NewsBits for April 25, 2006 ************************************************************ Leaks of Military Files Resume Just days after U.S. troops were ordered to plug a security breach at their base here, the black market trade in computer memory drives containing military documents was thriving again Monday. (LA Times article, free registration required) http://www.latimes.com/technology/la-fg-drives25apr25,1,3762058.story - - - - - - - - - - Ex-Youth Minister Gets 5 Years in Child-Porn Case A former Brea youth pastor was sentenced Monday to five years in federal prison and lifelong probation for sending child pornography to an undercover FBI agent, officials said. (LA Times article, free registration required) http://www.latimes.com/news/printedition/california/la-me-rbriefs25.2apr25,1,255526.story - - - - - - - - - - Ex-officer indicted for child porn A federal grand jury in Birmingham returned a one-count indictment Monday charging former Huntsville police officer Kenneth Duane Haga with child pornography, said U.S. Attorney Alice H. Martin. http://www.al.com/news/huntsvilletimes/index.ssf?/base/news/1145956650238210.xml - - - - - - - - - - Ex-teacher faces child-porn charges A former Mechanicsburg Area Senior High School teacher has been charged with possession of child pornography, according to a federal prosecutor. Joseph J. McHugh III, 44, of Carlisle, also is charged with using his home computer to obtain child pornography over the Internet, said Thomas A. Marino, the U.S. attorney for the Middle District of Pennsylvania. http://www.pennlive.com/news/patriotnews/index.ssf?/base/news/1145956893113500.xml - - - - - - - - - - Man jailed on child porn charges A Lakeport man has been booked into the Glades County Jail under a bond of $915,000 after being arrested on numerous child pornography charges. http://www.newszap.com/articles/2006/04/24/fl/lake_okeechobee/aoke02.txt - - - - - - - - - - Child porn boom tech driven A man is charged with taking pornographic photos of several children. Another pleads guilty after a computer technician finds dozens of images of child pornography on the computer he brought in for repair. Still another pleads guilty to video taping himself having sex with a minor. All happened within the past few months in the Rapid City area. http://www.rapidcityjournal.com/articles/2006/04/24/news/local/news01a.txt - - - - - - - - - - New phase in war on net paedophiles A new law-enforcement agency has been set up to tackle child exploitation online. Will it work? The Child Exploitation and Online Protection Centre (CEOP) will be staffed 24 hours a day by about 100 police, computer technicians and child welfare specialists. http://news.bbc.co.uk/1/hi/uk/4937872.stm Lord: 'British FBI' will be private Home Office police The powers and scope of the newly formed Serious and Organised Crime Agency (SOCA) are far too broad, a leading parliamentary figure said on Tuesday. http://news.zdnet.co.uk/0,39020330,39265311,00.htm Cybercops alive and kicking http://www.theregister.co.uk/2006/04/25/infosec_blog_four/ - - - - - - - - - - Council releases blueprint for federal cybersecurity research President Bush's science and technology council has released a blueprint for coordinating federal interagency cybersecurity research and development. http://www.govexec.com/story_page.cfm?articleid=33927 - - - - - - - - - - Data theft disclosure meant less pain for LexisNexis After a high-profile security breach exposed personal data about thousands of customers, LexisNexis found that being forthright was the best approach, according to a company executive. http://computerworld.com/securitytopics/security/story/0,10801,110866,00.html - - - - - - - - - - UK enterprises suffer costly breaches The number of security breaches at large U.K. companies dropped by half over the last two years as larger budgets have been allocated to that area, according to a government-commissioned study released Tuesday. http://computerworld.com/securitytopics/security/story/0,10801,110863,00.html Cost of hack attacks against UK firms rising fast http://www.vnunet.com/vnunet/news/2154731/hack-attacks-targeting-uk-firms Study finds sharp drop in UK online attacks http://news.zdnet.co.uk/internet/security/0,39020375,39265308,00.htm UK PLC security prognosis mixed http://www.theregister.co.uk/2006/04/25/isbs_2006/ - - - - - - - - - - Mafia insiders infiltrating firms, U.K. cops warn Employees are still one of the greatest threats to corporate security, as "new-age" mafia gangs infiltrate companies, the U.K.'s crime-fighting agency has said. Speaking on Tuesday at the Infosecurity 2006 conference in London, Tony Neate, e-crime liaison for the Serious Organised Crime Agency (SOCA), said insider "plants" are causing significant damage to companies. http://news.com.com/Mafia+insiders+infiltrating+firms%2C+U.K.+cops+warn/2100-7348_3-6064954.html Security giants converge on London Annual InfoSec conference kicks off today Over 10,000 attendees will descend on 300 exhibition stalls at the annual Infosecurity conference in Olympia which kicks off today. http://www.vnunet.com/vnunet/news/2154611/security-businesses-converge - - - - - - - - - - Stolen laptops hand hackers keys to the kingdom As web apps are becoming more secure stolen laptops have become among the easiest ways to break into corporate networks. High profile firms such as Fidelity and Ernst and Young along with celebrities such as Kevin Costner have lost laptops over recent months. Concern over these thefts has focused on the exposure of data left on these devices. But the potential to use stolen kit to lift user credentials also poses a grave risk. http://www.theregister.co.uk/2006/04/25/stolen_laptop_peril/ - - - - - - - - - - Web Attacker Sites Increase Websense Security Labs is seeing large increases in drive-by installations of malicious code that is hosted on websites that are using the Web Attacker Toolkit. When a user visits one of the nearly 1000 sites that are being used to run code without user intervention, a Trojan Horse is downloaded and run. It can log keystrokes, download additional code, or open backdoors on the user's machine. http://www.it-observer.com/news/6170/web_attacker_sites_increase/ The realities of risk http://computerworld.com/securitytopics/security/story/0,10801,110643,00.html Stripping security down to the data level http://www.theregister.co.uk/2006/04/25/data_level_security/ - - - - - - - - - - China Web portals pledge stronger self-policing China's top Web portals, including Sina and Tom Online, have agreed to rid their sites of "unhealthy" content, amid a broader Beijing campaign to clean up the Internet. http://news.com.com/2100-1028_3-6064628.html - - - - - - - - - - Bots increasingly behind cybercrime Online fraudsters and data thieves are more frequently using bot networks to get home and business PCs to do their bidding, with some estimates of the number of infected systems as high as 47 million. http://www.securityfocus.com/brief/195 - - - - - - - - - - Brazilian cyber crime The rapid rise of the global economy is reshaping the way New Jersey companies do business, creating new opportunities and challenges. This weekly column explores the growing ties between Garden State businesses and the rest of the world. http://www.crime-research.org/news/25.04.2006/1960/ - - - - - - - - - - Bugs bite into popular browsers Newly disclosed, unpatched security flaws in three browsers could make the Web a more dangerous place to surf, experts have warned. http://news.com.com/Bugs+bite+into+popular+browsers/2100-1002_3-6065048.html - - - - - - - - - - Bluetooth virus leaves mobile users out of pocket A newly detected mobile phone virus is charging mobile phone users $5 to send a premium rate SMS message, security experts warned today at Infosec Europe 2006. http://www.vnunet.com/vnunet/news/2154728/bluetooth-virus-leaves-mobile - - - - - - - - - - Symantec Patches Trio of Scan Engine Flaws Anti-virus powerhouse Symantec has released patches for three "moderately critical" security vulnerabilities that could put users at risk of security bypass and information exposure attacks. http://www.eweek.com/article2/0,1759,1953579,00.asp - - - - - - - - - - Microsoft offers free tech support with Internet Explorer 7 Beta 2 Microsoft has released for free public download beta 2 of Internet Explorer 7 for Windows XP. This latest version of Microsoft's next browser has few visible changes from the Beta 2 preview edition posted on March 20. http://computerworld.com/developmenttopics/websitemgmt/story/0,10801,110848,00.html - - - - - - - - - - Password overload hurts security, survey finds Security breaches from computer viruses, spyware, hacker attacks and equipment theft are costing British business billions of pounds a year, according to a survey released Tuesday. http://news.com.com/Password+overload+hurts+security%2C+survey+finds/2100-7355_3-6064668.html Weak passwords leave firms open to hackers http://www.vnunet.com/vnunet/news/2154725/weak-passwords-leave-firms-open - - - - - - - - - - 60 billion e-mails a day, much of it spam Internet users around the world send an estimated 60 billion e-mails every day and many of these are spam or scam attempts, business leaders said on Tuesday. http://www.msnbc.msn.com/id/12480457/ - - - - - - - - - - How to catch a cyber criminal? Do it yourself Though law enforcement has come a long way in fighting e-crime, its efforts are still only scratching the surface and businesses are learning they must build cases against culprits themselves, says Ron Condon. http://software.silicon.com/malware/0,3800003100,39158294,00.htm How To Stop Internet Identity Theft http://www.newsfactor.com/story.xhtml?story_id=121000033DZQ - - - - - - - - - - Detecting mischievous activity Computing magazine recently ran a major feature on security. In particular, it focused on internal as opposed to external threats, reflecting the fact that, according to the (former) National Hi-Tech Crime Unit, some 38 per cent of financial fraud in the UK is a result of internal security breaches. http://www.theregister.co.uk/2006/04/25/internal_security_risk/ - - - - - - - - - - Americans uncomfortable with new surveillance technologies Perhaps you were chosen for additional airport screening while rushing to catch a flight. Or you noticed a video camera watching your every move the last time you entered a bank, shopping mall or department store. Responses vary when people are confronted with actions aimed at improving security or service, which may also affect their privacy. http://computerworld.com/securitytopics/security/story/0,10801,110708,00.html - - - - - - - - - - DHS to check port workers against terrorist watch lists The Homeland Security Department will begin checking the identities of port workers for the first time under a rule announced Tuesday, and soon may take new action on a long-delayed program to issue identification cards for those who access sensitive areas of ports. http://www.govexec.com/story_page.cfm?articleid=33932&sid=28 Head of visitor tracking program wants global ID system http://www.govexec.com/story_page.cfm?articleid=33925 ID cards 'taking focus away from e-crime' http://news.zdnet.co.uk/internet/security/0,39020375,39265316,00.htm ID card spending doubles to PS56m http://news.zdnet.co.uk/business/legal/0,39020651,39265296,00.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2006, NewsBits.net, Campbell, CA.