NewsBits for March 31, 2006 sponsored by Digital Investigation - The International Journal of Digital Forensics & Incident Response - ************************************************************ Hacker hits Georgia state database via hole in security software An unpatched flaw in a widely used security program was exploited by an unknown hacker to gain access to a Georgia Technology Authority (GTA) database containing confidential information on more than 570,000 members of the states pension plans.,10801,110094,00.html - - - - - - - - - - N.H. IT worker disputes state government security breach A New Hampshire state IT employee who was placed on paid leave last month after an alleged security breach involving a government server is disputing the states explanation of the incident. Douglas A. Oliver, 44, a Web middleware engineer who says he was placed on paid leave Feb. 17 in connection with the incident, said he is speaking out because the states account is incredibly skewed, in my estimation.,10801,110092,00.html - - - - - - - - - - NASA HQ Raided In Kiddie Porn Probe The Washington headquarters of NASA was raided this week as part of a kiddie porn probe targeting an executive with the space agency, The Smoking Gun has learned. On Wednesday morning, federal investigators seized a laptop computer, a hard drive, CDs, and other material from the office of James R. Robinson, who was present when agents with NASA's inspector general executed a search warrant at his E Street office. - - - - - - - - - - Fake E-Mail Topples Japan's Opposition Party Japan's opposition party suffered a fresh humiliation Friday when its leadership resigned en masse over a fake e-mail scandal, handing Prime Minister Junichiro Koizumi an uncontested grip on power in his last six months in office. - - - - - - - - - - Cops hunt for counterfeiters Investigators seeking evidence of a counterfeiting operation at a Medford home seized computer equipment and hand grenades, then arrested three people Wednesday. Police across Southern Oregon and Northern California have received a spate of reports of counterfeit cash in the past several weeks, Medford police Lt. Mike Moran said. Fake bills ranging from $1 to $100 have been reported, he said. - - - - - - - - - - Seven arrested in online fraud crackdown The U.S. Secret Service arrested seven people across the nation this week as part of an ongoing investigation that has turned up links to the massive debit-card breaches which have worried banks and consumers. - - - - - - - - - - ID theft, child porn charges lodged First, Flint Township police discovered he was paying off credit cards issued to his dead brother using another person's stolen identity. Police said his brother died 10 years ago, but the credit cards were opened four years ago. And when he was arrested, police found child pornography in his truck. - - - - - - - - - - Ex-Rosenberg cop convicted on child porn charge A Fort Bend County jury has found a former Rosenberg police officer guilty of possession of child pornography. The punishment phase of the trial of Gary Wayne Stone, 58, starts today in the 400th District Court. Stone was convicted Thursday evening and faces a potental sentence of 2 to 10 years in prison. - - - - - - - - - - Net luring charged A 46-year-old city man faces Internet luring and child-porn charges after city police raided a north-end home. Last November, a 13-year-old girl reported a man with whom she had been communicating on the Internet was pressuring her for sex, said police spokesman Jeff Wuite. - - - - - - - - - - Lawmaker calls for additional staff to combat Internet child porn On Tuesday, Sen. Bill Diamond, D-Windham, urged Maine senators to back LD 2028, a bill that would help the state's Computer Crimes Task Force fight Internet child pornography. - - - - - - - - - - Law Directs Schools to Teach Cyber-Safety Virginia public schools will be required to teach students about Internet safety under a law passed by the General Assembly and signed by Gov. Timothy M. Kaine (D) last month. The law, which takes effect July 1, is designed to ensure that tech-savvy children understand the dangers lurking in cyberspace. The measure's sponsor, Del. William H. Fralin Jr. (R-Roanoke), said he wrote the bill after his oldest son turned 10 and started competing with his parents for computer time. - - - - - - - - - - Data-Breach Disclosure Bill Passes House Panel Legislation forcing data brokers to disclose security breaches to the public passed the U.S. House Energy and Commerce Committee today on a 41-0 vote. - - - - - - - - - - U.S. Senate Panel Backs Phone Record Privacy Bill The proposed law would boost penalties to as much as $30,000 per incident and up to $3 million for continuing violations by telephone companies that fail to properly safeguard consumer information.;?articleID=184417322 - - - - - - - - - - Hong Kong lawmaker says Yahoo unit wasn't compelled A Hong Kong lawmaker said Friday he has complained to a government privacy commission that Yahoo Inc.'s local affiliate provided evidence to convict a Chinese reporter sentenced to 10 years in prison for leaking state secrets. - - - - - - - - - - Yahoo: We need effective cybercrime laws Yahoo has called for "effective" legislation, combined with industry self-regulation, to deal with online fraud, child abuse and other cybercrime. The Internet services giant appealed on Thursday for policymakers to concentrate on defining illegal use of technology, rather than focus on how an action breaks the law. - - - - - - - - - - Computer security problems still afflict SEC, GAO says Computer security problems continue to plague the Securities and Exchange Commission, according to a Government Accountability Office report issued Friday. - - - - - - - - - - BBC stories used as bait for IE exploits E-mail servers Security threats Microsoft Cybercrooks are spamming e-mail messages to trick people into visiting malicious Web sites that exploit a recent Internet Explorer flaw, experts warned Thursday.,1759,1944579,00.asp,39024655,39157722,00.htm - - - - - - - - - - Weekly Report on Viruses and Intruders Every