NewsBits for March 6, 2006 sponsored by Digital Investigation - The International Journal of Digital Forensics & Incident Response - www.digitalinvestigation.net ************************************************************ MySpace CEO says site is as safe as offline world The popular Web hangout MySpace.com is as safe as anyplace in the offline world despite recent reports that sexual predators may be using it to find and lure young victims, the company's CEO said. ``If you go to the mall and start talking to strange people, bad things can happen,'' Chris DeWolfe, the site's co-founder, said in a telephone interview. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/14033027.htm http://www.msnbc.msn.com/id/11702558/ - - - - - - - - - - Citibank issues ATM fraud statement An entry on the popular blogger website Boing Boing recently suggested Citibank may be battling a new ATM fraud issue, according to one report by a Citibank customer. The post appears to follow a blog entry by Jacob Appelbaum, who details problems accessing his Citibank accounts from Canadian ATM machines. Appelbaum discusses the unusual response he received from a Citibank representative who, according to the blog entry, indicated the problem was part of a bigger ATM fraud issue in the UK, Russia, and Canada. http://www.securityfocus.com/brief/157 - - - - - - - - - - Trial date set for former DOT employee's case After numerous and lengthy delays, an April 17 trial date has been set for a rare Internet child pornography case that is four years old. The trial schedule was set in Durham County Superior Court last week for Jody Lee Bruchon, a former N.C. Department of Transportation employee accused of using the state's Internet connection to distribute obscene photos of toddlers and preteens. http://www.herald-sun.com/durham/4-709139.html - - - - - - - - - - Child-porn bust at Internet cafe An Edgewater man was ordered held in lieu of $60,000 bail Saturday, accused of down-loading child pornography to an Internet cafe computer in October, authorities said. Thomas J. Coghlin, 51, was arrested Friday morning without incident at his apartment in the 1000 block of West Hollywood Avenue, according to police records. http://www.chicagotribune.com/news/custom/newsroom/chi-060305childporn,1,1449032.story - - - - - - - - - - Man used iPod to store child porn A MAN has been arrested after the Peelers found child porn stored on his video iPod. In what is believed to be the first case of its type, police claim that the San Marcos man was trading in child pornography off the Internet. He downloaded samples to his iPod so he could take it with him wherever he went. http://www.theinquirer.net/?article=30074 - - - - - - - - - - OS X hacked in minutes A hacker is claiming to have hacked a Mac OS X server system in under 30 minutes. The hacker won a Swedish competition last month in which hackers were invited to break into a system. He managed to take root control of the machine - allowing him to delete files and folders and install applications - within six hours of the competition launching. http://www.macworld.co.uk/news/index.cfm?NewsID=14018 http://www.newsfactor.com/story.xhtml?story_id=01300000BORW http://www.vnunet.com/vnunet/news/2151455/false-hacking-report-prompts - - - - - - - - - - Police look at link between porn and child predators There's no concrete evidence someone who collects child pornography will ever molest a child. But experts aren't convinced the 'hobby' isn't a stepping stone. "There's nothing direct that says because someone collects they will do hands-on molestation of children," Staff Sgt. Matt Logan said. http://www.theprogress.com/portals-code/list.cgi?paper=39&cat=23&id=602002 - - - - - - - - - - Cybercriminals continue low-key trends Phishing is up, as are attacks using botnets, but large-scale virus outbreaks are still losing popularity. Cybercriminals are stepping up smaller, more targeted attacks as they seek to avoid detection and reap bigger profits by stealing personal and financial information, according to a report issued on Monday. http://news.zdnet.co.uk/internet/security/0,39020375,39256033,00.htm Cybercriminals stepping up targeted attacks http://news.zdnet.com/2100-1009_22-6046606.html Risky sites account for 5 percent of traffic http://www.securityfocus.com/brief/156 - - - - - - - - - - Cyberthieves Silently Copy Your Passwords as You Type Most people who use e-mail now know enough to be on guard against "phishing" messages that pretend to be from a bank or business but are actually attempts to steal passwords and other personal information. http://www.nytimes.com/2006/02/27/technology/27hack.html - - - - - - - - - - Agencies may have trouble meeting ID card deadline, GAO says Federal agencies face "significant challenges" in meeting a presidential directive to establish a government-wide "smart card" identification standard for federal contractors and employees, according to a Government Accountability Office report released Monday. http://www.govexec.com/story_page.cfm?articleid=33552 - - - - - - - - - - Antivirus groups fight over Crossover sharing A virus that spreads from PCs to mobile devices has become the focus of a power play between the antivirus industry and the relatively young Mobile Antivirus Research Association, which obtained the only sample of the program. Right now, none of us can protect against this virus because we haven't seen the code. At the moment, it is really hard for us to ascertain whether this is a serious threat or a curiosity because it has not been shared with any antivirus company. http://www.securityfocus.com/news/11379?ref=rss Crunch year for mobile viruses? http://www.it-observer.com/news/5813/crunch_year_mobile_viruses/ Standoff over PC-to-mobile jumping code http://news.zdnet.com/2100-1009_22-6046361.html - - - - - - - - - - LAMP lights the way in open-source security The most popular open-source software is also the most free of bugs, according to the first results of a U.S. government-sponsored effort to help make such software as secure as possible. The so-called LAMP stack of open-source software has a lower bug density--the number of bugs per thousand lines of code--than a baseline of 32 open-source projects analyzed, Coverity, a maker of code analysis tools, announced Monday. http://news.zdnet.com/2100-1009_22-6046475.html - - - - - - - - - - Security in the spotlight at CeBIT In an increasingly connected world economy, organizations often need to share data with foreign branches, suppliers, and Security will be a major focus this week at the giant CeBIT show in Hanover, Germany. This year, the annual IT trade show will home in on the multiple layers of security threats facing enterprise networks. Now it's not just data networks that are under attack; VoIP and even paper documents are at risk. http://computerworld.com/securitytopics/security/story/0,10801,109241,00.html - - - - - - - - - - Computer viruses create visual images We know what a virus is. You catch one, you come down with a cold, or as the medical practitioners would have it, an upper respiratory infection. Most of us know what another kind of virus is -- the kind you can get on your computer that can wipe out all your data, what computer programmers call hell on Earth. There's a great deal of similarity between the two types of viruses -- the biological one and the virtual one -- and it's nothing to sneeze at. http://www.ohio.com/mld/ohio/entertainment/visual_arts/14016680.htm - - - - - - - - - - Customers voice concern over IP telephony security Security fears are the biggest concern of internet protocol (IP) telephony customers worldwide, according to a senior Alcatel executive. Speaking to IT Weekly at the Alcatel Enterprise Forum in Paris, France, last month, Gabriel Karam, marketing and business development manager for enterprise solution devices, Africa, Middle East, India and Turkey, said tackling security issues was a key priority for the company. http://www.it-observer.com/news/5815/customers_voice_concern_over_ip_telephony_security/ - - - - - - - - - - Wireless Security - Getting It Right It may sound strange but is true that several organisations, which have adopted Wireless networking, are open to severe security breaches. Mostly the reasons are that organisations simply plug the access points and go live without bothering to change the default factory settings. Wireless local area networks are open to risk not because the systems are incapable but due to incorrect usage. http://www.it-observer.com/news/5810/wireless_security_getting_it_right/ - - - - - - - - - - U.S. Expat Advocate of Suicide Is Deported The government deported a California man who operated a website promoting Cambodia as a place for foreigners to commit suicide. Roger Graham, 57, was detained at his residence in southwestern Kampot province, authorities said. "His website lured people in the world to come to commit suicide in Cambodia," a police official said. The website, apparently directed at terminally ill patients, notes that "euthanasia is not illegal in Cambodia." (LA Times article, free registration required) http://www.latimes.com/technology/la-fg-briefs5.3mar05,1,815206.story ************************************************************ Digital Investigation is the international journal of digital forensics and incident response. To apply for a free sample copy visit: http://www.digitalinvestigation.net *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2006, NewsBits.net, Campbell, CA.