NewsBits for May 11, 2005 ************************************************************ DoD hacker jailed for 21 months A US hacker convicted of infecting Department of Defense with a computer worm was last week sentenced to 21 months imprisonment. Raymond Paul Steigerwalt, a 21 year-old Indiana resident and former member of the Thr34t Krew hacking group, was also ordered to pay $12,000 to the DoD in compensation for the damage he'd caused at a hearing before the US District Court in Alexandria. http://www.theregister.co.uk/2005/05/11/tk_worm_kiddo_jailed/ - - - - - - - - - - O.C. Man, Who as Teenager Ran Online Scam, Fined $1.3 Million A federal judge imposed a fine of nearly $1.3 million on Cole A. Bartiromo, who as a Mission Viejo 17-year-old used the Internet to defraud investors, the Securities and Exchange Commission said Tuesday. Bartiromo, now 20, is serving 33 months in federal prison in Kern County after pleading guilty last year to a separate plot involving fraudulent sales on EBay, the Internet auction site, and an attempt to defraud a Wells Fargo bank branch of $400,000. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-cole11may11,1,3864277.story - - - - - - - - - - Teen Detained in Code Theft Case, Cisco Says Cisco Systems Inc. said Tuesday that authorities in Sweden had detained a person in connection with the theft of its source code, the basic instructions for the machines that direct Internet traffic around the globe. "We are aware that a person has been detained in Sweden related to the IOS source code theft and are encouraged by this action," the San Jose company said. http://news.zdnet.co.uk/internet/security/0,39020375,39197953,00.htm http://www.latimes.com/technology/la-fi-code11may11,1,7145670.story http://www.crime-research.org/news/11.05.2005/1218/ http://www.newsfactor.com/story.xhtml?story_id=02300000H3VD - - - - - - - - - - LSU Fires Associate Dean Accused Of Child Porn Possession James Welles, an LSU associate dean charged with possession of child pornography, has been fired. University spokeswoman Holly Houk said Welles, 60, was terminated Tuesday. His duties have been assumed by Dean of Students Kevin Price. The university sent a letter to Welles about a week ago announcing its intention to fire him. The letter gave him until May 9 to respond. Houk said to her knowledge, Welles did not respond to the letter. http://www.theneworleanschannel.com/news/4475912/detail.html - - - - - - - - - - FBI opens 'public corruption' probe of Spokane mayor The FBI has opened an inquiry into a possible "public corruption" case involving accusations that Mayor James West offered city jobs to young men he met online, a federal prosecutor confirmed yesterday as West began a temporary leave. The FBI involvement was confirmed by Thomas Rice, chief criminal prosecutor for the U.S. attorney's office here, The Spokesman- Review reported in a copyright story posted late yesterday on its Web site. http://seattlepi.nwsource.com/local/223773_west11.html - - - - - - - - - - Diary details violent urge Three Kearsley High School students who threatened dozens of classmates in e-mails and instant messages were expelled in March, and two pleaded guilty to criminal charges. But a fourth student who wrote in her Internet diary that she wanted to "shoot (a classmate) in the face" and "stomp on her smashed face with soccer cleats" remains in school and faces no charges - although she did get a talking to and "some consequences," an administrator said. http://www.mlive.com/news/fljournal/index.ssf?/base/news-29/111582483914190.xml - - - - - - - - - - Real ID zips through Congress The Senate unanimously passed an $82 billion supplemental spending measure May 10 that includes controversial driver's license reforms that would mandate minimum federal security standards for identity cards meant to improve homeland security. http://www.fcw.com/article88832-05-11-05-Web http://computerworld.com/securitytopics/security/story/0,10801,101657,00.html National ID Card Draws Fire http://www.wired.com/news/politics/0,1283,67490,00.html Congress passes Gestapo ID legislation http://www.theregister.co.uk/2005/05/11/real_id_makes_terrorists_happy/ ID cards to reappear on government agenda http://www.vnunet.com/news/1162976 - - - - - - - - - - Senate panel mulls action on spyware Congress wonders what to do about pop-up ads Several pieces of federal legislation aimed at curbing spyware are making their way through Congress, but initiatives have gotten bogged down by the disagreement over terms. At the heart of the issue is this question: Should all unwanted pop-up ad software be banned by federal law, or just programs deemed to be fraudulent? http://www.msnbc.msn.com/id/7818285/ Spyware threat takes pole position http://www.vnunet.com/news/1162952 - - - - - - - - - - Massachusetts continues crackdown on spammers The state's attorney general has sued seven people and two companies. In a continuing crackdown on senders of spam, the attorney general of Massachusetts has sued seven individuals and two companies who allegedly formed a spam ring. The group is allegedly responsible for sending hundreds of millions of unwanted, deceptive e-mail messages each month in violation of both federal and state laws, Massachusetts Attorney General Tom Reilly said during a news conference in Boston today. http://computerworld.com/governmenttopics/government/legalissues/story/0,10801,101658,00.html - - - - - - - - - - South African nations to adopt cyber laws Southern Africa Development Community (SADC) countries are on track to harmonize their Internet laws in order to effectively deal with computer-related crimes, and hope to finalize legislation next year, according to government officials. The Zambian minister of transport and communications, Abel Chambeshi, told the IDG News Service that all the SADC countries have agreed to alter parts of their cyber crime laws and come up with common rules by the end of next