Six men have been accused of running the world’s most prolific music piracy ring, an online crew federal prosecutors allege delivered more than 25,000 copyrighted albums, often before they were officially released.
As members of Rabid Neurosis, or RNS as the group was called, they tapped insiders at music retailers, radio stations, and CD manufacturing plants, who were able to get their hands on music titles before their commercial release in the US. In other cases, they turned to affiliates elsewhere in the world, who were able to supply music that was not yet available in America.
“These reproductions were done for the benefit of the members of RNS and other affiliated piracy groups, in that, by getting a reputation for providing pirated materials that were previously unavailable on the piracy scene, RNS members were granted access to massive libraries of pirated music, video games, software and movies,” prosecutors alleged in court documents filed Wednesday.
Seems like the Feds have been busy in recent year, all kinds of hackers, phishers an dnow pirates are getting arrested and imprisoned for some serious jailtime.
The latest in this strung of busts is the music piracy ground RNS or Rabid Neurosis, very eminent in the scene in the late 90s/early 2000s.
They have an impressive record though often releasing full retail albums before they were for sale! They stopped around 2007 tho, I guess that’s when Bit Torrent and p2p was really taking off.
25,000 albums is a serious number though I’d guess their restitution is definitely going to be in the millions. But then historically the fines given out for piracy cases has just been completely ridiculous.
The most likely outcome, 6 more people filling for bankruptcy.
The claim of personal benefit is important, since sentencing guidelines frequently require a showing that copyright infringers financially gained from their activities.
Wednesday’s indictment, filed in US District Court in the Eastern District of Virginia, named Adil R. Cassim, 29, of Granada Hills, California, the alleged leader of the group, Matthew D. Chow, 28, of Missouri City, Texas, Bennie L. Glover, 35, of Shelby, North Carolina, an employee of a CD production plant, and Edward Mohan II, 46, of Baltimore.
Each was charged with a single count of conspiracy to commit copyright infringement. If convicted each faces a maximum sentence of five years in prison and a fine of $250,000, in addition to a possible order to pay restitution.
Patrick L. Saunders, 30, of Brooklyn, New York, was charged in August and pleaded guilty on Tuesday to one count of copyright infringement. James A. Dockery, 39, of Mooresboro, North Carolina was charged on Tuesday.
Tags: Federal Case, Legal Issue, Music Privacy, Privacy
MySqloit is a SQL Injection takeover tool focused on LAMP (Linux, Apache,MySql,PHP) and WAMP (Linux, Apache,MySql,PHP) platforms. It has the ability to upload and execute metasploit shellcodes through the MySql SQL Injection vulnerabilities
This tool is written to demostrate how remote code execution can be performed on a database connector that do not support stack queries.
Features:
SQL Injection detection using time based injection method Database fingerprint Web server directory fingerprint Payload creation and execution
mysqloit presently supports only Linux platform.
Download version 0.1 here
Tags: Hacking mysql, lamp, sql-injection, wamp, web application security
Are you and your system is a part of a Skynet and Firesale which can probabaly take down the human race?…
Skynet and Firesale! Wondering what I’m talking about a review of Termionator’s Judgmental day or Bruce Willis – Die Hard 4.0. Then you are some what wrong. Trying to provide you all an update about the Fool’s day Aka aka Conficker worm.
What is a Skynet?
Skynet is a fictional, computer-based military defense system and a concept that is established and frequently mentioned in the Terminator series of films and games. It is a fictional example of an artificial intelligence that becomes sentient, and turns on its creators. Skynet is the main antagonist in the Terminator series
What is a Cyber Firesale?
Potentially devastating consequences of an electronic attack, especially when used in conjunction with or as a precursor to a physical attack. It may be just that cyber attack that enables the physical attack. Just like our combined sea, air and land battle plans, ‘cyber’ is a core component.
This type of hysteria we are having to going have to deal with every decade. Remember Y2K?
Conficker, also known as Downadup or Kido, first appeared last November, is a computer worm targeting the Microsoft Windows operating system. Conficker is an aggressive worm that has crawled into millions of machines probabdly by now 7-10 million of computers.
Conficker has variants from A to E.
Variants A, B, C and E exploit a vulnerability in the Server Service on Windows computers, in which an already-infected source computer uses a specially-crafted RPC request to force a buffer overflow and execute shellcode on the target computer.
