NewsBits for March 14, 2006 sponsored by Digital
Investigation - The International Journal of Digital
Forensics & Incident Response - www.digitalinvestigation.net
************************************************************
US cops collar ATM fraud ring
US police have arrested 14 people suspected
of involvement in widespread ATM fraud that
has forced a number of US banks to reissue
debit and credit cards over recent months.
The suspects are all accused of manufacturing
counterfeit cards using stolen credit card
details. Most of the arrests happened over
the last fortnight.
http://www.theregister.co.uk/2006/03/14/us_atm_fraud_arrests/
OfficeMax: No evidence of security breach
Following an extensive review of its security
systems, OfficeMax says it has no reason to
believe it was the company that suffered the
data breach that resulted in thousands of
cases of debit card fraud. On Tuesday, the
office-supply chain said that an independent
study by a security expert found no indication
that the company's customer information was
lost. An internal investigation came to the
same conclusion.
http://news.zdnet.com/2100-1009_22-6049758.html
- - - - - - - - - -
Man charged with hacking into GM database
A former security guard at General Motors Corp.'s
Warren technical center is accused of taking
employee Social Security numbers and using
them to hack into the company's employee
vehicle database.
http://www.msnbc.msn.com/id/11827491/
- - - - - - - - - -
Phishing fraudsters offer cash reward
Email scammers are trying to dupe online banking
customers into handing over sensitive account
information using a bogus survey that offers
a fictitious $20 reward. The attack, targeted
against Chase Manhattan customers, represents
the latest evolution of social engineering
attacks by phishing fraudsters.
http://www.theregister.co.uk/2006/03/14/chase_phishing_scam/
- - - - - - - - - -
Ex-school aide gets 20 years for porn
A federal judge Monday sentenced a former high
school interpreter for the deaf to 20 years in
prison for distributing child pornography over
the Internet, the maximum recommended under
sentencing guidelines. William Allen Lane,
34, e-mailed 15 child porn pictures to a local
tattoo artist and said he delivered more than
700 images on a pair of CDs in exchange for
a tattoo. The tattoo artist reported Lane
to federal investigators in August.
http://www.news-press.com/apps/pbcs.dll/article?AID=/20060314/NEWS0110/603140394/1075
- - - - - - - - - -
Man gets 8 years for child porn
A Kewanee man was sentenced to eight years
in prison on 22 counts of child pornography,
while his accomplice was sentenced to four years.
Enoch Webster, 62, pleaded guilty in Henry County
Circuit Court to 22 counts of child porn, two
counts of aggravated criminal sexual abuse and
possession of a weapon by a felon and was given
eight years through the negotiated plea agreement,
according to State's Attorney Terry Patton.
http://www.pjstar.com/stories/031406/REG_B986P0DM.017.shtml
- - - - - - - - - -
Ex-chief found guilty on all counts in child-porn case
A jury of nine women and three men spent nearly four
hours in deliberations on Monday deciding the fate
of former Wapakoneta Police Chief David L. Harrison
before returning a verdict of guilty on all 18
charges. Harrison, dressed in a charcoal-colored
suit, sat expressionless at the defense table
in the Madison County courtroom as the clerk
read each verdict. There was no reaction from
a gathering of supporters, including his wife,
Vicki, who were seated in the gallery behind
the defense table.
http://www.limaohio.com/story.php?IDnum=23570
- - - - - - - - - -
Former Deputy Sentenced for Child Porn
Investigators found hundreds of child pornography
pictures on his computer. Now, the former Fresno
County Sheriff's deputy is going to prison. Neil
Edmiston was arrested in 2004 for having pornographic
images of children on his computer. In court on
Monday, a judge sentenced him to three years in
prison. A judge gave Neil Edmiston the low end
of the sentencing range, noting he had no prior
record, voluntarily admitted to the crime and
cooperated with law enforcement.
http://abclocal.go.com/kfsn/story?section=local&id=3990161
- - - - - - - - - -
Trojans swim team coach faces child pornography charges
The former head coach of a childrens swim team
in Halifax is facing child pornography charges.
