contributed by Emmanuel Goldstein
Date: 4/23/99 07:45
Received: 4/23/99 07:55
From: Emmanuel Goldstein, emmanuel@2600.com
To: undisclosed-recipients:;

2600 has obtained the letters sent to the FBI that were used to help calculate "damages" caused by Kevin Mitnick. The following letters can be thought of as the main reasons why Kevin was able to be held without bail for so long and will no doubt be used at his sentencing on June 14 to impose more harsh conditions.

As far as we know, no mention of any of these "losses" was ever made to any of the stockholders of these companies, which to our understanding they are required to do if losses of this magnitude actually took place.

We're making these public because the public needs to know how individuals can be locked away for so long just for pissing off powerful corporations. We believe this also demonstrates how the FBI prodded these companies into giving as inflated a figure as possible.

Happy reading.

emmanuel

2600.com
FREE KEVIN

Letters from Sun, NEC, Nokia, Nokia UK, and Novell

contributed by Weld Pond
Three days after initial reports many online retailers have still not fixed their e-commerce holes. Many merchants are still spewing out private customer information such as credit card and home phone numbers. The problem is a result of poorly or improperly configured e-commerce software that leaves logs and other files in world readable locations on web servers.

C|Net
BugTraq Archives- Technical Details

contributed by nVirb
Time for the fear mongering over a truly destructive virus to begin. CIH is date stamped to go off on April 26 every year and has the potential to delete all of your data and overwrite your BIOS. While CIH has been a known virus for the last eight months it is unknown how far it has spread or how prevalent it may be. Melissa may have been a blessing in disguise at it forced many people to update their virus software

PC World
Wired
ZD Net

contributed by Paul
An employee of a software company in Toshima Ward, Tokyo has been arrested for creating forged cash cards. The suspect is believed to have stole 8.95 million yen using 17 cash cards. The cards where evidently forged using stolen data, magnetic strips and by guessing the PIN numbers. Police caught the man by using the ATM security cameras.

Daily Yomuri

contributed by Chang
Under a new bill in Japan, it would be considered a criminal case if a user breaks into a Web site with a random ID and password. This bill may generate many "innocent criminals" instead of merely focusing on hard-core code crackers. The bill also places vague burdens onto Network Administrators claiming that they must maintain security but not saying how much.

Asia Biz Tech

contributed by alexandre
Another desktop security package has been announced, this one is BlackICE Pro from Network Ice. Nothing here but buzzwords and propaganda. The interesting point about this one is that it is sold much like anti-virus software that constantly needs updates.

CNN

contributed by hiram
Comsec CEO Nissim Barel is afraid that crackers will use the Y2K scare as cover to attack a wide variety of computer systems. According to Barel many such attacks may be attributed to Y2K bugs and not treated as security threats. (Ed Note: Any Systems Administrators who mistake a cyber attack for a Y2K bug probably should be out of a job anyway.)

Israel's Business Arena

contributed by Anonymous
Cracked
The Cold Fusion bug found two days ago by L0pht Heavy Industries, Inc. is forcing a lot of admins to patch their systems. Many are not doing it fast enough. Here are the cracks reported to HNN, many supposedly cracked with this hole.
http://www.jsims.mil/
http://stan.rmi.net
http://www.herbonline.com
http://www.towngreen.com - For the seventh time!
http://www.luresa.com
http://www.shastacollege.edu
http://www.gaywired.com
http://acceso2.uv.es
http://www.icao.int
http://www.infomanage.com
http://www.shasta.cc.ca.us
http://www.hpsd.com
http://www.chinatv.net
http://nutrition.uvm.edu
http://www.silkpainting.com