NewsBits for March 2, 2006 sponsored by Digital Investigation - The International Journal of Digital Forensics & Incident Response - www.digitalinvestigation.net ************************************************************ Student suspended for viewing MySpace posting A middle school student faces expulsion for allegedly posting graphic threats against a classmate on the popular MySpace.com Web site, and 20 of his classmates were suspended for viewing the posting, school officials said. Police are investigating the boy's comments about his classmate at TeWinkle Middle School as a possible hate crime, and the district is trying to expel him. http://www.cnn.com/2006/TECH/internet/03/02/myspace.suspensions.ap/index.html - - - - - - - - - - Man, 62, guilty in child porn case A 62-year-old Northampton man pleaded guilty in federal court yesterday to possessing child pornography. Philip Dippolt, of 63 Hatfield St., faces sentencing on May 31. U.S. District Court Judge Michael A. Ponsor told Dippolt that the government may ask for a sentence of 9-10 years. Assistant U.S. Attorney Thomas J. O'Connor Jr. said the sentencing range is in that neighborhood based on the ages of children and images depicted. http://www.masslive.com/hampfrank/republican/index.ssf?/base/news-3/11412891804730.xml - - - - - - - - - - Computers seized in child porn raids GARDAI carried out a number of raids on homes and businesses as part of an investigation into child pornography, it emerged yesterday. Some 12 people have so far been brought before the courts as part of the investigation, code-named Operation Iron. Detectives are thought to be investigating up to 80 suspects as part of the operation which began in November 2004. http://www.irishexaminer.com/pport/web/ireland/Full_Story/did-sgq7YYekySym-sg7IQHSmeYhNE.asp - - - - - - - - - - Daytona man arrested after cops link him to child porn A Daytona Beach man was arrested Wednesday after authorities said they connected him to pornographic videos of children they found on the Internet. Timothy Salan, 27, was arrested at his residence on North Street about 9:40 a.m. Wednesday and charged with possession of child pornography, promoting the sexual performance of a child and five counts of possession of computer pornography, officials said. http://www.orlandosentinel.com/technology/orl-vporn0206mar02,0,5446373.story - - - - - - - - - - Deputies say 19-year-old had child porn Osceola County deputy sheriffs on Wednesday arrested a 19-year-old Celebration man on charges he possessed child pornography, officials said. Michael Saddic was arrested and booked into the Osceola County Jail on 14 counts of possessing a sexual performance by a child. Bail was set at $14,000. http://www.orlandosentinel.com/news/local/osceola/orl-cfbriefs02_306mar02,0,3147123.story - - - - - - - - - - Child-porn fears hit home after arrest of former teacher Dozens of parents in Millis and surrounding towns have been shaken by the child pornography charges lodged against a Millis resident who had worked as an elementary school teacher, day-care worker, and camp counselor in the area. http://www.boston.com/news/local/articles/2006/03/02/child_porn_fears_hit_home_after_arrest_of_former_teacher/ - - - - - - - - - - Warning: Predators prowl online Computers seized in child porn raids. We deadbolt our doors. We have burglar alarms systems. We use caller I.D. Yet some of us unknowingly allow criminals to enter our homes on a daily basis. According to recent news reports, MySpace.com and similar Internet sites, which encourage young people to set up personal profiles, are being used for criminal behavior. http://www.acorn-online.com/news/publish/article_4930.shtml Two arrested on sex charges linked to MySpace http://www.msnbc.msn.com/id/11644084/ - - - - - - - - - - UCI Psychiatrist Bilked by Nigerian E-Mails, Suit Says Dr. Louis A. Gottschalk lost perhaps $3 million over 10 years in the scam, his son alleges in court documents. A renowned psychiatrist from UC Irvine was duped into squandering at least $1.3 million of his family's fortune on a Nigeria Internet scam, according to a lawsuit recently filed by his son. (LA Times article, free registration required) http://www.latimes.com/technology/la-me-nigerian2mar02,1,6091527.story - - - - - - - - - - California regulators pass wireless consumer protections California utility regulators on Thursday approved new protections for wireless telephone customers that include the creation of a fraud unit to investigate sellers who mislead customers about fees and services. The California Public Utilities Commission voted 3-2 in favor of the new regulations, which also call for a greater state role in educating consumers to prevent contract abuses. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/14003683.htm - - - - - - - - - - OMB: Agency compliance with cybersecurity law improving Agencies improved slightly in fiscal 2005 at meeting computer security standards, according to a report released Wednesday by the Office of Management and Budget. The percentage of agency information technology systems certified and accredited rose from 77 percent in fiscal 2004 to 85 percent in 2005, just short of an administration goal of 90 percent, OMB stated. http://www.govexec.com/story_page.cfm?articleid=33498 - - - - - - - - - - Google Moving Search Records Out of China Hopes to prevent Chinese government access to records without Google permission. In an effort to protect users of its Google.cn Web site, Google is moving search records out of China and into the United States, a company executive said this week. Google.cn is a version of the company's search engine that is hosted in China and adheres to Chinese censorship laws. It was launched in January. http://www.pcworld.com/news/article/0,aid,124938,00.asp - - - - - - - - - - Breach notification laws: When should companies tell all? While there appears to be growing industry consensus that security breach notification laws have forced companies to take more responsibility for the data they own, there is little agreement on exactly when companies should be required to notify consumers when a data breach occurs. Ranged on one side of the debate are