Robert Adam Widdis, 31, resigned from the Halifax
Trojans Aquatic Club after police charged him
last Thursday with possessing and accessing
child porn.
http://thechronicleherald.ca/Front/489985.html
- - - - - - - - - -
Convicted stabber now faces child porn charges
The 23-year-old man convicted last week of stabbing
and beating a Western Connecticut State University
art student has also been accused of possessing
child pornography in another case. Zachary Jay Elson,
who faces up to 20-years in prison for the Danbury
assault, is scheduled to appear in superior court
in Bantam on Wednesday on 12 counts of possession
of child pornography.
http://news.newstimeslive.com/story.php?id=81051
- - - - - - - - - -
Reno man held on suspected possession of child pornography
A 45-year-old Reno man is behind bars on a
federal charge of possession of child pornography
after more than 10,000 images and more than
1,000 on-line videos were found on his computer,
according to court documents released Monday.
http://news.rgj.com/apps/pbcs.dll/article?AID=/20060314/NEWS01/603140348/1004/NEWS
- - - - - - - - - -
Workers duped by simple CD ruse
To office workers trudging to their cubicles,
the promotion looked like a chance at sweet
relief from the five-day-a-week grind. By simply
running a free CD on their computers, they would
have a chance to win a vacation. But the beguiling
morning giveaway in London's financial district
last month was more nefarious than it appeared.
http://www.techworld.com/security/news/index.cfm?RSS&NewsID=5563
- - - - - - - - - -
US judge ponders Google decision
Google said users of its search engine have a right
to their privacy. A US judge says he is inclined to
order internet giant Google to turn over some data
sought by the US government. Judge James Ware
told a hearing in California that he would weigh
the government's need to gather data against
the privacy of Google users.
http://news.bbc.co.uk/2/hi/technology/4804182.stm
U.S. scales back demand for Google data; judge is favorable
http://computerworld.com/developmenttopics/websitemgmt/story/0,10801,109546,00.html
Google cuts data deal with DoJ
http://www.theregister.co.uk/2006/03/14/google_doj_data/
- - - - - - - - - -
Cybercrime worse than physical crime for Australian business
Australian CIOs believe more strongly than their
global peers that employees now pose a threat
to corporate security, according to a new IBM
research report. Seventy five percent of local
CIOs who spoke to IBM perceive that threats
originate internally compared to a global
benchmark, based on a total of 17 countries,
of 66%.
http://www.itwire.com.au/content/view/3602/53/
- - - - - - - - - -
Official seeks aid in fighting child porn
Michael Cantara gets a "knot in his stomach" when
he thinks about the backlog of computers that have
yet to be analyzed as evidence in child pornography
cases. Cantara, commissioner of the Department of
Public Safety, asked lawmakers Monday to give him
two more investigators to address the 60-case backlog
that his current staff doesn't have time to process.
http://kennebecjournal.mainetoday.com/news/local/2530860.shtml
- - - - - - - - - -
Spam king sets up in New Zealand?
An unsolicited bulk e-mail campaign for broadband
and telephone calling rates may have flushed out
a notorious U.S. spammer from a low-profile existence
in Auckland. Contacted by Computerworld, Brendan
Battles of Auckland denies that he is the same
person as U.S. spammer Brendan Battles. He also
denied spamming in New Zealand, even though
Computerworld rang him on a number supplied
in one of the spam messages.
http://www.computerworld.com/securitytopics/security/cybercrime/story/0,10801,109508,00.html
- - - - - - - - - -
Fraud falling under Chip and PIN
Chip and PIN technology has helped cut credit card
fraud by 13 per cent in the last year, its first
decline in a decade, according to new figures.
Data from the Association of Payment Clearing
Services (Apacs) shows that losses due to the
fraudulent use of credit and debit cards fell
last year by PS65m to PS439m.
http://www.theregister.co.uk/2006/03/14/chip_and_pin_security/
- - - - - - - - - -
Cryzip Trojan Encrypts Files, Demands Ransom
Virus hunters have discovered a new Trojan that
encrypts files on an infected computer and then
demands $300 in ransom for a decryption password.
