Monday, November 23, 2009

Georgia Monitors Sex Offenders' Internet Activities by Using RemoteCOM

/PRNewswire/ -- On 11-19-2009 the State of Georgia Department of Corrections renewed a contract with RemoteCOM to monitor the Internet and computer activities of sex offenders on probation. As part of the new Georgia SB 474 it requires registered sex offenders to submit to computer monitoring and limitations of Internet access.

RemoteCOM is a computer monitoring company that specializes in the monitoring of the computers of offenders that are on parole or probation. CEO/President Robert Rosenbusch writes, "Everything is based on needs, and we have realized there is a tremendous need to keep our children safe as they surf the Internet. We have found that several courts have ruled that denying the sex offender access to the Internet is much like denying them access to a phone, and feel that this is overbearing given today's dependence on computers and computer-related technologies. Therefore they have put the burden on the probation departments to find ways to manage the offender's computer use, to ensure that they do not violate the conditions of their probation. The Georgia Department of Corrections has taken a tremendous step forward in trying to protect their communities and children by providing this type of monitoring."

One of the main focuses of RemoteCOM's services is to keep our children safe online. The second is to provide both technical and human resources to our probation and parole departments as they manage these offenders in our society. It has become apparent over the years that these departments are stretched thin with personnel and they carry a heavy case load. They are extremely limited in the time and resources they have, and would not have time to monitor these individuals' computer data on a daily basis. That is why RemoteCOM provides the assistance of doing the monitoring for them, and provides them with up-to-date alerts when monitors encounter something that may be a part of the offenders' grooming cycle or if they continue with any illegal activity.

-----
www.fayettefrontpage.com
Fayette Front Page
www.georgiafrontpage.com
Georgia Front Page

Thursday, November 19, 2009

FDA Issues 22 Warning Letters to Web site Operators

The U.S. Food and Drug Administration today completed a coordinated, weeklong, international effort, called the International Internet Week of Action (IIWA), intended to curb illegal actions involving medical products.

During the effort, the FDA’s Office of Criminal Investigations (OCI), in conjunction with the Center for Drug Evaluation and Research and the Office of Regulatory Affairs, Office of Enforcement, targeted 136 Web sites that appeared to be engaged in the illegal sale of unapproved or misbranded drugs to U.S. consumers. None of the Web sites are for pharmacies in the United States or Canada.

The agency issued 22 warning letters to the operators of these Web sites and notified Internet service providers and domain name registrars that the Web sites were selling products in violation of U.S. law. In many cases, because of these violations, Internet service providers and domain name registrars may have grounds to terminate the Web sites and suspend the use of domain names.

“The FDA works in close collaboration with our regulatory and law enforcement counterparts in the United States and throughout the world to protect the public,” said FDA Commissioner Margaret A. Hamburg, M.D. “Many U.S. consumers are being misled in the hopes of saving money by purchasing prescription drugs over the Internet from illegal pharmacies. Unfortunately, these drugs are often counterfeit, contaminated, or unapproved products, or contain an inconsistent amount of the active ingredient. Taking these drugs can pose a danger to consumers.”

The IIWA is an initiative sponsored by the International Criminal Police Organization, the World Health Organization's International Medical Products Anti-Counterfeiting Task Force, the Permanent Forum on International Pharmaceutical Crime, and national health and law enforcement agencies from 26 participating countries.

The goal of the IIWA is to protect public health by:

* increasing the public's awareness about the dangers and risks associated with purchasing drugs and medical devices from Web sites
* identifying producers and distributors of counterfeit and illegal pharmaceutical products and medical devices
* targeting these individuals and businesses with civil or criminal action
* seizing counterfeit and illegal products and removing them from the supply chain.

Code named Operation Pangea II, the IIWA provided an opportunity to enhance cooperation among international and domestic regulatory and law enforcement partners to effectively act against those involved in the manufacture and distribution of illegal medications.

During the week, OCI and FDA import specialists joined with Immigration and Customs Enforcement, Customs and Border Protection, the Drug Enforcement Administration, and the U.S. Postal Inspection Service to target and interdict shipments of violative pharmaceutical products moving through certain International Mail Facilities (IMFs) and express courier hubs.

