NewsBits for September 8, 2004 ************************************************************ Sasser worm suspect charged with computer sabotage A German teenager who authorities say confessed to creating the Sasser computer worm in May has been charged with computer sabotage. Sven Jaschan, 18, was arrested after telling officials he originally wanted to create a virus, Netsky, to automatically removed two other viruses, Mydoom and Bagle, from infected computers. He had developed several versions of Netsky and, after modifying it, created Sasser. - - - - - - - - - - Court says any sampling may violate copyright law A federal appeals court ruled Tuesday that rap artists should pay for every musical sample included in their work even minor, unrecognizable snippets of music. Lower courts had already ruled that artists must pay when they sample another artists' work. But it has been legal to use musical snippets a note here, a chord there as long as it wasn't identifiable. - - - - - - - - - - One can get 15 years jail for hacking Microsoft was forced to spend 1bn of US dollars on protection of their Windows operation systems from hackers, viruses and "phishers". The global software giant was frightened by unprecedented attacks of hackers on the UK-based online gambling companies, weren't they? Cyber blackmailers extorted companies' top-management demanding sums up to $0,5mn. The Englishmen sell the notion that they incurred 49mn of GBP losses. - - - - - - - - - - Email inboxes get respite from smut The volume of pornographic images sent as email attachments is declining, according to MessageLabs. The email filtering firm recorded one pornographic or otherwise inappropriate email for every 4,756 messages sent through its service for the six months from March August 2004. In the same period last year, the ratio was one in 1,357 (0.07 per cent). These figures refer to porno emails and the like sent to MessageLabs customers by their mates not those sent by spammers, Paul Wood, chief information analyst at MessageLabs, explained. Spam frittered away by FBI diet An American cyber-crime initiative may be helping to limit volumes of spam and viruses, according to MessageLabs. The security firm has reported a 10 per cent fall in the amount of spam it has seen hitting mailboxes in August, and that the proportion of emails carrying viruses dropped about half a per cent during the same month. - - - - - - - - - - Apple fixes 15 flaws in Mac OS X Apple Computer released an update to its Mac OS X operating system on Tuesday to fix 15 security issues in the software. Many of the problems are flaws in the operating system's underlying open- source software, including a critical flaw in the Kerberos authentication system--software that can act as a gatekeeper for computer networks. The patch is available for Mac OS X 10.3.5 and Mac OS X 10.3.4, and also fixes issues in Mac OS X 10.2, known as "Jaguar." - - - - - - - - - - Are hackers using your PC to spew spam and steal? Last Christmas, Carty purchased a Dell desktop computer, then signed up for a Comcast high-speed Internet connection. But her new Windows XP machine crashed frequently and would only plod across the Internet. Dell was no help. The PC maker insisted correctly that Carty's hardware worked fine. - - - - - - - - - - Microsoft under your thumb Microsoft is set to introduce a new line of keyboards and mice Wednesday, including models with built-in fingerprint readers. Unlike most current implementations of biometrics, the new keyboard, mouse and standalone fingerprint reader use the technology not for security but convenience. The accompanying software memorizes the passwords Web surfers have to remember to get around the Web and automatically supplies the right password, once the fingerprint reader verifies who's there. - - - - - - - - - - Security appliance protects remote sites The latest addition to Internet Security's line of integrated security appliance, Proventia M10, aims to deliver enterprise-level security to the remote offices of large organizations. Remote offices often lack the dedicated security resources and budgets of parent offices, according Internet Security. The Proventia M10 makes it unnecessary to install and manage separate gateway and network firewall, anti-virus, intrusion prevention, content filtering and VPN products at each location. - - - - - - - - - - StillSecure enforces network security policies StillSecure announced last week the release of Safe Access version 2.0, which tests all PCs on a network and gives access only to those that meet an organization's established security policies, while quarantining others. The new version adds agent- less support for internal LANs, LDAP integration, and enhanced access management. - - - - - - - - - - Software 'rewinds' corrupted servers XOsoft today announced the release of Enterprise Rewinder, which promises data centers "instantaneous recovery" from application corruption.The software is designed to provide enterprises with the highest application availability while minimizing data loss and time to recovery, XOsoft said. In case of corruption, it enables administrators to "rewind" affected application servers to the most recent consistent state. - - - - - - - - - - Secure FTP for Pocket PCs Software and IT-services developer NSC on Tuesday released ShareIt FTP Pro 1.7, an FTP server designed to run on Pocket PC handhelds. ShareIt FTP enables users to transfer and manage files on Internet-connected mobile devices. The latest version includes security features and performance enhancements designed to make transferring information across wireless and public networks safer and more reliable, NSC said. - - - - - - - - - - Feast of Egos Eager to tarnish Microsoft's shiny new Service Pack 2, the security press managed to spin the most thin and marginal issues into "gaping holes" and "security craters." Some time back, while looking over resumes accompanying applications for a senior network administrator position our company was offering, I saw one with a strange signature quote at the bottom. It read: "In the Feast of Egos, everyone leaves hungry." - - - - - - - - - - Metasploit Framework, Part Two In the first part of this article series, we discussed how writing exploits is still a painful and time-consuming process. We discussed the common obstacles faced during exploit development and how the Metasploit Framework can solve some of the problems. This article will start off with a brief introduction to the console interface and explain how to select and use an exploit module. We will then cover the environment system, how it works, and what features can be enabled through it. - - - - - - - - - - OMB forming group to coordinate terrorist information sharing The Office of Management and Budget, in response to an order from President Bush, is forming an interagency council to coordinate the sharing of terrorist information. Clay Johnson, OMBs deputy director for management, will chair the new Information Systems Council. Karen Evans, OMBs administrator for e-government and IT, will be its executive director. Evans detailed plans for the new group today at the IRM Council 2004 conference. Intelligence reform bill would mandate new network - - - - - - - - - - NASA prepares BlackBerry backup With Florida facing the possibility of its third hurricane in a month, NASA is putting together a backup plan for its message system based on Research in Motion Ltd. BlackBerry devices. Last week, NASA officials turned off networks at Kennedy Space Center rather than have Hurricane Frances bring them down. This time, officials hope to have a PIN-to-PIN system based on personal identification numbers that would allow workers to communicate directly with one another if NASA has to shut down networks again, according to agency spokeswoman Melissa Mathews. - - - - - - - - - - 419ers launch online educational facility We're delighted to report today that would-be 419 advance fee fraudsters can now avail themselves of the finest academic training available anywhere, courtesy of the University of Nigeria. This new online resource - which heralds itself as the "World leader in ethical business studies" and "creator of the advance fee methodology and related business technologies" - will certainly prove a great hit among the lads from Lagos eager to gain paper qualifications in their chosen career. Watchdog mauls internet directory for bogus invoices *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2004,, Campbell, CA.