NewsBits for March 26, 2004 sponsored by, Southeast Cybercrime Institute - ************************************************************ Canadian Web sleuths save U.S. girl in porn case In the Raleigh-Durham area of North Carolina is a little girl who owes her life -- perhaps literally -- to seven Toronto police officers. They are members of the child exploitation branch of the force's sex crimes unit, and last December, they managed to extract information enough from a collection of searing child-porn images posted on an international police website to identify the six-year-old's school. - - - - - - - - - - Alleged hacker from Ukraine to be extradited to US A Ukrainian man wanted in the United States for alleged multimillion dollar computer crimes was moved to a detention center Thursday ahead of his extradition to California to face court proceedings, an official said. - - - - - - - - - - Aussie court blocks DrinkorDie extradition Australian magistrates have blocked the extradition of the alleged head of a software piracy syndicate to the US. Hew Raymond Griffiths, 41, of Berkeley Vale in New South Wales, Australia, was indicted on one count of criminal copyright infringement and one count of conspiracy to commit criminal copyright infringement by a Virginia grand jury last year. US investigators charge that Griffiths rose trough the ranks to become leader of the infamous DrinkorDie piracy group, which released a pirated copy of Windows 95, days before its official release and has been getting up to similar antics ever since.,39020651,39149916,00.htm - - - - - - - - - - A 23-year-old man hacked Russian enterprises Three Khabarovsk enterprises suffered losses because of the attack of a 23-year-old hacker who resides in the Bychikha village, Khabarovsk region, Russia. The young man has been using the Internet for several months at the expense of others, says the reporter of Information Agency REGNUM. - - - - - - - - - - Burglar caught by homeowners using Webcam cross-country A father's decision to install a Web camera at home paid off when his son, logging on from Washington, D.C., spotted an intruder and alerted authorities who made an arrest. Snohomish County sheriff's deputies said the father installed the camera because he suspected someone had been in the house in the suburbs northeast of Seattle while the family was away. - - - - - - - - - - Bagle-U plays MS Hearts A new variant in the Bagle worm series - Bagle-U is spreading quickly across the Internet this morning. As with its 20 previous siblings, Bagle-U spreads by email. This time, infected emails have an empty subject, no body text and a randomly-named attachment containing malicious code. If this attachment is run, the worm opens Microsoft Hearts card game (MSHEARTS.EXE file) before going through what have become standard virus routines, common to all the worms in the Bagle series.,4149,1554954,00.asp,10801,91678,00.html - - - - - - - - - - Much Ado About Phatbot Most computer security experts agree that the Phatbot Trojan horse program that burst onto the Internet earlier this month is a nasty bug, capable of giving hackers control over legions of computers. What's not so clear is how much of a threat it poses. Phatbot's Family Ties - - - - - - - - - - Under Ohio bill, children in porn wouldn't have to be real Legislation introduced in the Ohio House would amend Ohio law so that no proof would be required that a minor depicted in pornography is an actual person. The bill is similar to a federal law that expanded the definition of child pornography to include computer images that are indistinguishable from real children. - - - - - - - - - - Federal appeals court allows nude dance on Web A federal appeals court has lifted an order that blocked Internet sites from showing images of a former television newswoman doing an impromptu nude dance. The 6th U.S. Circuit Court of Appeals said Thursday that freedom of speech issues must be resolved. - - - - - - - - - - German court: Pop-ups need permission A European court has issued a preliminary injunction against Claria--formerly known as Gator-- that prohibits the company's pop-up and pop-under ads from appearing over a German rental car Web site without the agency's permission. - - - - - - - - - - UK ISPs clean up their act UK ISPs now host less than 1 percent of potentially illegal child-abuse material, according to latest research. But the perpetrators are simply choosing offshore hosts where legislation is more lenient. The UK's days as a haven of child pornography are over, as those producing the content increasingly choose Internet service providers in the US and Russia where legislation is weaker.,39020369,39149922,00.htm - - - - - - - - - - Soviets Burned By CIA Hackers? The author of a new book detailing a plan to use a Trojan horse embedded in stolen software to wage economic war against the Soviet