HNS Newsletter
Issue 179 - 15.09.2003.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week.

----------------------------------------------------------------
GET THAWTE’S NEW STEP-BY-STEP SSL GUIDE FOR MSIIS
----------------------------------------------------------------
In this guide you will find out how to test, purchase, install 
and use a Thawte Digital Certificate on you MSIIS web server. 
Throughout, best practices for set-up are highlighted to help 
you ensure efficient ongoing management of your encryption 
keys and digital certificates.
----------------------------------------------------------------
Get you copy of this new guide now:
http://ad.doubleclick.net/clk;6091068;8369143;p
----------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Reviews
6) Software
7) Webcasts
8) Conferences
9) Security world
10) Virus news


[ Security news ]

 
----------------------------------------------------------------

PASSWORDS MULTIPLY AS USERS' RAGE RISES
As logins get more complex, people may be the ones in need of 
a memory upgrade.
http://www.net-security.org/news.php?id=3521


ADRIAN LAMO SPEAKS WITH LEO BEFORE ARREST
The gray-hat hacker talked with 'The Screen Savers' as he 
waited to hear charges before turning himself in.
http://www.net-security.org/news.php?id=3522


PRIVACY'S NEW IMAGE
America's new rules of privacy are coming from the Old Country. 
Here's how Europe is getting America to rethink privacy.
http://www.net-security.org/news.php?id=3523


SECURITY HOLES VEX WEB HOST FIRM
More than a thousand websites hosted by Interland, a leading 
Web-hosting company, appear to have been hacked in the last 
week, according to a security expert. But Interland denies 
there's a problem.
http://www.net-security.org/news.php?id=3524


INTERNET SERVICE PROVIDERS: THE LITTLE MAN'S FIREWALL?
The fast spread of network worms and other malware has 
forced ISPs into implementing packet filtering. In some cases, 
this is the only way to keep the network operating, but it has 
become common to block certain ports permanently even after 
the threat diminishes. We argue in favor of limited, long term 
port blocking.
http://www.net-security.org/news.php?id=3525


ID THEFT HITS 10M AMERICANS A YEAR
A staggering 27.3 million Americans have been victims of 
identity theft in the last five years, according to Federal 
Trade Commission survey out this week.
http://www.net-security.org/news.php?id=3528


RAISING THE STANDARD FOR INFORMATION SECURITY
Key business functions are increasingly reliant on efficient IT 
infrastructures, but security breaches and their impact on 
the business are becoming greater.
http://www.net-security.org/news.php?id=3529


CYBER GUERILLA NETWORKING
Cyber guerillas are hunting your wireless signals and gathering 
your private information. Find out how to combat them.
http://www.net-security.org/news.php?id=3530


ENCRYPTION? GIVE IT A REST
Any hacker can tell you that data 'at rest' is much easier to 
access, but security efforts are being targeted in the wrong 
place, using complex, costly encryption schemes for data 
in motion.
http://www.net-security.org/news.php?id=3531


LINUX FOR WINDOWS ADMINISTRATORS WITH DELIXUS 8.0
Delixus 8.0 makes administering a Linux server almost seamless 
to the Windows environment most people are used to.
http://www.net-security.org/news.php?id=3532


QUANTUM CRYPTOGRAPHY GETS NANOTUBE BOOST
The U.S. Department of Defense is very interested in developing 
quantum cryptography, a theoretically unbreakable method of 
coding information, which necessitates a reliable way to deliver 
single photons on demand.
http://www.net-security.org/news.php?id=3534


MANUAL SOFTWARE CONFIGURATION LEAVES SYSTEMS OPEN TO ATTACK
Enterprise software manufacturers should ship products with the 
maximum security set as default, according to Mary Ann Davidson, 
chief security officer at Oracle.
http://www.net-security.org/news.php?id=3535


LAMO SET TO SURRENDER TODAY
An agreement with prosecutors has the New York Times hacker 
walking into custody Tuesday morning, and likely being released 
on bail later the same day.
http://www.net-security.org/news.php?id=3536