-----
www.fayettefrontpage.com
Fayette Front Page
www.georgiafrontpage.com
Georgia Front Page

Wednesday, November 18, 2009

Spear Phishing E-mails Target U.S. Law Firms and Public Relations Firms

The FBI assesses with high confidence that hackers are using spear phishing e-mails with malicious payloads to exploit U.S. law firms and public relations firms. During the course of ongoing investigations, the FBI identified noticeable increases in computer exploitation attempts against these entities.

The specific intrusion vector used against the firms is a spear phishing or targeted socially engineered e-mail designed to compromise a network by bypassing technological network defenses and exploiting the person at the keyboard. Hackers exploit the ability of end users to launch the malicious payloads from within the network by attaching a file to the message or including a link to the domain housing the file and enticing users to click the attachment or link.

Network defense against these attacks is difficult as the subject lines are spoofed, or crafted, in such a way to uniquely engage recipients with content appropriate to their specific business interests. In addition to appearing to originate from a trusted source based on the relevance of the subject line, the attachment name and message body are also crafted to associate with the same specific business interests. Opening a message will not directly compromise the system or network because the malicious payload lies in the attachment or linked domain. Infection occurs once someone opens the attachment or clicks the link, which launches a self-executing file and, through a variety of malicious processes, attempts to download another file.

Indicators are unreliable to flag in-bound messages; however, indicators are available to determine an existing compromise. Once executed, the malicious payload will attempt to download and execute the file ‘srhost.exe’ from the domain ‘http://d.ueopen.com’; e.g. http://d.ueopen.com/srhost.exe. Any traffic associated with ‘ueopen.com’ should be considered as an indication of an existing network compromise and addressed appropriately.

The malicious file does not necessarily appear as an ‘exe’ file in each incident. On occasion, the self-executing file has appeared as other file types, e.g., ‘.zip’, ‘.jpeg’, etc.

Please contact your local field office if you experience this network activity and direct incident response notifications to DHS and U.S. CERT.

-----
www.fayettefrontpage.com
Fayette Front Page
www.georgiafrontpage.com
Georgia Front Page

Tuesday, November 3, 2009

Fraudulent Automated Clearing House (ACH) Transfers Connected To Malware And Work-At-Home Scams

Within the last several months, the FBI has seen a significant increase in fraud involving the exploitation of valid online banking credentials belonging to small and medium businesses, municipal governments, and school districts. In a typical scenario, the targeted
entity receives a "spear phishing" email which either contains an infected attachment, or directs the recipient to an infected web site. Once the recipient opens the attachment or visits the web site, malware is installed on their computer. The malware contains a key logger which will harvest the recipients business or corporate bank account log-in information. Shortly thereafter, the perpetrator either creates another user account with the stolen log-in information, or directly initiates funds transfers by masquerading as the legitimate user. These transfers have occurred as both traditional wire transfers and as ACH transfers.

Further reporting has shown that the transfers are directed to the bank accounts of willing or unwitting individuals within the United States. Most of these individuals have been recruited via work-at-home advertisements, or have been contacted after placing resumes on well-known job search web sites. These persons are often hired to "process payments", or "transfer funds". They are told they will receive wire transfers into their bank accounts. Shortly after funds are received, they are directed to immediately forward most of the money overseas via wire transfer services such as Western Union and Moneygram.

Customers who use online banking services are advised to contact their financial institution to ensure they are employing all the appropriate security and fraud prevention services their institution offers.

The United States Computer Emergency Readiness Team (US-CERT) has made information on banking securely online available at
http://www.us-cert.gov/reading_room/Banking_Securely_Online07102006.pdf.

Protecting your computer against malicious software is an ongoing activity and, at minimum, all computer systems need to be regularly patched, have up to date anti-virus software, and a personal firewall installed. Further information is available at
http://www.us-cert.gov/nav/nt01/.

If you have experienced unauthorized funds transfers from your bank accounts, or if you have been recruited via a work-at-home opportunity to receive transfers and forward money overseas, please notify the IC3 by filing a complaint at www.IC3.gov.

-----
www.fayettefrontpage.com
Fayette Front Page
www.georgiafrontpage.com
Georgia Front Page
www.artsacrossgeorgia.com
Arts Across Georgia