The Trojan, identified as Cryzip, uses a commercial
zip library to store the victim's documents inside
a password-protected zip file and leaves step-by-
step instructions on how to pay the ransom to
retrieve the files.
http://www.eweek.com/article2/0,1759,1937408,00.asp
- - - - - - - - - -
McAfee ate my system
False positive creates havoc. A faulty signature
update from McAfee flagged up legitimate application
files as infected with a low-risk virus, CTX. The
dodgy anti-virus update (4715 DAT), issued on Friday,
March 10, falsely identified a number of component
files of Microsoft Office applications and some
Windows systems files as infectious. Along with
Microsoft Excel, components of Adobe Update Manager,
Macromedia Flash Player and Google Toolbar were
falsely labeled as viral.
http://www.theregister.co.uk/2006/03/14/mcafee_av_false_positive/
- - - - - - - - - -
Microsoft patches up Office
Microsoft today issued two security updates for its
Windows and Office products, including a patch that
fixes a number of critical vulnerabilities found
in the Office suite. In an advisory Microsoft said
that its update fixes bugs in a variety of Office
products, including Microsoft Office XP, Office 2003,
Works Suite, and Office X for Mac. But the "critical"
security rating -- Microsoft's most serious --
applies only to Microsoft Word, Excel, PowerPoint
and Outlook 2000, or Office 2000.
http://computerworld.com/securitytopics/security/story/0,10801,109553,00.html
- - - - - - - - - -
Fix in for 'critical' Flash player flaws
Adobe Systems has issued a patch for critical
security flaws in its Macromedia Flash Player
that could allow malicious attackers to take
control of systems.
http://news.zdnet.com/2100-1009_22-6049676.html
- - - - - - - - - -
Liberty Alliance helps fuel use of identity specs
As the Liberty Alliance Project gathers momentum,
industry insiders are expecting a sharp rise in the
use of products and services that use Web identity
management specifications. The Liberty Alliance
Project said today it expects the number of people
and devices using federated identity specifications
it endorses to top 1 billion this year. That figure
includes people who have created identities using
the Liberty-endorsed specifications, plus devices
and Web sites that use the protocols.
http://computerworld.com/securitytopics/security/story/0,10801,109541,00.html
- - - - - - - - - -
Windows Live parental controls due this summer
Microsoft expects to release a first version of new,
no cost parental control software for Windows XP by
the end of June, the company said Monday. As reported
earlier, Windows Live Family Safety Settings software
is designed to help keep Web content that parents
deem inappropriate from reaching their children.
A preview version of the tool is currently
available to testers.
http://news.zdnet.com/2100-1009_22-6049294.html
- - - - - - - - - -
Passport data checks go live
Personal details of passport applicants are being
checked against third party databases in a scheme
that could provide the basis for ID Cards. A scheme
for verifying the personal details of passport
applicants, which is intended to provide the basis
for an ID Cards checking system, has gone live.
http://www.theregister.co.uk/2006/03/14/passport_data_checks_live/
- - - - - - - - - -
Windows Intruder Detection Checklist
This document is being published jointly by the
CERT Coordination Center and AusCERT (Australian
Computer Emergency Response Team).
http://www.cert.org/tech_tips/WIDC.html
- - - - - - - - - -
Dutch blaggers explode ATMs
Banks in the Netherlands have begun fitting air
vents to ATMs after local blaggers took to blowing
up tills using explosive gas. According to local
reports, enterprising local crims have taken to
drilling holes in conventional ATMs and filling
them full of flammable gas and igniting it from
a safe distance, a technique called plofkraak.
Surprisingly this doesn't incinerate the
contents of cash dispensing machines.
http://www.theregister.co.uk/2006/03/14/exploding_atm_attack/
- - - - - - - - - -
************************************************************
Digital Investigation is the international journal of digital
forensics and incident response. To apply for a free sample
copy visit: http://www.digitalinvestigation.net
***********************************************************
Search the NewsBits.net Archive at:
http://www.newsbits.net/search.html
***********************************************************
The source material may be copyrighted and all rights are
retained by the original author/publisher. The information
is provided to you for non-profit research and educational
purposes. Reproduction of this text is encouraged; however
copies may not be sold, and NewsBits (www.newsbits.net)
should be cited as the source of the information.
Copyright 2000-2006, NewsBits.net, Campbell, CA.