Union fired back Thursday at charges the book's revelations are "rubbish." Thomas C. Reed, a former secretary of the Air Force and special assistant to President Reagan, detailed the stunning story in At the Abyss: An Insider's History of the Cold War.,1284,62806,00.html - - - - - - - - - - Security product flaws attract attackers The software vulnerability exploited by this week's Witty worm is only the latest in a growing list of flaws being discovered in the very products users invest in to safeguard their systems.,10801,91688,00.html Witty worm frays patch-based security Online virus war is slowing down Virus Era Hits 5-Year Milestone,1377,62809,00.html - - - - - - - - - - NannieBot claims leave experts unconvinced New software claims it can protect children using chatrooms by spotting suspicious adults - but experts are not convinced. The software creates thousands of 'NannieBots' which visit chatrooms, pretending to be human. - - - - - - - - - - TM domain leads anti-spam charge The registry running the top-level .tm domains is leading the charge against spam by adding the SPF protocol into all its domains DNS records. While a large number of ISPs, big online names, anti-spam companies and a few domain registrars have added SPF and so helped verify that an email message comes from the address it says it does, TM Domain Registrys general manager Paul Kane tells us this is the first time an actual registry has included the protocol. Spam Monster Eyes Another Target,1377,62805,00.html - - - - - - - - - - Cyber-squatters still operate The number of cybersquatting cases registered last year was an improvement from an average of five-per-day in 1999, but the level was barely changed from 2002 due to the growing number of domain name spaces and more relaxed rules for registering country code addresses, a WIPO spokesman said. - - - - - - - - - - Microsoft will pay for a review of your network's security Microsoft is to pay for security assessments of customers' networks to help improve patching policies and tackle fears about the security of its products. - - - - - - - - - - RIAA student lawsuits. Haven't we been here before? Letters It is hard to imagine that anything that needs to be said about the RIAA has not been said already. Then, it goes after a new bunch of students, possibly even those whose only act was swapping files. RIAA applauds civil lawsuit P2P bill - - - - - - - - - - Making hotspots secure Wireless access may improve productivity and customer service, but Wolfgang Held, 3Com systems architect, warns that wireless local area networks (WLANs) and public hotspot wireless connections are still risky from a security point of view. - - - - - - - - - - How to shore up your defenses against a Mini-DDoS attack Last week, I chronicled what I believe to be a new and looming threat to virtually all business and individual users of the Internet: the Mini-DDoS (mDDoS). These are Distributed Denial of Service attacks small enough to fly below the security radars of ISPs and law enforcement agencies, but potent enough to shut down cable or DSL modems connections. - - - - - - - - - - Securing Microsoft Groupware Environments with Unix (Part 1) Scenario: it's Friday afternoon. You've just finished a three-month implementation of the industry leading (and expensive) firewall architecture designed to secure your global perimeter networks and business partner connections. - - - - - - - - - - What it takes to be the best in security and IT operations In my first article, I described three common practices of high-performing security and IT operations. These practices are: rigorous enforcement of change management processes, a pervasive "culture of causality" and security groups adhering to and helping enforce the effective management of change.,10801,91586,00.html - - - - - - - - - - Security breaches: Blame the new guy It's long been claimed that a company's own staff pose the greatest security threat to its IT--but now that has been broken down further to point the finger of blame at the office junior--the weakest link in the security chain. - - - - - - - - - - Dec. 4 target set for terrorist list The Terrorist Screening Center now expects to complete a restructuring of its terrorist watch list database by Dec. 4, officials told Congress this week. Oregon alliance pushes info-sharing standard - - - - - - - - - - Go online to catch yourself in the act If you live in Wiltshire and break the speed limit, you'll be able to go online and see yourself caught in the act, starting in May. Compuware is building a portal for the Wiltshire and Swindon Safety Camera Partnership (WSSCP) so that speeders can view the evidence and the site will also produce the grim accident statistics that will show why the camera is where it is.,39024675,39119590,00.htm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2004,, Campbell, CA.