week, Panda Software publishes a report with information explaining the most notable viruses and threats that have appeared during the week. In this weeks report, PandaLabs looks at two variants of the notorious Bagle worm, IB and HZ, as well as a malicious code that exploits a vulnerability in Internet Explorer. - - - - - - - - - - Spyware company denies software is malicious The company selling spyware for mobiles has hit back at the suggestion its program is malicious. Thai company Vervata has hit back after security firm, F-Secure, recently began blocking a commercial application called FlexiSpy, a product that bills itself as the world's first spy software built for mobile phones. Cell Phone Spy Program Raises Concerns,1759,1944472,00.asp - - - - - - - - - - City to take aim at high-tech criminals An increase in high-tech crime is forcing police to undergo special training to successfully investigate such cases. To ensure there are enough trained investigators the Thousand Oaks City Council approved a $40,207 payment last week to help fund three new computer forensic examiner positions in the Ventura County High-Tech Task Force. - - - - - - - - - - Windows Help Heap Overflow There is a heap based buffer overflow in the rendering engine of .hlp files in winhlp32.exe which will allow some attacker the possibility of modifying the internal structure of the process with a means to execute arbitrary and malicious code. - - - - - - - - - - New spam technique delivers results for spammers SoftScan announced today that in a bid to beat detection and increase the likelihood of their messages being read, spammers are increasingly using a new twist on joe-jobbing (forging the senders email address) that may lead to organisations abolishing the bounce back message. - - - - - - - - - - Alcatel signs up to MS dewormer tech Microsoft has signed up another network vendor to its Network Access Protection (NAP) scheme with the addition of Alcatel to the ranks of supporters of the technology. NAP, due to ship with Longhorn in 2007, provides a policy enforcement bolt-on to Windows that allows admins to restrict access to networks to machines without up-to-date OS patches, properly installed firewalls or anti- virus updates. - - - - - - - - - - IBM tightens up mainframe security IBM is set to launch the System Z9 integrated information processor (zIIP) to work with the company's z9 mainframe. The product, which IBM said will offer a greater degree of security, will be aimed particularly at the financial sector, - - - - - - - - - - Netgear ProSafe VPN Firewall 50 Netgear is undoubtedly best know for its consumer networking products but its ProSafe router lineup aims to provide businesses with that little bit more in terms of features and security options. - - - - - - - - - - Trusted Platform Module gets backing from Via In a move to help users better secure the data on their computers, Taiwanese chip vendor Via Technologies Inc. said Thursday it will add Trusted Platform Module (TPM) support to its line of chip set products.,10801,110099,00.html - - - - - - - - - - Would a Security Monopoly Really Be So Bad? Opinion: It's just a thought experiment, but you can make a good case that competition has failed and that what the security market needs is a monopoly. You could see it coming for years: Microsoft's entry into the security business will be treacherous for other security vendors. It's been about to happen for years and now it will take a little longer. But eventually it should actually happen.,1759,1944811,00.asp Interpol demands secure PCs,39024655,39157721,00.htm Computer specialist says superiors ignored securitywarnings - - - - - - - - - - Why phishing works - university study Researchers at Harvard University and UC Berkeley have published a document explaining why phishing works on general users. The ten-page document, by Rachna Dhamija at Harvard and J.D. Tygar and Marti Hearst at Berkeley, details a small study of 22 participants that looks at today's standard security indicators used with websites. Phishers set hidden traps on eBay Fighting fraud by baiting phishers Why phishing reels punters in Anti-Phishing Tips You Should Not Follow - - - - - - - - - - Perverting Unix Processes The address space of a UNIX process can be used by an attacker to do as many evil actions as possible. One of the most powerful techniques is the execution of a new binary by using a userland execve() implementation. The purpose of this text is to present a tool based on SELF and to explain which elements are involved in its operation. - - - - - - - - - - What Is Wireless Security The new standard in wireless networks--802.11g --offers speed, security, and performance. It is also the most widely employed standard in corporate internal wireless LAN networks. You can transfer data at up to 54Mbps using 802.11g (which is five times the speed of older 802.11b wireless networks). - - - - - - - - - - iSafe: Store Personal Data Securely on Your Mac As an Internet user, you need to keep track of passwords, accounts information, names and much more. One solution is to store everything on your computer and take the risk that anyone can gain access to your valuable information. iSafe is a security solution that will relieve you of the password management chore, while offering complete security and protection to your assets. iSafe 1.6 - - - - - - - - - - 'Kosher Cellphones' Draw Line at Objectionable Calls It sounds like the setup for a punch line: What do you get when you cross an ultra- Orthodox rabbi with a mobile phone? But the "kosher phone" is real and its developers are serious about looking beyond the religious enclaves of Israel. Some Arab companies even have inquired about the phone's main feature: keeping out sex lines and other worldly temptations. (LA Times article, free registration required),1,7479397.story ************************************************************ Digital Investigation is the international journal of digital forensics and incident response. To apply for a free sample copy visit: *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2006,, Campbell, CA.