NewsBits for April 5, 2004 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Extortionists take out UK gambling site A UK-based online gambling exchange, Sporting Options, was hit by a denial of service attack at the weekend in the latest online extortionist assault against online bookies. The company's site was rendered inaccessible for 40 hours in an attack timed to coincide with Britain's biggest betting race - the Grand National - and the FA Cup semi-final between Arsenal and Manchester United. http://www.theregister.co.uk/2004/04/05/sporting_options_ddosed/ - - - - - - - - - - Cybersex gets Lampasas man 40-years Texas Attorney General Greg Abbott praised the stiff prison sentence handed down today in a Lampasas district court for the first of 37 child predators arrested by Abbott's Cyber Crimes Unit for attempting to solicit children on the Internet for sex. District Judge Joe Carroll sentenced James Steven Thornton Jr., 27, of Lampasas, to 40 years in prison, the maximum allowable under the terms of his guilty plea. http://www.familybadge.org/index.cfm/act/newsletter.cfm/category/texas%20police%20news/menuitemid/112/MenuGroup/Home/NewsLetterID/6053/startrow/4.htm - - - - - - - - - - MSBlast infects eight million PCs A PC will on average receive an MSBlast-infected packet within a second of connecting to the Internet, according to a study by Symantec. New data from Microsoft suggests that at least eight million Windows computers have been infected by the MSBlast, or Blaster, worm since last August -- many times more than previously thought. http://news.zdnet.co.uk/internet/security/0,39020375,39150721,00.htm Blaster Worm Still Powering Through Systems http://www.newsfactor.com/story.xhtml?story_title=Blaster_Worm_Still_Powering_Through_Systems Blaster body count '8m or above' - MS http://www.theregister.co.uk/2004/04/05/blaster_hits_8m_pcs/ - - - - - - - - - - Sober variant set to cause trouble Antivirus firm Network Associates today raised to 'medium' its risk assessment of the recently discovered Windows worm Sober.f. Sober.f is a prolific worm that spreads via email, sending itself to addresses found on the victim's machine. http://www.vnunet.com/News/1154069 - - - - - - - - - - Colleges leaking confidential data Colleges across the country, through computer security failure and human error, have exposed confidential information about hundreds of thousands of students and employees over the Internet, and experts say they expect the problems to continue. http://sfgate.com/cgi-bin/article.cgi?file=/c/a/2004/04/05/MNGGP60LNV1.DTL Education officials hope for migrant student info exchange http://www.fcw.com/geb/articles/2004/0405/web-educ-04-05-04.asp - - - - - - - - - - Australians face devious phishing scam A sophisticated scam directs users to a site that installs a key-logging program on their PC then redirects them to a genuine online banking site The combination of an exploit of a serious vulnerability in Internet Explorer (IE) and a phishing email is posing a serious threat to Internet banking users. Australian security experts said in an advisory that the vulnerability allowed the remote execution of arbitrary code on a local computer by a malicious Web site. http://news.zdnet.co.uk/internet/security/0,39020375,39150726,00.htm - - - - - - - - - - EPA improves security compliance Environmental Protection Agency officials dramatically improved their ability to follow information security regulations by spending half a million dollars on a compliance system. Several companies and government agencies have contacted the EPA to learn about its increased compliance with the Federal Information Security Management Act of 2002, said Mark Day, the EPA's deputy chief information officer. http://www.fcw.com/fcw/articles/2004/0405/web-fisma-04-05-04.asp - - - - - - - - - - High-tech cops hit back against ISP claims Despite the increasing pressure on Britain's e-crime experts, the most senior cybercrime police officer in Britain has rejected criticism of their performance.The National Hi-Tech Crime Unit (NHTCU) has delivered a robust defence of the UK's e-crime-fighting capabilities, following critical comments made by Malcolm Hutty, regulation officer at the London Internet Exchange (LINX), last week. http://news.zdnet.co.uk/internet/security/0,39020375,39150823,00.htm - - - - - - - - - - The Internet surveillance cash cow Pundits and policy-makers are arguing over the legal implications of the FBI's recent petition to the FCC about how to implement the Communications Assistance for Law Enforcement Act. But the Bureau's push to get broadband providers covered under CALEA, which currently applies only to telecom carriers, stands to benefit more than just government spies: a domestic eavesdropping industry stands waiting to sell Internet wiretapping tools and services to cable and DSL companies. http://www.securityfocus.com/news/8394 Cox closes wiretap hole for VoIP http://news.com.com/2100-7352_3-5184774.html Support Is Growing for Wireless Voice, Security http://www.eweek.com/article2/0,4149,1560927,00.asp http://zdnet.com.com/2100-1103_2-5184599.html - - - - - - - - - - Fears over online chat monitor Child safety experts have warned internet users to stay clear of a website that purports to protect children by monitoring chat rooms for suspicious adults. The site, known as chatnannies, claims to be "the first and only service to protect your children online and in chatrooms from paedophiles, perverts and other undesirables". http://www.vnunet.com/News/1154078 - - - - - - - - - - Professor uses legal trouble to teach forensic psychology