those who want alerts for any breach involving the potential exposure of sensitive data. http://computerworld.com/securitytopics/security/story/0,10801,109161,00.html - - - - - - - - - - Japan reports leap in Cybercrime The number of people arrested for fraud and other crimes linked to the Internet jumped almost 52 percent last year to a record 3,161, Japan's National Police Agency says. The figure easily surpassed the previous year's record of 2,081 arrests, according to a report issued by the NPA, which began compiling statistics on cybercrimes in 1999. http://news.moneycentral.msn.com/provider/providerarticle.asp?feed=AP&Date=20060301&ID=5548576 - - - - - - - - - - Caveat Emptor : A Matter of Personal Choice The Philippines biggest Internet chain operator is asking government to create a censorship body similar to the Movies Television Review and Classification Board (MTRCB) to counter the proliferation of pornography on the Internet and provide guidelines for the compliance of Internet service providers. Netopia President Raymond Ricafort has been meeting with Senators Ramon Revilla Jr. and Manuel Villar, co-chairs of the Senate committee on public information and mass media, to flesh out their plan with specific recommendations to create regulations against online pornography. http://www.americanchronicle.com/articles/viewArticle.asp?articleID=6431 - - - - - - - - - - FedEx Kinko's payment card cracked FedEx on Thursday said that a security weakness in the payment card system used in its FedEx Kinko's stores doesn't pose a significant risk to the company --or any risk to customers. The statement comes after the company's initial denial that the ExpressPay payment card system could be tricked. Security researchers earlier this week announced that anyone with some extra hardware and technical knowledge could use FedEx Kinko's services for free and even get cash from the company. http://news.zdnet.com/2100-1009_22-6045389.html - - - - - - - - - - Google fixes 'minor' Gmail flaw Google has fixed a flaw in its Gmail Web based e-mail service after the problem was disclosed by a blogger, the company said Thursday. The flaw could allow JavaScript code to run when viewing a message in Gmail, potentially allowing malicious code to be used by an attacker to compromise a Gmail account, according to a blogger who calls himself "Anthony." http://news.zdnet.com/2100-1009_22-6045416.html http://www.vnunet.com/vnunet/news/2151299/google-scrambles-plug-gmail Teenager claims to find code flaw in Gmail http://www.computerworld.com/securitytopics/security/holes/story/0,10801,109129,00.html - - - - - - - - - - Apple patches Safari, OS X flaws Apple Computer issued a patch on Wednesday to fix at least 20 flaws in more than a dozen components of its flagship operating system, Mac OS X, including a vulnerability in its Safari Internet browser that security experts considered critical. The patch fixes at least four security issues with the Safari browser and closes holes in the company's iChat and Mail application that could have been exploited by recent malicious programs. http://www.securityfocus.com/brief/152 http://www.newsfactor.com/story.xhtml?story_id=002000001SMI - - - - - - - - - - Panda Software's Top Ten Cybercrime Threats Detected For the ninth month running, Sdbot.ftp was the malware most frequently detected by the free online antivirus solution, Panda ActiveScan (http://www.activescan.com), in the computers around the world. Similarly, there has been a significant number of detections of Netsky.P, one of the oldest examples of malware in the ranking. http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/03-01-2006/0004311422 Antivirus vendors all put Netsky at the top of their charts A roundup of the February virus and spam statistics has shown that Netsky is still the most common virus on the internet, despite all major software vendors having a signature file available for over a year. http://www.vnunet.com/vnunet/news/2151260/netsky-top-virus-charts - - - - - - - - - - Malware volumes hold steady Global rates of spam, viruses and phishing e-mails stagnated in the last month, managed e-mail provider MessageLabs has reported. Month-on-month, levels for all three mostly stayed where they had been in the previous month. Spam rates actually decreased slightly from January, falling from 66.6 percent to 60.6 percent, while viruses fell from one in 41.7 e-mails to one in 44.1, or 2.3 percent of traffic. Only phishing saw any increase but this was modest, rising from one in 395 to one in 335. http://www.techworld.com/security/news/index.cfm?RSS&NewsID=5490 - - - - - - - - - - U.S. officials investigating Sourcefire purchase Officials from the FBI and the U.S. Defense Department have objected to foreign ownership of SourceFire, partly over concerns relating to Snort which guards some U.S. military and intelligence computers. Check Point indicated in a press release on February 13 that the Sourcefire deal is currently under investigation by the Committee on Foreign Investment (CFIUS) in the U.S. http://www.securityfocus.com/brief/153 - - - - - - - - - - Take precautions in Wi-Fi zones PROBLEM: Having an unsecure computer in a Wi-Fi hot spot. SOLUTION: Connect to a legitimate service provider and make sure the paid service you tap into is the one advertised for that location. Resist using a free signal; it could be a hacker nearby waiting for people to use the decoy Internet access. http://www.thestate.com/mld/thestate/sports/13986731.htm - - - - - - - - - - Schizophrenic 419er moves to Isle of Wight We're not entirely sure what exactly the Isle of Wight has done to merit a visit from the Lads from Lagos, but locals should be aware that the Newport correspondent of the Advance Fee Fraud Times may be suffering from a multiple personality disorder: http://www.theregister.co.uk/2006/03/02/schizophrenic_419er/ ************************************************************ Digital Investigation is the international journal of digital forensics and incident response. To apply for a free sample copy visit: http://www.digitalinvestigation.net *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2006, NewsBits.net, Campbell, CA.