NewsBits for April 13, 2004 sponsored by, Southeast Cybercrime Institute - ************************************************************ Hacker targets Pomona family The wife and daughters of a New York City police officer killed on Sept. 11 were targeted by a Haverstraw teenager who hacked into the Pomona family's computer and sent them terrifying messages, police said. Sgt. John Coughlin's wife, Patty, and daughters, Erin, Tara and Kayla, are still dealing with the loss of the NYPD officer, a former Marine who was serving in the Police Department's elite Emergency Services Unit when he was killed. Police said their grief didn't stop the 15-year-old hacker from sending the messages, including a photograph of the sergeant with the word "dead" written across it in what looked like dripping blood. - - - - - - - - - - Lincoln Man Arrested In Child Porn Investigation A tip on child pornography led to an investigation and arrest of a 22-year-old Lincoln man. The Nebraska State Patrol accuses the man of forwarding child pornography on the Internet. The investigation led to the arrest of the man on suspicion of first-degree sexual assault of a child. Patrol Lt. Mark Funkhouser said good police work by the investigator discovered additional crimes and enough evidence to make an arrest. The patrol served a search warrant on a Lincoln address earlier this month, seizing a computer, compact discs, a digital camera and a cable bill. - - - - - - - - - - Glendive man suspected in child porn case A Glendive man suspected of sending and receiving child pornography on the Internet and through the mail appeared Monday in U.S. District Court on a criminal complaint. Jason Wade Hodous, 26, who was arrested last week, waived a preliminary hearing and the case will proceed. According to an affidavit by U.S. Postal Inspector Alan K. Saffer, of Seattle, the investigation began in June 2003 when a police detective in Keene, N.H., was investigating activities involving a distinctive computer screen name. The suspect eventually was identified as Hodous, who authorities said used the name of a former Glendive resident attending Montana State University in Bozeman. The detective advertised on the Internet in Yahoo Profile and portrayed himself as a 14-year-old named Adam. Hodous initiated the first e-mail communication in June 2003 and the two traded e-mails through April 2 in which they discussed sexual preferences. Hodous indicated he was gay and liked boys. Hodous e-mailed the detective numerous images of child pornography, the affidavit said. - - - - - - - - - - O.C. man arrested on child-porn charge State Police charged a city man with endangering the welfare of a child after he allegedly downloaded child pornography. State Police spokesman Kevin Rehmann said Robert Mongelli, 47, of the 700 block of Asbury Avenue, was arrested March 30 after an investigation by the agency's high-tech crimes unit and the Cape May County Prosecutor's Office. Police seized Mongelli's computer after a preliminary investigation revealed it contained downloaded images of child pornography. He failed to appear at his court hearing Tuesday before Municipal Judge Richard A. Russell. Police would not say what first led them to investigate Mongelli. He could not be reached for comment Tuesday. - - - - - - - - - - Suspect, 21, accused of trying to solicit girl Police in Jupiter arrested a man, 21, Saturday after he allegedly solicited sex via the Internet from an officer posing as a 13-year-old girl. Kevin Dale Jones came to the attention of police after they received a call from a woman who claimed Jones had been transmitting sexual content to her 13-year-old daughter via the Internet and in telephone conversations, according to a news release.,0,7860076.story - - - - - - - - - - Judge refuses to free man accused in child sex cases A former LSU employee accused of possessing child pornography and trying to persuade a child to travel to Louisiana for sex won't get out of jail anytime soon. A federal grand jury indicted Brown, a former science editor for University Relations at LSU, for sexual exploitation and enticing for illegal sexual activity, as well as receiving and possessing child pornography. - - - - - - - - - - Man, 19, pleads not guilty in child-sex case A 19-year-old Bellevue man accused of having sex with a 14-year-old girl and videotaping her during a sex act pleaded not guilty yesterday in King County Superior Court to third-degree child rape and sexual exploitation of a minor. Gabriel K. Letoto's parents were in the courtroom when their son entered his not-guilty plea. In addition to charges filed in Superior Court, Letoto has been charged in U.S. District Court with possession of child pornography and transporting and shipping visual depictions of minors engaging in sexually explicit conduct. - - - - - - - - - - Volume of evidence delays trial of child-porn suspect While local and state police have poured over massive amounts of evidence in rounding up suspects in the local child pornography ring, attorneys are now having to do the same. Mt. Vernon Police detectives had to sift through more than 2,000 compact discs and other visual evidence to pinpoint both suspects and victims. MVPD Chief Chris Mendenall said it's the "most disgusting" case he's ever seen. - - - - - - - - - - Card frauds: geography of crimes More than 40% of crimes related to bank cards frauds are committed by citizens of former Yugoslavia, Nigeria, Romania, Pakistan and Indonesia. Online deals contracted by these people are more often illegal, informs an MSNBC official site referring to a research made by Cybersource company. Yugoslavian residents make 13% of all fraudulent online purchases. For comparison Americans commit only 1,7% of these crimes. - - - - - - - - - - Security problem hits NCAR supercomputer site AN UNNAMED security problem hit NCAR computer users at the end of last week, it appears, and will tie up security resources for another week. The scientific computing division (SCD) of NCAR (the National Center for Atmospheric Research) notified users that it had taken "the prudent action" of disabling user accounts on its supercomputing resources. - - - - - - - - - - Court Says Web Porn Law Blocks Free Speech Just as the U.S. Supreme Court is preparing to review the Child Online Protection Act, a Virginia court has declared unconstitutional a state law that aims to block sexually explicit material on the Internet.Two weeks ago, the U.S. Court of Appeals for the Fourth Circuit affirmed a lower-court ruling that the statute infringes First Amendment freedoms.The Child Online Protection Act is a 1998 federal statute that imposes