up for counselling and erasure/destruction, respectively. http://www.theregister.co.uk/content/6/34416.html http://news.bbc.co.uk/2/hi/uk_news/magazine/3254382.stm - - - - - - - - - - Government gets 'D' on security Federal agencies are still far behind where they need to be on information security, scoring a governmentwide grade of D for 2003 based on grades released today by Rep. Adam Putnam (R-Fla.). But there are potential sources for improvement over the next year with some encouragement from Congress. http://www.fcw.com/fcw/articles/2003/1208/web-grades-12-09-03.asp http://www.govexec.com/dailyfed/1203/120903c1.htm http://www.washingtonpost.com/wp-dyn/articles/A49030-2003Dec9.html http://computerworld.com/securitytopics/security/story/0,10801,88030,00.html Security forces brace for "Cyber Terrorism" threat http://www.forbes.com/home_europe/newswire/2003/12/08/rtr1173096.html - - - - - - - - - - Catching Cyber Criminals Is Easier Said Than Done Businesses have estimated that recent cyber attacks have caused more than $65 billion in damage, but worm and virus creators are able to use their technical skills to cover their tracks, making arrests extremely rare. http://www.foxnews.com.edgesuite.net/story/0,2933,105214,00.html - - - - - - - - - - US men post $1m 'spam bonds' Two Florida men must post million-dollar bonds before sending out any unsolicited commercial email in the future, as part of a court settlement. Two Florida men have agreed to post $1m (PS0.58m) bonds before sending out Internet "spam'' in the future as part of a settlement on deceptive-business charges, federal regulators said on Tuesday. http://news.zdnet.co.uk/internet/security/0,39020375,39118397,00.htm - - - - - - - - - - Forthcoming spam laws 'too feeble' Anti-spam campaigners say pending legislation in Britain and the US will fail to stem spam's tide. Anti-spam crusaders are stepping up criticism of a host of new national laws they say will do little to stop the torrent of junk email messages that promise a better sex life and riches to share with Nigerian exiles. http://news.zdnet.co.uk/internet/security/0,39020375,39118398,00.htm Congress Votes to Can Spam http://www.wired.com/news/politics/0,1283,61518,00.html http://www.theregister.co.uk/content/55/34413.html US anti-spam law nears reality http://news.zdnet.co.uk/business/legal/0,39020651,39118380,00.htm Tips to help cut flood of junk e-mails http://www.cnn.com/2003/TECH/internet/12/09/reduce.spam.ap/index.html - - - - - - - - - - New anti-spam measure compels consumers to hit 'reply' to e-mails To reply, or not to reply? The new legislation Congress approved to stem the flood of unwanted e-mails will require a fundamental change in ways that Internet users respond to overflowing inboxes. As the deluge of unsolicited pitches offering prescription drugs and cheap loans worsened during the Internet's growth, experts have cautioned computer users against doing what comes naturally: Reply to unwanted e-mails to demand an end to them. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7451028.htm - - - - - - - - - - Slip-up exposes database to prying eyes A developer mistake left a sensitive database with detailed personal information, including Social Security numbers, open to public Internet access for a few hours on Tuesday. The database--frequently used by law enforcement, credit agencies and private investigators--was accessible through a simple search form on the Web and contained millions of names, social security numbers, phone records and public records such as residential histories, confirmed LocatePlus.com, which provides the database service. http://rss.com.com/2100-1029_3-5118138.html - - - - - - - - - - Developers take Linux attacks to heart A handful of recent online attacks on free and open-source software servers has open-source developers looking over their shoulders. During the last four months, unknown intruders have breached the security around servers hosting programs and code published by the Linux kernel development team, the Debian Project, the Gentoo Linux Project and the GNU Project, which manages the development of many important programs used by Linux and other Unix-like systems. The attacks have convinced open- source project leaders to take another look at their security. http://zdnet.com.com/2100-1105_2-5117271.html - - - - - - - - - - Internet worms and critical infrastructure Did MSBlast cause the Aug. 14 blackout? The official analysis says "no," but I'm not so sure. A November interim report a panel of government and industry officials issued concluded that the blackout was caused by a series of failures with the chain of events starting at FirstEnergy, a power company in Ohio. http://news.com.com/2010-7343_3-5117862.html - - - - - - - - - - Virus hunter: It's a 'horrible world' For Symantec CEO John Thompson, there's always something new to worry about. "More than 100 new viruses are identified every week--and 60 new software (problems) every week," he said in a recent keynote speech. "We saw a 19 percent increase in attack activity in the first half" of 2003. Spam, of course, is also on the rise, along with arguably ill-advised attempts to curb it. http://zdnet.com.com/2100-1105_2-5117807.html Mafia muscles in on spam and viruses http://www.vnunet.com/News/1151421 http://www.theregister.co.uk/content/55/34420.html http://www.crime-research.org/news/2003/12/Mess0904.html Sobig blamed for fourfold rise in spam http://news.zdnet.co.uk/0,39020330,39118369,00.htm http://zdnet.com.com/2100-1105_2-5117873.html - - - - - - - - - - ATF Chief Joins Anti-Piracy Effort The director of the Bureau of Alcohol, Tobacco, Firearms and Explosives is leaving his post next month to lead the recording industry's efforts to stop music piracy. http://www.washingtonpost.com/wp-dyn/articles/A49760-2003Dec9.html - - - - - - - - - - Chinese security standard could fracture Wi-Fi The implementation of a Chinese security standard for wireless networking could undermine efforts to develop a global standard for wireless LANs and drive up the cost of networking equipment for end users, warned a senior executive at the IEEE in a recent letter to Chinese government officials. http://www.nwfusion.com/news/2003/1209ieeechine.html - - - - - - - - - - Oracle issues patch for security flaw Oracle recommended that its database customers patch a security vulnerability in certain versions of its database, saying risk to exposure is high. Any machine connected to an affected server could exploit the flaw and take over the server, the company said. The problem is found in four editions of Oracle's 9i and Oracle 8i databases as well as two editions of the Oracle 9i Application Server, the company said in an alert issued on Dec. 4. http://zdnet.com.com/2110-1105_2-5117663.html Microsoft: No patches this month http://news.com.com/2100-7355_3-5118292.html - - - - - - - - - - NetContinuum adds network firewall to NC-1000 Web application firewall maker NetContinuum has added network firewall features to the latest version of its NC-1000 Web Security Gateway. NC-1000 version 4.0 lets customers use a single device to stop network attacks using common protocols such as file transfer protocol and domain name system, in addition to those targeting web applications communicating over server port 80. http://www.computerweekly.com/articles/article.asp?liArticleID=127119 - - - - - - - - - - 'Poke your camera phone's eye out' - analyst Meta Group has warned companies to have a corporate policy that limits cameraphones being used on premises. Analyst Jack Gold told us that cameraphones posed liability issues for corporations. How, we wondered? http://www.theregister.co.uk/content/68/34425.html - - - - - - - - - - Limo services save with spy cams A growing number of shuttle and limousine companies are mounting digital video cameras in their vehicles to keep tabs on drivers and record traffic accidents. A DriveCam camera is mounted to a rear-view mirror. More than 200 companies have installed cameras that capture accidents or the cause of any sharp jolt on a digital recording that can be reviewed later. http://www.usatoday.com/tech/news/2003-12-08-cameras_x.htm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.