NewsBits for June 22, 2005 ************************************************************ Spain arrests 186 in child porn crackdown Spanish police have arrested 186 people throughout the country in a crackdown on the distribution of child pornography, the Interior Ministry said Wednesday. In two parallel operations, 650 officers searched 188 homes and found evidence of child pornography distribution across the Internet using peer-to-peer software and a system of passwords. In a statement, the ministry said the material included all kinds of pornographic images of children engaged in explicit sexual acts with other minors and with adult men and women. - - - - - - - - - - Bestiality charge 'came to us' A child porn sting that led to bestiality charges has taken a new twist as authorities seek charges today against a Clare County 911 dispatcher over a tip that helped two suspects skip town earlier this year. Federal agents who led the sting arrested a 51-year-old Clare County woman about 8:30 a.m. today. She will remain jailed as prosecutors consider obstruction of justice charges, said FBI Supervisory Senior Resident Agent Walter H. Reynolds, head of the agency's Bay City office. - - - - - - - - - - West Linn man found guilty in child porn case An Oak Grove Elementary School music teacher was found guilty Tuesday of possessing child pornography after a trial that raised issues about whether viewing an image on the Internet constituted possession. Gregg Bryant Ritchie, 31, of West Linn teared up after Clackamas County Circuit Judge Thomas Rastetter declared him guilty on all 20 counts of encouraging child sexual abuse in the second degree. A Clackamas County sheriff's deputy led Ritchie away in handcuffs. - - - - - - - - - - Security Flaw Spurs CVS to Cut Net Access to Data A security hole that allowed easy access to information about the purchases of millions of CVS Corp.'s loyalty card customers prompted the company to pull Internet access to the data. The Woonsocket, R.I.-based drugstore chain, which has issued 50 million cards, said it would restore Web-based access to the information after it created more security hurdles. (LA Times article, free registration required),1,6038440.story - - - - - - - - - - Compensation for pyramid scheme victims Over 25,000 UK victims of an illegal international pyramid scheme could receive compensation from a $20m US redress scheme, set up to compensate victims of a fraudulent firm called Skybiz. Oklahoma-based Skybiz operated between 1998 and 2001, ostensibly selling a work-at-home business scheme in which consumers were asked to buy an ecommerce web pack for $125. - - - - - - - - - - Yahoo! shuts door on dodgy chatrooms Yahoo! has pulled the plug on user-created chat rooms in the US with apparent child sex content after major advertisers withdrew their ads. The change of heart came after an expose by a Houston TV station which revealed Yahoo! was hosting chat rooms with titles including Girls 13 And Under for Older Guys and 9-17-Year Olds Wantin' Sex. The TV station found chat from men seeking children for sex. - - - - - - - - - - California ID breach bill gets thumbs-up Concerned with the growth of identity theft, California lawmakers gave initial approval on Tuesday to a bill that, with other state safeguards, would require companies to notify consumers of all security breaches involving their personal information. The California Assembly's judiciary committee voted 6-3 for the bill, which would apply to paper and taped records. Breaches of computer records are already covered by a state law. ID thieves search ultimate pot of gold databases - - - - - - - - - - Targeted Trojan-horse attacks hitting U.S., worldwide Cyberattacks aiming to steal proprietary information have targeted companies and government agencies across the globe, including the U.S., security experts said this week. On June 16, the United Kingdom's incident response team, the National Infrastructure Security Co-ordination Centre, warned that stealthy Trojan-horse attacks were targeting specific U.K. companies and government agencies. - - - - - - - - - - Mass hack targets critical Windows flaw Ominous surge in TCP port 445 scanning activity A recent surge in port 445 scanning activity could herald impending hack attacks, and industry experts have warned firms to take "immediate steps" to ensure that the affected Windows ports are secure. Gartner pointed to recent reports that security vulnerability sensors have noted an increase in activity on TCP port 445, which is associated with Microsoft's Windows Server Message Block (SMB) protocol.,10801,102687,00.html - - - - - - - - - - Pop-up vulnerability found in major browsers Several popular Web browsers contain a vulnerability that could be used by cybercriminals to steal personal data, security company Secunia has warned. The flaw would allow a phishing attack in which a malicious JavaScript pop-up window appeared in front of a trusted Web site, Secunia said in an alert published Tuesday. This could trick a surfer into revealing data such as a password. - - - - - - - - - - Cisco under fire for VPN vulnerability Security experts have uncovered a potentially serious vulnerability in Cisco's VPN 3000 series Concentrator products while performing a VPN security test for a customer. According to NTA Monitor, the flaw affects remote access VPNs with groupname authentication, and is the first step to gaining access to the network by allowing an attacker to use a dictionary or brute-force attack to determine valid group names on the concentrator. - - - - - - - - - - Major smartphone worm 'by 2007' Mobile networks need to start building malware defences into their systems now to stop a meltdown when smartphones really take off, according to analysts. Companies will not have to worry about a large-scale virus outbreak targeting their smartphones for another 18 months, security experts predicted.,39020345,39205035,00.htm - - - - - - - - - - US military takes aim at secure wireless US researchers have developed a secure wireless Ultra Wideband (UWB) data communication network that can be used to help monitor US Air Force bases and Department of Energy nuclear facilities, in addition to wirelessly controlling remotely operated weapons systems. - - - - - - - - - - Credit card hacking not hard The numbers involved in the latest high-stakes cybercrime are astonishing: Burrowing into a payment-processing company's computers, a hacker apparently stole data on 200,000 credit and debit accounts and had access to 40 million. But that doesn't make the techniques required to pull off such a heist all that unusual. Security researchers say the murky online community of credit card thieves is increasingly sophisticated at exploiting weaknesses in financial networks. Ubiquitous Technology, Bad Practices Drive Up Data Theft Security leak reveals weaknesses Consumers, retailers grapple with data theft *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2005,, Campbell, CA.