criminal sanctions on commercial Web sites that do not block "harmful speech" (such as child pornography) from minors. The court reasoned that while the state should protect minors from such material, it is impossible to do so without violating the constitutional rights of adults. - - - - - - - - - - Advertising company sues Utah over new anti-spyware law A New York company whose software creates pop-up ads during routine Web browsing is seeking to block a Utah law that bans such practices. In a lawsuit filed late Monday in 3rd District Court, Inc. argues that the new law violates its constitutionally protected right to advertise, while doing little to protect computer users' privacy. - - - - - - - - - - Feds asked to hang up on FBI's wiretap proposal A major cell phone trade group objected to a proposal that would force broadband Internet providers to rewire their networks to support easy wiretapping by police. The proposal, from the U.S. Department of Justice, the FBI and the Drug Enforcement Administration, is "expressly exempted from the law" and puts an unfair burden on broadband subscribers to fund any network overhaul, according to a regulatory filing by the Cellular Telecommunications & Internet Association (CTIA), whose members include the nation's top cell phone service providers. - - - - - - - - - - Federal agencies must set security benchmark, says US workgroup Defense agencies develop data-sharing standard The Defense Department and defense agencies from several other countries have developed a standard for documenting and sharing configuration information about large systems. Military services and contractors can use the standard to maintain up-to-date descriptions of how large items are configured, such as weapons systems. 9-11 group faults IT obsolescence Homeland Security official urges prudent cyber approach Pentagon tightens control of personnel data Task force puts security responsibility on CEOs UK firms failing security challenge,39020375,39151496,00.htm American Airlines data used to test passenger snoop system - - - - - - - - - - Ukraine: Legal Control of Use of Internet Technologies In order to define an optimum direction of legal control in the Internet, a number of countries carry out specific studies, create centers and public authorities and adopt many legal acts and codes. For example, the USA headed to create an information backbone network as a technological means to allow everyone to find necessary information. - - - - - - - - - - Hackers lurk through holes in hot spots Wireless networks aren't just popular with computer users on the go. Hackers are finding them an easy target to snoop on consumers' laptop PCs and, eventually, their employers' networks. - - - - - - - - - - Gmail likely to clear privacy hurdles The UK's data protection authorities seem to be smiling on Google's plan to offer Web users a gigabyte of email storage in return for targeted adverts. Google's forthcoming email service probably won't run into legal issues in Britain, as long as the company doesn't deceive customers about how their personal information will be treated.,39020372,39151489,00.htm California may block Gmail over privacy concerns,39020651,39151479,00.htm,1367,63041,00.html Google values its own privacy. How does it value yours? - - - - - - - - - - E-mail lists choke on spam For close to half a decade, entertainment executives and copyright-averse college students have debated the future of technology side by side on the "Pho" e-mail list. Now that forum is under siege. Membership is falling, even though subscription requests are rising. In large part that's because so many e-mail addresses are choked with spam, or have fallen incommunicado behind bulk mail filters, and have had to be eliminated. Network Associates builds a better SpamKiller - - - - - - - - - - Cisco thwarts EAP dictionary attacks New tool prevents hackers launching offline A to Z attacks on password-based authentications. Cisco has released a security authentication protocol to protect 802.1X Extensible Authentication Protocol (EAP) networks from dictionary attacks.,10801,92203,00.html - - - - - - - - - - Microsoft releases new patches for Windows flaws Microsoft Corp. released three critical patches Tuesday to fix Windows security flaws that could allow an attacker to take over another person's computer. A fourth patch, which the company called ``important,'' fixes a similar vulnerability in versions of the Windows operating system, which runs more than 90 percent of the world's computers. Microsoft warns of a score of security holes,10801,92206,00.html - - - - - - - - - - Pirates of the Box Office "Pirates of the Caribbean" may have been a big hit last year, but don't bet on Hollywood casting Johnny Depp or any other heartthrob when it inevitably begins filming "Terminator 4: Pirates of the Internet." As broadband continues to take off, Internet users who once swapped songs with abandon are now ripping their favorite movies onto DVDs and trading them online. And Hollywood isn't happy. - - - - - - - - - - Fatal attraction--browsers and the beguiled It comes as no surprise that browser-based attacks have been identified as an emerging security threat in a recent study. As part of its second annual survey on IT security and the workforce, The Computing Technology Industry Association (CompTIA) asked nearly 900 organizations to rank their top 15 security concerns. - - - - - - - - - - They don't teach security in biology class As humans, we like turning to biology for inspiration, when we are faced with hard technological problems. For example, the Wright brothers studied the flight of birds in designing planes with flexible, twisting wings and an aerofoil shape to provide lift. Today, researchers seeking answers to the technological issue of securing computer networks are emulating the Wrights in turning to nature for solutions. Who says biology need be destiny? - - - - - - - - - - Forensic Analysis of a Live Linux System, Part Two Last month in the first part of this article series, we discussed some of the preparation and steps that must be taking when analyzing a live Linux system that has been compromised. Now we'll continue our analysis by looking for malicious code on the running system, and then discuss some of the searches that can be done with the data once it has been transferred to our remote host. - - - - - - - - - - wins award for MSBlast coverage CNET on Tuesday won a national award in deadline reporting from the Society of Professional Journalists, the largest journalism organization in the United States. *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2004,, Campbell, CA.