- Email: [email protected]
FBI employee arrested for insider fraud
news Federal prosecutors would be empowered to freeze all the accounts of anyone charged with international money laundering for 30 days. Under Section 205 of the VICTORY Act, if suspects are found with a blank check, they will be subject to having the entire amount in their account frozen. For example, if individuals travel to London from the US with a blank check and they intend to cash the check for $100, and they have $10,000 in their account, the entire $10,000 will be subject to forfeiture to the government. The VICTORY Act will also make those who engage in off-shore banking subject to anti-terrorism money laundering prosecution. Such individuals would be subject to a
20-year prison sentence and forfeiture of all financial assets. The anti-terrorism provisions of VICTORY would also include drug money laundering as a terrorist-related act if it is done through Hawalahs, Islamic money brokerages. Under the act, any money brokerage could be identified by the government as a Hawalah. Other parts of the VICTORY Act, which have not yet been revealed, are said to give the government even greater surveillance powers than already conferred by the USA-PATRIOT Act. One area may be new restrictions on the use of encryption technology when used in wireless transmissions within the US.
FBI employee arrested for insider fraud
Vendors create database of file signatures
An FBI insider has been charged with unauthorized snooping on sensitive files, having child porn on his computer and a cellphone scam using a banned mobile device. Maria Castillo has been denied bail after appearing before a judge in late July. The FBI translator accessed a computer six times to steal and sell sensitive information. Reports say his activity affected at least one FBI case. “The El Paso FBI is devastated by the overwhelming sense of betrayal we feel,” said Hardrick Crawford, Special Agent in Charge, FBI.
Tripwire, HP, IBM and Sun among others are making their software file signatures available in a database. The vendors say the file records which total 11 million so already, will let customers check file authenticity. The records include file name and digital hash values. Chris Christiansen, VP of analyst IDC, Security Products program believes the database of authentic file signatures will help fight against viruses. “By knowing what the ‘good state’ is, improper and corrupted files can be eliminated”, he said before the malicious files execute harmful commands.
In Brief STUDY REVEALS LONGEVITY OF SLAMMERS AND CODEREDS A study unveiled at the recent Black Hat Briefings conference in Las Vegas offers a bleak diagnosis of network security problems. The study, from Qualys, suggests that exploits may plague computer networks indefinitely. Gerhard Eschelbeck, chief technology officer at Qualys and author of the study, maintained that Slammer, as an example, is not over. His research indicates that the security hole that allows entry to the Microsoft SQL Slammer worm, which first appeared in January of this year (and for which a patch was available as of July 2002), was detected more than 30 times in the first week of February, then sharply declined over the following six weeks to just five detections the week of March 22nd. However, Slammer's hole has made a comeback, with 22 vulnerable PCs detected the week of June 28. For Code Red, the rise is less dramatic, but detectable. From the end of April through the end of June, the research detected a slight rise in the average number of Code Red-vulnerable computers among the networks scanned. Code Red first made an appearance in June 2001. SFO WINS CLAIM OVER VOGON FOR GROSS OVERCHARGING The UK Serious Fraud Office (SFO) won a court dispute with Vogon, claiming the computer forensics vendor overcharged it by just under £300 000 for recovering data for a fraud investigation. As reported in vnunet, the SFO expected a bill of £25 000 for the work, instead of the £314 375 plus VAT presented by Vogon. MS BLASTER WORM KNOCKS NORDIC BANK The Nordea bank in Norway is among the victims of the recent MS Blaster worm. 88 bank branches in Finland closed for one day according to reports.
GNU SITE HACKED VIA ZERODAY EXPLOIT A zero-day exploit has been used to compromise the GNU's project FTP server run by the Free Software Foundation. The zeroday exploit used a ptrace bug to hack the server before the patch was released a week later. The FTP server, gnuftp.gnu.org, was controlled by the hacker from March until the last week of July. The hacker seemed to be mainly using the gnuftp to collect passwords and act as a launch point to attack other machines. Malicious code could have been inserted into the free source code housed on the ftp server for download. CHILD PORN CASE DROPPED AFTER TROJAN DISCOVERED A UK man was acquitted from having child porn images on his PC after Trojan horses were discovered. Julian Green claimed the 172 images were placed there by a Trojan horse. In April another UK man was also cleared from downloading porn after Trojans were uncovered in his computer. FRAUD CASES ALREADY OVERTAKE 2002 Fraud cases for the first half of 2003 already exceed the total number of fraud cases reported for the whole of 2002 in the UK, says KPMG. 83 cases were reported in 2002 compared to 90 this year so far. Although the cases are rising the average value per case is only 3 million compared to 9 million last year. Banking and electronic fraud is up from five cases to 14. Many of these cases were committed by insiders. David Alexander, Fraud Investigation Partner at KPMG Forensics said: “In difficult economic times, the pressure on individuals to commit fraud is increased. This pressure can come from many sources ranging from trying to meet unrealistic profit targets to an inability to pay credit card bills or the mortgage. It is not surprising, therefore, that we are seeing a rise in ‘smaller’ frauds as more and more desperate people turn to fraud as the only way out.”