Variants B and C can remotely execute copies of themselves through the ADMIN$ share on computers visible over NetBIOS. If the share is password-protected, a dictionary attack is attempted.
Variants B and C place a copy of their DLL form on any attached removable media (such as USB flash drives), from which they can then infect new hosts through the Windows AutoRun mechanism.
Payload Propagation of Conficker:
Variant A payloads are first SHA1-hashed and RC4-encrypted with the 512-bit hash as a key. Variants B, C and E perform in-memory patches to NetBIOS-related DLLs to close MS08-067 and watch for re-infection attempts through the same vulnerability. Variants D and E create an ad-hoc peer-to-peer network to push and pull payloads over the wider Internet.
To check is your system infected with Conficker follow the Eye Chart of ConfickerWorkingGroup.
Microsoft has released a removal guide for the worm, and recommends using the current release of its Windows Malicious Software Removal Tool to remove the worm, then applying the patch to prevent re-infection.
Third-party anti-virus software vendors have released detection updates to their products and are able to remove the worm.
Automated remote detection:
The United States Computer Emergency Readiness Team (US-CERT) recommends disabling AutoRun to prevent Variant B of the worm from spreading through removable media. Prior to the release of Microsoft knowledgebase article KB967715.
If hackers can control all the infected systems all around the world imagine the magnitude of the attack. This can make the Skyenet or Cyber Firesale quite possible.
Will you allow other to control you system and take down the internet infrastructure and will effect the human race.
Till Bruce Willis comes to bring this Skynet down keep you system safe with latest updates of windows and anti-virus, anti-malwares products. Use original products and kill privacy 
Tags: Cyber Firesale, Firesale, Skynet
Trafscrambler is an anti-sniffer/IDS LKM(Network Kernel Extension) for OSX, licensed under BSD.
Version 0.2 implements following:
-all from version 0.1
-injection of packets with bogus data and with randomly selected bad TCP cksum or bad TCP sequences
-userland binary(tsctrl) for controlling trafscrambler NKE
Version 0.1 implements following:
• SYN decoy – sends out number of SYN pkts before the original SYN pkt
• TCP reset attack – sends out RST/FIN pkt with bad sequence
• Pre-connection SYN – sends out SYN with wrong TCP-checksum
• Post-connection SYN – sends out fake SYN after connection establishment
• Zero Window – send out pkt with “0” window set.
You can download Trafscrambler 0.2 here:
(sha256: fa6467defc5898d3d8beae8d23338a8978e1e90bd33e00f07621ebd82993a881)
Xplico extracts vital information from a pcap file for forensic analysis, Xplico can extract email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), and so on. Xplico is an enhanced open source Network Forensic Analysis Tool (NFAT).
Some of the Xplico features include:
• Protocols supported: HTTP, SIP, IMAP, POP, SMTP, TCP, UDP, IPv6
• Port Independent Protocol Identification (PIPI) for each application protocol
• Multi-threading
• Output data and information in SQLite database or Mysql database and/or files
• At each data reassembled by Xplico is associated a XML file that uniquely identifies the flows and the pcap containing the data reassembled
• Real-time elaboration (depends on the number of flows, the types of protocols and by the performance of computer -RAM, CPU, HD access time, …-)
• TCP reassembly with ACK verification for any packet or soft ACK verification
• Reverse DNS lookup from DNS packages contained in the inputs files (pcap), not from external DNS server
• No size limit on data entry or the number of files entrance (the only limit is HD size)
Xplico can be downloaded from here.
Xplico package for Ubuntu 9.04. is available here.
Wordpress is back in news again. It’s suspected some of the recent high profile breaches have come from Wordpress exploits. Which is in fact very simple but effective flaw.
An attacker could exploit this vulnerability to compromise the admin account of any wordpress/wordpress-mu <= 2.8.3
From what I can tell the vulnerability allows an attacker to reset the admin user account without having a valid email address. This could certainly be used in a denial of service vulnerability, locking an admin out their site by continually changing the password.
You can change any admin password on any WordPress blog as follows
http://your_domain_name.TLD/wp-login.php?action=rp&key[]=
A Quick fix for the vulnerability is as follows
Quick fix: replace line 190 from wp-login.php with
if ( empty( $key ) || is_array( $key ) )
I request all the readers to upgrade their WP hosting to 2.8.4 release.
Read the latest Security press release from Word Press here