year. http://www.itworldcanada.com/Pages/Docbase/ViewArticle.aspx?ID=idgml-952e0006-9396-46f7-843e-fb1c4b50518 - - - - - - - - - - Telewest punters 'unaffected' by spam blacklist Telewest's internet punters appear to be unaffected by Telewest's recent naming and shaming by anti-spam organisation SPEW. More than 900,000 Telewest email addresses have been blacklisted by the Spam Prevention Early Warning System (SPEWS) reports the BBC. http://www.theregister.co.uk/2005/05/11/telewest_spews/ - - - - - - - - - - U.S. Cyber-Crime Unit Focuses on Russian Hackers Investigations by the Hi-Tech Crime Unit into Russian groups responsible for denial of service attacks against online betting sites last year have shed new light on the way criminal hacking groups work. Crime syndicates across the world are banding together in informal alliances to hack into credit card databases, steal on-line banking details and extort businesses by threatening denial of service attacks, the ComputerWeekly.com Web site reported. http://www.mosnews.com/news/2005/04/05/compcrime.shtml A Critical Look at the Regulation of Cybercrime http://www.crime-research.org/articles/Critical/ - - - - - - - - - - Child porn downloads ignored by firms Three-quarters of companies would not report employees caught downloading child pornography in the workplace to the police, according to new research. The survey of 200 UK IT managers by the Internet Watch Foundation (IWF) also found 38 per cent would not even discipline or sack an employee for downloading illegal pornography. http://networks.silicon.com/webwatch/0,39024667,39130315,00.htm http://news.zdnet.co.uk/internet/security/0,39020375,39197942,00.htm - - - - - - - - - - Business travellers targeted in latest phishing scam Business users who frequent airport and other wireless hot spots are being warned of a new, more sophisticated variant of the "Evil Twin" phishing scam that appeared in January. AirDefense has warned fraudulent websites that appear to be log-in sites for legitimate Wi-Fi hot spot vendors. When you log-in and access the phony sites - providing personally ID information - your laptop is hit with as many 45 viruses. http://www.techworld.com/news/index.cfm?RSS&NewsID=3638 Phishing is Yesterday's News - Get Ready for Pharming Entrust, Inc., a world-leader in securing digital identities and information, today announced that Chris Voice, Vice President of Technology at Entrust, and Peter Cassidy, Secretary General of the Anti-Phishing Working Group, during an on-line seminar at 12:30 p.m. Eastern on May 11th, will discuss trends and best-practices for countering phishing and pharming attacks. http://www.newswire.ca/en/releases/archive/May2005/10/c6806.html - - - - - - - - - - No 'sorry' from Love Bug author Five years ago, a new "supervirus" hit the headlines. It had the two successful - but evil - elements: destructive virus coding coupled to an enticing title and the simple fact that it arrived from someone the recipient knew. The combination was virus dynamite. Most viruses start slowly and then build power; "I Love You" hit the computer world like a bomb - anti-virus companies had not seen anything like it and while they struggled to contain the infection, copycats were re-titling the virus and releasing in their own language. http://www.theregister.co.uk/2005/05/11/love_bug_author/ - - - - - - - - - - Microsoft Quashes 'GreyMagic' Bug Microsoft shipped its 24th security bulletin for 2005 on Tuesday with a fix for a well-knownand potentially dangerousflaw in the Windows 2000 operating system. The patch arrives three weeks after the public release of a proof-of-concept exploit by Israel's GreyMagic Software and carries a maximum severity rating of "important." http://www.eweek.com/article2/0,1759,1814607,00.asp Microsoft finds malicious attack flaw http://software.silicon.com/security/0,39024655,39130298,00.htm Microsoft calls for online identity overhaul http://www.vnunet.com/news/1162956 Microsoft Expert Lays Down 7 Laws of ID Management http://www.eweek.com/article2/0,1759,1814676,00.asp 2 to standardize SCM suite on Microsoft technology http://computerworld.com/softwaretopics/erp/story/0,10801,101661,00.html Poachers turn over Microsoft Gatekeeper security test http://www.theregister.co.uk/2005/05/11/ms_gatekeeper_test_fiasco/ - - - - - - - - - - Taking defence down to the data As an organization that is mandated by law to comply with data privacy and security regulations, The Henssler Financial Group has implemented all of the usual technologies, such as firewalls and intrusion-detection systems, to protect its perimeters and networks. http://www.it-observer.com/news.php?id=5060 - - - - - - - - - - Web Browser Forensics, Part 2 Welcome to part two of the Web Browser Forensics series. In part one, we began investigating the intrusion of the Docustodian document management server hosting a law firm's data. The server appeared to have been compromised by a group of hackers who were using it as a repository for their MP3s, MPEGs, and pirated software. http://www.securityfocus.com/infocus/1832 - - - - - - - - - - Anti-Japanese hostilities move to Web In the fortified control room of a major Internet security firm, a beleaguered team of experts slouched behind glowing computer screens, tracking overseas hackers through billions of lines of data. They glanced up periodically at an electronic world map on the wall where, every few seconds, red lines lit up, revealing a new cyber-war aimed at Tokyo. http://www.msnbc.msn.com/id/7796346/ - - - - - - - - - - The New Multiple Personality Disorder Credit reporting agencies make mistakes. It's time to set your records straight. Our reputations are running out of control. Multiple versions of us exist in the datasphere, so many that we hardly recognize ourselves. For instance, according to Experian, one of the big three credit reporting agencies, my wife is a man named Alan. http://www.wired.com/wired/archive/13.05/start.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.