NewsBits for December 10, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Chat room death threats lead to student's arrest A 12-year-old boy was charged Tuesday with making death threats against teachers and students at his school in an online chat room for fans of horror films, police said. The boy attends a private school in north Lancaster County, but was not identified by police. Police also did not release the name of the school. Police in West Earl Township went to the boy's home in Leola, near Lancaster, just after 7 a.m. Tuesday with a search warrant. A steak knife was found in the boy's school backpack, police said. http://www.zwire.com/site/news.cfm?newsid=10637901&BRD=2212&PAG=461&dept_id=465812&rfi=6 - - - - - - - - - - Police Captain Accused of Bootleg DVD Sales Just days after Los Angeles Police Chief William J. Bratton pledged a crackdown on motion picture piracy, department investigators on Tuesday helped arrest an LAPD captain suspected of selling bootleg DVDs. (LA Times article, free registration required) http://www.latimes.com/technology/la-me-dvd10dec10,1,7873405.story - - - - - - - - - - UC officials disclose another Los Alamos lab security breach University of California officials said Tuesday that the Los Alamos National Laboratory had misplaced nine floppy disks and a large-capacity storage disk that contain classified information. It was the latest in a string of security lapses that have threatened to strip UC of its management duties at the nation's top nuclear weapons design lab. http://www.bayarea.com/mld/mercurynews/7459349.htm http://www.latimes.com/technology/la-me-alamos10dec10,1,4361038.story - - - - - - - - - - Guilty Plea To Luring Kids To Porn Sites A Pennsylvania man has pleaded guilty to using misspelled Internet domain names of well-known children's entertainment like Disneyland, Bob the Builder, the Teletubbies, and singer Britney Spears to lure children to porn sites. He also pleaded guilty to one charge of possessing child porn. John Zuccarini entered his plea Dec. 10 in Manhattan federal court and agreed to a prison term of 30-37 months under terms of the deal with prosecutors, according to Reuters, but the news wire added that the judge who will sentence him isn't bound by the deal and can order a longer term. http://www.avnonline.com/issues/200312/newsarchive/news_121003_4.shtml http://www.miami.com/mld/miamiherald/business/7461078.htm - - - - - - - - - - Five-year prison term imposed for child porn A Fulbright Scholar who taught at the University of Cincinnati, Michael Luebbe dedicated his life to music and teaching. After he admitted to downloading images and videos that depicted toddlers being raped by adults, though, Hamilton County Common Pleas Court Judge Ethna Cooper ordered Luebbe to dedicate his next five years to doing time in prison. http://www.cincypost.com/2003/12/10/sent121003.html - - - - - - - - - - 14 arrested in crackdown on sex criminals Federal agents arrested 14 sex offenders in metro Phoenix during the past week as part of a nationwide crackdown on foreign-born criminals involved in child abuse and pornography. The Bureau of Immigration and Customs Enforcement said eight of the suspects had prior records for lewd conduct with children age 13 or younger. One man, a Mexican national, was a sex- crime fugitive from his homeland. The crackdown, known as Operation Predator, is designed to protect children from child-prostitution rings, Internet pornographers, alien smugglers and others who prey on children. http://www.azcentral.com/news/articles/1210predator10-ON.html - - - - - - - - - - Police Arrest 5 in Child Sex Sting Suffolk County police yesterday announced the arrests of five men for attempting to solicit sex from children over the Internet. The men, who were arrested between Nov. 19 and yesterday, all were accused of chatting online with undercover detectives posing as children. The men tried to arrange sexual encounters, police said. "These chats are so bizarre and so graphic," said Det. Sgt. John Cowie of the Suffolk Police Computer Crimes Section. "They firmly believe they're talking to kids. They say things like, 'I could really get in trouble for this.'" Some of the men sent online pornography to the detectives, Cowie said. http://www.newsday.com/news/local/longisland/ny-lipedi103578197dec10,0,1822404.story - - - - - - - - - - Scout leader held in net-sex sting A 27-year-old Boy Scout leader from Evansville, Ind., remains in the Greene County Jail on charges he drove to Xenia last