DON'T TURN THAT CHEEK TO HACKERS--BE UNCHIC
So what do we do with Jeffrey Parson, the 18-year-old whose 
Blaster variant attacked 7,000 computers last month?
http://www.net-security.org/news.php?id=3537


FORGIVE ME MY TRESPASSES
How a recent federal appeals court decision makes virtually 
everyone a computer criminal.
http://www.net-security.org/news.php?id=3538


MICROSOFT STANDS BY IE SECURITY PATCH
Microsoft has responded to claims that a recent patch for 
Internet Explorer fails to fix the security vulnerability.
http://www.net-security.org/news.php?id=3539


SECURITY FORCES - ACT BEFORE YOU MUST REACT
Information security is a reactive world. The next intrusion, 
vulnerability or worm is always right around the corner.
http://www.net-security.org/news.php?id=3540


SCO DEMANDS NAME OF WEBSITE ATTACKER
The SCO Group has asked Open Source Initiative president 
Eric Raymond to disclose the name of the person who carried 
out a distributed denial of service attack on the company's 
website last month, "so that justice can be done."
http://www.net-security.org/news.php?id=3541


ANTISPAM COMPANIES RAKING IT IN
Not everyone is unhappy about the scourge of spam. Antispam 
software companies are seeing rising revenues and growing 
lines of investors.
http://www.net-security.org/news.php?id=3542


CRIME STATS WEB SITE A HIT
A Web site launched a week ago to monitor South African crime 
has had an overwhelming response from members of the public, 
receiving 24 000 hits since its launch, says site owner Spero 
Patricious.
http://www.net-security.org/news.php?id=3543


TOP SECURITY PROS TO TALK WORM DEFENSE
A group of high-powered security experts and industry executives 
will be in Washington, testifying before a Congressional committee 
looking into ways to bolster the nation's defenses against threats 
such as worms and viruses.
http://www.net-security.org/news.php?id=3545


LAPTOP STOLEN IN FURTHER SECURITY BREACH
Highly sensitive government security information has been stolen 
in a second major intelligence breach.
http://www.net-security.org/news.php?id=3546


CHINA MOVES TO BLOCK SPAM SERVERS
In its latest battle against junk e-mail, China has blocked 127 
mail servers it identified as responsible for spam, the official 
Xinhua News Agency said Tuesday.
http://www.net-security.org/news.php?id=3547


THE VIRUS OF YOUTHFUL IRRESPONSIBILITY
College kids just don't pay enough attention to computer security. 
Thank goodness adults on campus are prepared to force the issue.
http://www.net-security.org/news.php?id=3548


ADRIAN LAMO TURNS HIMSELF IN
Adrian Lamo, aka the helpful hacker, responds to an arrest warrant 
by surrending to federal marshalls. Lamo has admitted involvement 
in some of the most-publicized computer break-ins in recent years.
http://www.net-security.org/news.php?id=3549


BEST PRACTICES: HANDHELD SECURITY
Handheld security expert suggests best practices for organizations 
that support the devices.
http://www.net-security.org/news.php?id=3550


MONEY FOR JAM: A NEW KIND OF SCAM
In what appears to be a scam of a different kind, an email is doing 
the rounds offering people 10 percent of the money deposited in 
their bank accounts by outsiders.
http://www.net-security.org/news.php?id=3551


TWO BRITS CHARGED WITH RELEASING TK WORM
Two British men were charged on Monday with conspiring to 
take over computers using malicious code.
http://www.net-security.org/news.php?id=3553


RIAA SETTLES WITH 12-YEAR-OLD GIRL
Barely 24 hours after suing alleged file swappers around the United 
States, the recording industry has settled its first, agreeing to 
drop its case against a 12-year-old New York girl in exchange 
for $2,000.
http://www.net-security.org/news.php?id=3554


PREVENTING THE NEXT WORM
Information security is a reactive world. The next intrusion, 
vulnerability or worm is always right around the corner.
http://www.net-security.org/news.php?id=3555


JUST SAY NO TO VIRUSES AND WORMS
Members of the computing industry and law enforcement testified 
before the technology subcommittee of the House Committee on 
Government Reform Wednesday about how to protect the nation's 
computing systems from viruses and worms.
http://www.net-security.org/news.php?id=3557