3
20-year prison sentence and forfeiture of all financial assets. The anti-terrorism provisions of VICTORY would also include drug money laundering as a terrorist-related act if it is done through Hawalahs, Islamic money brokerages. Under the act, any money brokerage could be identified by the government as a Hawalah. Other parts of the VICTORY Act, which have not yet been revealed, are said to give the government even greater surveillance powers than already conferred by the USA-PATRIOT Act. One area may be new restrictions on the use of encryption technology when used in wireless transmissions within the US.
FBI employee arrested for insider fraud
Vendors create database of file signatures
An FBI insider has been charged with unauthorized snooping on sensitive files, having child porn on his computer and a cellphone scam using a banned mobile device. Maria Castillo has been denied bail after appearing before a judge in late July. The FBI translator accessed a computer six times to steal and sell sensitive information. Reports say his activity affected at least one FBI case. “The El Paso FBI is devastated by the overwhelming sense of betrayal we feel,” said Hardrick Crawford, Special Agent in Charge, FBI.
Tripwire, HP, IBM and Sun among others are making their software file signatures available in a database. The vendors say the file records which total 11 million so already, will let customers check file authenticity. The records include file name and digital hash values. Chris Christiansen, VP of analyst IDC, Security Products program believes the database of authentic file signatures will help fight against viruses. “By knowing what the ‘good state’ is, improper and corrupted files can be eliminated”, he said before the malicious files execute harmful commands.
In Brief STUDY REVEALS LONGEVITY OF SLAMMERS AND CODEREDS A study unveiled at the recent Black Hat Briefings conference in Las Vegas offers a bleak diagnosis of network security problems. The study, from Qualys, suggests that exploits may plague computer networks indefinitely. Gerhard Eschelbeck, chief technology officer at Qualys and author of the study, maintained that Slammer, as an example, is not over. His research indicates that the security hole that allows entry to the Microsoft SQL Slammer worm, which first appeared in January of this year (and for which a patch was available as of July 2002), was detected more than 30 times in the first week of February, then sharply declined over the following six weeks to just five detections the week of March 22nd. However, Slammer's hole has made a comeback, with 22 vulnerable PCs detected the week of June 28. For Code Red, the rise is less dramatic, but detectable. From the end of April through the end of June, the research detected a slight rise in the average number of Code Red-vulnerable computers among the networks scanned. Code Red first made an appearance in June 2001. SFO WINS CLAIM OVER VOGON FOR GROSS OVERCHARGING The UK Serious Fraud Office (SFO) won a court dispute with Vogon, claiming the computer forensics vendor overcharged it by just under £300 000 for recovering data for a fraud investigation. As reported in vnunet, the SFO expected a bill of £25 000 for the work, instead of the £314 375 plus VAT presented by Vogon. MS BLASTER WORM KNOCKS NORDIC BANK The Nordea bank in Norway is among the victims of the recent MS Blaster worm. 88 bank branches in Finland closed for one day according to reports.
GNU SITE HACKED VIA ZERODAY EXPLOIT A zero-day exploit has been used to compromise the GNU's project FTP server run by the Free Software Foundation. The zeroday exploit used a ptrace bug to hack the server before the patch was released a week later. The FTP server, gnuftp.gnu.org, was controlled by the hacker from March until the last week of July. The hacker seemed to be mainly using the gnuftp to collect passwords and act as a launch point to attack other machines. Malicious code could have been inserted into the free source code housed on the ftp server for download. CHILD PORN CASE DROPPED AFTER TROJAN DISCOVERED A UK man was acquitted from having child porn images on his PC after Trojan horses were discovered. Julian Green claimed the 172 images were placed there by a Trojan horse. In April another UK man was also cleared from downloading porn after Trojans were uncovered in his computer. FRAUD CASES ALREADY OVERTAKE 2002 Fraud cases for the first half of 2003 already exceed the total number of fraud cases reported for the whole of 2002 in the UK, says KPMG. 83 cases were reported in 2002 compared to 90 this year so far. Although the cases are rising the average value per case is only 3 million compared to 9 million last year. Banking and electronic fraud is up from five cases to 14. Many of these cases were committed by insiders. David Alexander, Fraud Investigation Partner at KPMG Forensics said: “In difficult economic times, the pressure on individuals to commit fraud is increased. This pressure can come from many sources ranging from trying to meet unrealistic profit targets to an inability to pay credit card bills or the mortgage. It is not surprising, therefore, that we are seeing a rise in ‘smaller’ frauds as more and more desperate people turn to fraud as the only way out.”
3