weekend intending to have sex with a 14-year-old boy he met in an Internet chat room. Jeffrey D. Morris was arraigned Monday in Xenia Municipal Court and is being held in lieu of $7,500 bond on single counts of importuning and attempted unlawful sexual conduct with a minor. http://www.daytondailynews.com/localnews/content/localnews/daily/1210scout.html - - - - - - - - - - SCO's Web site hit with DoS attack The SCO Group Inc.'s Web site has been knocked out of service by a denial-of-service (DoS) attack, the company confirmed today. The attack began at 6:20 a.m. EST today, shutting down the company's main www.sco.com Web site, according to company spokesman Blake Stowell. SCO is working on restoring service to the company's Web site, Stowell said. http://computerworld.com/softwaretopics/os/linux/story/0,10801,88065,00.html - - - - - - - - - - Overstock.com backs off claim of millions of addresses stolen Overstock.com has retrenched on its claim that 3 million customer e-mail addresses had been stolen, and now puts the number in the dozens. A company spokesman stood by the lawsuit filed Friday against an employee and her husband and said Monday that the large number of addresses mentioned in the suit was an attempt to leave the door open should an investigation reveal more damage was done than the company now believes. http://www.usatoday.com/tech/news/computersecurity/2003-12-09-overstock-id-thefts_x.htm - - - - - - - - - - UK anti-spam law goes live New UK anti-spam laws coming into effect tomorrow will have limited effect in turning the tide in the fight against junk mail, according to lawyers and security experts. Revised UK regulations will mean online marketers can send e-mail pitches and SMS messages only to consumers who have agreed beforehand to recieve them, except where users are existing customers of a particular company. So, for consumers at least, the UK government is applying the 'opt-in' approach to regulating spam. http://www.theregister.co.uk/content/6/34443.html - - - - - - - - - - AOL UK looks to cross borders after spammers AOL UK is gearing up to take legal action against spammers who are based overseas but are sending their wares to its UK e-mail users. The Internet service provider has decided that there are few judicial steps it can take in Britain to prevent its customers being bombarded by unsolicited commercial email, so its legal team is concentrating on bringing a case against a major spammer in another country. http://zdnet.com.com/2110-1105_2-5119137.html - - - - - - - - - - UN officials slam summit avoidance UN officials have criticised Western leaders for failing to attend this week's summit on the information society in Geneva. Top UN officials upbraided Western leaders on Wednesday for cold shouldering the world's first summit on the information society as critics hit out at press repression under many governments taking part. http://news.zdnet.co.uk/business/management/0,39020654,39118436,00.htm U.N. Information Summit Splits Over Press Freedom http://www.washingtonpost.com/wp-dyn/articles/A53820-2003Dec10.html - - - - - - - - - - Flaw could unleash another Slammer A research company warned Tuesday that an attacker could use a recently patched Microsoft flaw to create a fast-moving worm similar to SQL Slammer, which spread rapidly across the Internet a year ago. Core Security Technologies discovered that the Windows Workstation vulnerability announced by Microsoft last month could be exploited using the same type of data used by the SQL Slammer worm to spread across the Internet in just minutes. http://rss.com.com/2100-7349_3-5118580.html - - - - - - - - - - IE bug provides phishing tool A flaw in Internet Explorer makes it easy for scammers to create dummy sites that look like legitimate ones, and try to steal information from Web users. A newly discovered bug in Microsoft's Internet Explorer Web browser may help fraudsters trick Internet users into divulging sensitive information and executing malicious code, according to a security researcher. http://news.zdnet.co.uk/internet/security/0,39020375,39118421,00.htm - - - - - - - - - - RIAA hires guns, alcohol and smokes expert to fight piracy Showing the positive light in which their customer base is viewed, the music labels have hired the former head of the Bureau of Alcohol, Tobacco, Firearms and Explosives to lead their piracy fighting efforts. http://www.theregister.co.uk/content/6/34445.html - - - - - - - - - - Firms alarmed over order to get encryption from competitors U.S. officials and businesses expressed alarm Wednesday about newly issued regulations that appear to require equipment makers to deal with their Chinese competitors to access the encryption standards required for wireless networks. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7459782.htm http://rss.com.com/2010-7355_3-5118280.html - - - - - - - - - - Moving data to the mountain The drive from the Pittsburgh airport to the secret underground facility winds through rolling Pennsylvania farmlands and woods, past quaint old churches and through tiny towns that time has overlooked. The access road to the site is unmarked, but written directions say to turn left just after a certain picnic shelter. http://computerworld.com/hardwaretopics/storage/story/0,10801,87797,00.html - - - - - - - - - - A trip down security lane Brian Dunphy probably hasn't seen every computer security mistake under the sun, but those he remembers are doozies. Dunphy is senior manager of analysis operations at Symantec Corp.'s Managed Security Services (MSS) group, which monitors firewalls and intrusion-detection systems (IDS) for enterprise clients. http://computerworld.com/securitytopics/security/story/0,10801,88062,00.html - - - - - - - - - - Look forward to more security woes Bad security news seems to assault us every day. Confidential databases exposed. Windows-based ATMs hit by virus. Worm blasts electric grid. Sobig feeds spam. Earlier this fall, ex-White House cybersecurity czar Richard Clarke warned IT execs that, if current trends continued, the cybersecurity situation would worsen exponentially. Is the sky finally falling? Is your business prepared to defend itself against cyberattacks in 2004? http://zdnet.com.com/2251-1110-5118625.html IG says Transportation IT security, management lag http://www.gcn.com/vol1_no1/daily-updates/24407-1.html IPv6 will need security, too, experts warn http://www.gcn.com/vol1_no1/daily-updates/24398-1.html - - - - - - - - - - Inherent insecurity Now that desktop PCs have put a veritable petri dish for viruses on every desk, the only sure- fire answer is to remove the nutrients. But where should we start? Some experts say the roots of our current security plague lie in the fact that are we living in a Microsoft monoculture. Yet there is a more fundamental problem: There is simply too much to attack. http://rss.com.com/2010-7355_3-5118280.html Security: Let's remove the targets http://zdnet.com.com/2100-1107_2-5118969.html Mystery patch blots Microsoft's fix-free month http://zdnet.com.com/2100-1104_2-5119098.html - - - - - - - - - - Prove you believe in privacy Privacy issues should not be the concern of IT professionals alone but of all users. Each week vnunet.com asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week Sarah Gordon, senior research fellow at Symantec, warns that your personal information is on the web for anyone to see - and you've probably put it there yourself. http://www.vnunet.com/News/1151444 - - - - - - - - - - A Comparison Study of Three Worm Families Malicious code, also referred to by common terms such as viruses, worms, and trojans, are a significant component of the scope of attacks that a modern IT organization must be prepared to defend against if they are operating with any Internet connectivity at all. The general term of malicious code, an umbrella term, is used to describe any code that performs unsolicited activity without the authorization of the user, and the more common and specific terms are often seen in technical write-ups of specific instances, or in the press due to their wide spread recognition. http://www.securityfocus.com/infocus/1752 - - - - - - - - - - FBI Computer Upgrade Hits Obstacles The FBI is facing serious delays and cost overruns as it struggles to upgrade a computer system so agents worldwide can better share intelligence information and investigative files. http://www.washingtonpost.com/wp-dyn/articles/A53721-2003Dec10.html - - - - - - - - - - Sex sells, especially to Web surfers Internet porn a booming, billion-dollar industry. Gone are the furtive visits to seedy theaters and the fear of being outed as some perverted purchaser of porn. Now, all you need to indulge anonymously in the "XXX" world is your trusty personal computer and a good connection to the Internet. http://www.cnn.com/2003/TECH/internet/12/10/porn.business/index.html Voyeur Web site JenniCam to go dark http://www.cnn.com/2003/TECH/internet/12/10/jenni.cam.reut/index.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.