MICROSOFT WARNS ON THREE CRITICAL BUGS
Buffer overflow and denial of service vulnerabilities affect 
Windows RPC service.
http://www.net-security.org/news.php?id=3558


MURKY LAWS MAKE PIRACY SUITS LESS LIKELY IN CANADA THAN U.S.
When the U.S. record industry spread fear and loathing south of 
the border on Monday by filing lawsuits against music "pirates," 
Canadian file sharers were left looking over their shoulders 
wondering if the same thing could happen to them.
http://www.net-security.org/news.php?id=3559


HACKERS HIT RICHMOND
International hackers have crashed the computer system of a 
Richmond real estate agent, costing it thousands of dollars.
http://www.net-security.org/news.php?id=3560


HARDENING THE TCP/IP STACK TO SYN ATTACKS
This article discusses methods of hardening the TCP/IP stack of 
various operating systems to make servers more resistant to SYN 
flooding and SYN spoofing Denial of Service (DOS) attacks.
http://www.net-security.org/news.php?id=3562


HACKER'S PRANKS STARTED OUT SMALL
Investigators say his career as a computer hacker began more 
than a year ago when he saw a roommate typing her password 
and copied it.
http://www.net-security.org/news.php?id=3563


MICROSOFT'S WORMY PROBLEM
Investors should not dismiss concerns of more security flaws 
when looking at Microsoft's stock.
http://www.net-security.org/news.php?id=3564


IT'S TIME TO TACKLE THREATS TO THE NET
Individuals and businesses that depend on the Internet won't 
tolerate nuisances such as spam and viruses.
http://www.net-security.org/news.php?id=3565


STEVE WOZNIAK SPEAKS ON MAC PASSIONS AND MAC VIRUSES
Among other reasons Macintosh has a loyal following: the absence 
of viruses -- such as SoBig -- that have plagued the PC world.
http://www.net-security.org/news.php?id=3566


BEYOND BIOMETRICS: NEW STRATEGIES FOR SECURITY
Biometrics technology, despite its sluggish acceptance, might be 
on the edge of newfound popularity.
http://www.net-security.org/news.php?id=3567


DOES THE KILLER WORM REALLY EXIST?
Technology is not holding hackers back from creating uber worms, 
Chris Wysopal, director of R&D at @stake, told the E-Commerce 
Times. Rather, the limiting factor is the psychology of the majority
of people -- generally young males -- who write malware.
http://www.net-security.org/news.php?id=3568


THE PERILS OF ONLINE DATA ENTRY
Fraser Thomas, chief executive at Swivel Technologies, advises on 
how to minimise the risks posed by criminals looking to obtain other
people's authentication details.
http://www.net-security.org/news.php?id=3569


ESCAPE THE SPYWARE NIGHTMARE
Spyware and adware are the newest threats to connected PCs. 
Here's how to get them off your machine--and keep them off.
http://www.net-security.org/news.php?id=3570


RUMBLINGS ON IT SECURITY JOBS MOVING OVERSEAS
When can you expect your IT Security job to disappear 
and move overseas?
http://www.net-security.org/news.php?id=3571


COMPUTER-HEAVY ELECTRICAL GRID IS VULNERABLE TO ATTACK
Replacing the aging monitoring systems on the Northeast's power 
grid with digital switches and other high-tech gear has made the 
electricity supply vulnerable to a new kind of peril.
http://www.net-security.org/news.php?id=3572

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

Setgid man MANPL Variable Overflow Vulnerability
http://www.net-security.org/vuln.php?id=2930


Invision Power Board FONT and COLOR Tag Cross 
Site Scripting Vulnerabilities
http://www.net-security.org/vuln.php?id=2929


MySQL Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=2928


PINE Multiple Buffer Overflow Vulnerabilities
http://www.net-security.org/vuln.php?id=2927


FTGate Pro Server Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=2926


Gordano Messaging SuiteMultiple Vulnerabilities
http://www.net-security.org/vuln.php?id=2925