course A College of Charleston psychology professor falsely accused of downloading child pornography onto his computer last year has created a class to teach students about hunting down criminals. Robin Bowers will teach the college's first forensic psychology course this May that melds psychology and criminal justice in a field with an array of applications. http://www.usatoday.com/tech/news/2004-04-05-comp-forensic-psych_x.htm - - - - - - - - - - Street piracy rampant problem in Mexico As 16-year-old Vicente Peralta hawked his cache of illegal recordings in the steeply graded, narrow passageways of the market in this old town of silver artisans, he knew he had a real winner on his hands. Peralta boasted to his gathered teenage friends that he already was selling copies of "The Passion of the Christ" for 30 pesos ($2.75) at the time it debuted in U.S. theaters last month. http://www.usatoday.com/tech/world/2004-04-05-mexico-piracy_x.htm Aussie firms fight to take biggest loss for music downloads http://www.theregister.co.uk/2004/04/05/aussie_firms_fight_to_take/ - - - - - - - - - - Indian call centres pose security risk Members of the European Parliament are calling for better protection for consumer data sent overseas as a result of offshoring agreements. A group of British MEPs, backed by British union Amicus which campaigns against offshoring, is taking its concerns to the Employment and Social Affairs committee of the European Commission today. http://www.theregister.co.uk/2004/04/05/indian_call_centres_pose_security/ - - - - - - - - - - Scambusters target 419 online 'banks' "Enjoy these ugly websites as long as they're online they are as good as dead." So claims a new websiteArtists against 419 - that has identified 53 fake banks and financial agencies, presumed to be Nigerian in origin. http://www.theregister.co.uk/content/55/36798.html Caped crusading sysadmin rumbles 419er http://www.theregister.co.uk/2004/04/05/gardai_capture_alleged_419er/ Welsh bang up 419er for 20 months http://www.theregister.co.uk/2004/04/05/welsh_bang_up_419er/ - - - - - - - - - - Spam continues to flowunabated Despite legal restrictions imposed on unsolicited commercial e-mail by the Can-Spam Act, unwanted e-mail accounted for about three out of every four messages examined by a major e-mail manager last month. We dont see it abating at all, said Andrew Lochart, director of product marketing for Postini Inc. of Redwood City, Calif. The trend is still clearly up. http://www.gcn.com/vol1_no1/daily-updates/25510-1.html The rise of the spam exterminators http://www.siliconvalley.com/mld/siliconvalley/8352706.htm - - - - - - - - - - Web Engines Plan to End Online Ads for Gambling Google and Yahoo, two of the most widely used Web search engines, have decided to stop running advertisements for online casinos, a shift that could thwart the growth of Internet gambling. http://www.nytimes.com/2004/04/05/technology/05yahoo.html - - - - - - - - - - VPN secures client data Network appliance vendor Aventail last week added two new options to its virtual private network (VPN) products to secure remote client access. Both erase data from remote systems when the user logs out, preventing sensitive corporate information being left on kiosk PCs, or a teleworkers' home computer. http://www.vnunet.com/News/1154041 - - - - - - - - - - Microsoft unprepared for SP2 support nightmare? Update: Microsoft seems unprepared for the deluge of technical support calls expected when it releases the much-publicised security update for Windows XP http://news.zdnet.co.uk/software/windows/0,39020396,39150824,00.htm - - - - - - - - - - Microsoft forms its own RFID group Microsoft is out to take a more formal role in the development of radio frequency identification technology. The software giant on Monday announced that it is forming the Microsoft Radio Frequency Identification Council, which is set to hold its first meeting this month. Participants in the group include Accenture, GlobeRanger, Intermec Technologies and Provia Software. http://zdnet.com.com/2100-1104_2-5185189.html Watchdogs Push for RFID Laws http://www.wired.com/news/privacy/0,1848,62922,00.html Delta begins second RFID bag tag test http://computerworld.com/securitytopics/security/story/0,10801,91826,00.html - - - - - - - - - - DHS, State want to extend biometric passport deadline The Homeland Security and State departments have asked Congress to extend an October deadline for economically developed countries to provide biometric passports to citizens travelling to the United States. http://www.gcn.com/vol1_no1/daily-updates/25509-1.html Hand scans replace photo IDs for season-pass holders http://www.usatoday.com/tech/news/2004-04-05-busch-biometrics_x.htm - - - - - - - - - - Securing Microsoft Groupware Environments with Unix (Part 2) In the first part of this article series, we looked at a common set of Unix tools to act as an effective spam and virus front-end for Microsoft groupware products, such as Exchange, Notes and Groupwise. http://www.securityfocus.com/infocus/1772 - - - - - - - - - - State tax agencies ferret out scofflaws with database tech Tax scofflaws, beware! A pack of digital bloodhounds may be on your trail. State revenue agencies across the nation are hunting for tax evaders with new high-tech tools: computer programs that mine an increasing number of databases for clues on the finances of people and businesses. If your name is flagged, expect a letter or a call. http://www.usatoday.com/tech/news/internetprivacy/2004-04-05-state-tax-scofflaws_x.htm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.