Microsoft RPC Heap Corruption Vulnerability
http://www.net-security.org/vuln.php?id=2924


Apache::Gallery Local Webserver Compromise Vulnerability
http://www.net-security.org/vuln.php?id=2923


ASP.Net Incorrect Handling of Cross Site Scripting Protection
http://www.net-security.org/vuln.php?id=2922


RogerWilco Server Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=2921


RogerWilco 1.4.1.2/1.4.1.6 Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=2920


FTP Desktop Multiple Heap Overflow Vulnerabilities
http://www.net-security.org/vuln.php?id=2919


Winamp 2.91 MIDI Files Code Execution Vulnerability
http://www.net-security.org/vuln.php?id=2918


ICQ Webfront Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=2917

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Debian Security Advisory - New mysql packages fix 
buffer overflow (DSA-381-1)
http://www.net-security.org/advisory.php?id=2475


Conectiva Linux Security Announcement - gtkhtml 
(CLA-2003:737)
http://www.net-security.org/advisory.php?id=2474


Conectiva Linux Security Announcement - pine (CLA-2003:738)
http://www.net-security.org/advisory.php?id=2473


Debian Security Advisory - New xfree86 packages fix 
multiple vulnerabilities (DSA-380-1)
http://www.net-security.org/advisory.php?id=2472
 

Mandrake Linux Security Update Advisory - XFree86 
(MDKSA-2003:089)
 http://www.net-security.org/advisory.php?id=2471


Guardian Digital Security Advisory - Multiple 'pine' 
remote vulnerabilities
http://www.net-security.org/advisory.php?id=2470


Red Hat Security Advisory - Updated gtkhtml packages 
fix vulnerability (RHSA-2003:264-01)
http://www.net-security.org/advisory.php?id=2469


CERT Advisory CA-2003-23 - RPCSS Vulnerabilities in 
Microsoft Windows
http://www.net-security.org/advisory.php?id=2468


Debian Security Advisory - New sane-backends packages 
fix several vulnerabilities (DSA 379-1)
http://www.net-security.org/advisory.php?id=2467


SuSE Security Announcement - pine (SuSE-SA:2003:037)
http://www.net-security.org/advisory.php?id=2466


Red Hat Security Advisory - Updated pine packages fix 
vulnerabilities (RHSA-2003:273-01)
http://www.net-security.org/advisory.php?id=2465


Slackware Security Advisory - security issues in pine 
(SSA:2003-253-01)
http://www.net-security.org/advisory.php?id=2464


SCO Security Advisory - OpenServer 5.0.5 OpenServer 5.0.6: 
Various security fixes for Apache (CSSA-2003-SCO.10.1)
http://www.net-security.org/advisory.php?id=2463


SCO Security Advisory - OpenServer 5.0.5 OpenServer 5.0.6 OpenServer
5.0. : Samba security update available avaliable for download.
http://www.net-security.org/advisory.php?id=2462


HP Security Advisory - HP Tru 64 UNIX dtterm Vulnerability 
(SSRT3507)
http://www.net-security.org/advisory.php?id=2461


HP Security Advisory - Tru64 UNIX Internet Express 
sendmail Potential Security Vulnerability (SSRT3612)
http://www.net-security.org/advisory.php?id=2460


Microsoft Security Bulletin MS03-039 - Buffer Overrun 
In RPCSS Service Could Allow Code Execution
 http://www.net-security.org/advisory.php?id=2459


SGI Security Advisory - Denial of Service Vulnerability 
in NFS XDR decoding Update (20030801-02-P)
 http://www.net-security.org/advisory.php?id=2458


Slackware Security Advisory - inetd DoS patched 
(SSA:2003-251-01)
http://www.net-security.org/advisory.php?id=2457


CERT Summary CS-2003-03
http://www.net-security.org/advisory.php?id=2456


Debian Security Advisory - New mah-jong packages fix 
buffer overflows, denial of service (DSA-378-1)
http://www.net-security.org/advisory.php?id=2455


Leafnode Security Announcement - potential denial of 
service in leafnode (SA-2003-01)
http://www.net-security.org/advisory.php?id=2454

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org

----------------------------------------------------------------

A WALK THROUGH "SOMBRIA": A NETWORK SURVEILLANCE SYSTEM
Sombria ("shadowy" in Portuguese) is a honeypot system set up in 
Tokyo, Japan, that is intended for network surveillance and research 
and not for production purposes. This paper provides some statistics 
and an overview of the most prominent attacks from May through 
July 2003. [more]
http://www.net-security.org/article.php?id=558


INTERVIEW WITH JOHN VACCA
The information technology consultant and internationally known 
author of many books and articles discusses identity theft issues 
as well as his latest book "Identity Theft".
http://www.net-security.org/article.php?id=557


AN INTEGRATED APPROACH TO THREAT MANAGEMENT
Effective Threat Management embodies the actions organizations 
must take to defend themselves against today's ever-present 
cyber-threats. At a high-level, these actions form an intrusion 
prevention and protection lifecycle where each stage provides 
critical information to the next.
http://www.net-security.org/article.php?id=559


INFORMATION SECURITY CHECKLIST
Today's heightened awareness of the need to secure IT 
infrastructures and protect mission critical data is leading more 
and more organizations to reevaluate their security practices. To 
help you determine how your security program stacks up, 
infosecurity guru Ken Cutler has developed this security checklist.
http://www.net-security.org/article.php?id=556


PROTECTING DATABASES
Securing your databases involves not only establishing a strong 
policy, but also establishing adequate access controls. In this 
paper, we will cover various ways databases are attacked, and 
how to prevent them from being “hacked”.
http://www.net-security.org/article.php?id=555

----------------------------------------------------------------




[ Reviews ]


All reviews are located at: 
http://www.net-security.org/reviews.php 


----------------------------------------------------------------

LINUX SERVER HACKS
This 200+ pages long book doesn't bother to cover all Linux server 
administration topics, but provides a collection of 100, sharp to 
the point, server administration situations, written by a well 
known figure in the administration world.
http://www.net-security.org/review.php?id=99


WINDOWS SERVER 2003 SECURITY BIBLE
This book is a perfect choice for all you administering Windows 
Server 2003 machines as it deals exclusively with security. Read 
the review and get a sample chapter.
http://www.net-security.org/review.php?id=100

----------------------------------------------------------------




[ Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2


----------------------------------------------------------------

RAINBOWCRACK 1.01
RainbowCrack is an instant windows password cracker based on 
Philippe Oechslin's faster time-memory trade-off technique.
http://www.net-security.org/software.php?id=515

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at: 
http://www.net-security.org/webcasts.php


----------------------------------------------------------------
SPONSORED WEBCAST: Anatomy of a Database Attack
----------------------------------------------------------------
Organized by Application Security on 25 September 2003, 11:00 AM EDT
----------------------------------------------------------------
The webcast will provide a detailed example of how an attacker 
can break into a database. Real world visuals together with 
step-by-step explanations in layman's terms will be used to 
detail this attack on a fictional company's database.
http://www.net-security.org/webcast.php?id=15
----------------------------------------------------------------

Cryptography and Digital Signing
Organized by Microsoft on 15 September 2003, 4:00 PM ET
http://www.net-security.org/webcast.php?id=33


Penetration Testing with CORE IMPACT – Understanding the 
Attacker Perspective
Organized by Core Security Technologies on 16 September 
2003, 11:00 AM ET
http://www.net-security.org/webcast.php?id=19


Tripwire Challenge Series: The IT Audit
Organized by Tripwire on 16 September 2003, 11:00 AM PDT
http://www.net-security.org/webcast.php?id=46


The Hazards of Email Security Policies: How Companies Can 
Accurately Assess Effectiveness
Organized by Zix Corporation on 16 September 2003, 1:00 PM CST
http://www.net-security.org/webcast.php?id=3


The Basics of WLAN Security
Organized by Funk Software on 16 September 2003, 1:00 PM EDT
http://www.net-security.org/webcast.php?id=20


Spam and Email Threats
Organized by CipherTrust on 16 September 2003, 1:00 PM ET
http://www.net-security.org/webcast.php?id=26


An Introduction to Apache 2.0
Organized by Covalent on 16 September 2003, 2:00 PM EDT
http://www.net-security.org/webcast.php?id=14


Internet Security Best Practices: 20 Tips
Organized by Microsoft on 17 September 2003, 1:00 PM ET
http://www.net-security.org/webcast.php?id=34


Essentials of Email Security
Organized by Sophos on 17 September 2003, 1:00 PM EDT
http://www.net-security.org/webcast.php?id=43


Best Practices for Global Regulatory Compliance
Organized by RSA Security on 17 September 2003, 1:30 PM ET
http://www.net-security.org/webcast.php?id=11


Professional Services: Learn How Tripwire Can Work Harder for You
Organized by Tripwire on 18 September 2003, 8:30 AM PDT
http://www.net-security.org/webcast.php?id=44


Funding Your Security Awareness Program -- How to build a 
business case to get the budget you need
Organized by Symantec on 18 September 2003, 11:00 AM PT
http://www.net-security.org/webcast.php?id=13


Wireless and Embedded Security Best Practices
Organized by RSA Security on 18 September 2003, 1:30 PM ET
http://www.net-security.org/webcast.php?id=27


AppSecInc Solutions and... HIPAA, GLBA, SB1386, etc.
Organized by Application Security on 19 September 2003, 11:00 AM EDT
http://www.net-security.org/webcast.php?id=16


Microsoft Security Offerings for the Banking Industry
Organized by Microsoft on 23 September 2003, 12:30 PM ET
http://www.net-security.org/webcast.php?id=35

----------------------------------------------------------------




[ Conferences ]


All conferences are located at: 
http://www.net-security.org/conferences.php


----------------------------------------------------------------

IDC IT Security 2003
Organized by IDC - 9 September-18 September 2003
http://www.net-security.org/conference.php?id=24


COSAC 2003 10th International Computer Security Symposium
Organized by COSAC - 14 September-18 September 2003
http://www.net-security.org/conference.php?id=9


Gartner IT Security Summit 2003
Organized by Gartner - 15 September-16 September 2003
http://www.net-security.org/conference.php?id=25


SANS New England 2003
Organized by SANS - 15 September-20 September 2003
http://www.net-security.org/conference.php?id=40


ConSec 2003
Organized by ConSec - 16 September-18 September 2003
http://www.net-security.org/conference.php?id=49


HIPAA Security and Privacy Conference
Organized by Data Connectors - 18 September-18 September 2003
http://www.net-security.org/conference.php?id=29


2003 SF ISACA Fall Conference
Organized by SF ISACA - 22 September-24 September 2003
http://www.net-security.org/conference.php?id=48


Conference on Mobile and Wireless Security
Organized by MIS Training Institute - 23 September-25 September 2003
http://www.net-security.org/conference.php?id=5


PharmaSec 2003
Organized by MIS Training Institute - 23 September-25 September 2003
http://www.net-security.org/conference.php?id=6


HealthSec 2003
Organized by MIS Training Institute - 23 September-25 September 2003
http://www.net-security.org/conference.php?id=7


Seattle SecureWorld Expo
Organized by Seguro Group - 24 September-25 September 2003
http://www.net-security.org/conference.php?id=30


ToorCon 2003
Organized by ToorCon - 26 September-28 September 2003
http://www.net-security.org/conference.php?id=13


Wi-Fi Planet Conference & Expo Europe 2003
Organized by Jupitermedia Corp. - 29 September-30 September 2003
http://www.net-security.org/conference.php?id=39


SANS Los Angeles 2003
Organized by SANS - 29 September-4 October 2003
http://www.net-security.org/conference.php?id=41


InfowarCon 2003
Organized by Reed Exhibitions - 30 September-3 October 2003
http://www.net-security.org/conference.php?id=51

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org

----------------------------------------------------------------

Anonymizer Makes the Internet a Safer Place for Iranian Citizens
http://www.net-security.org/press.php?id=1662


BT PLC Selects InfoExpress’ CyberArmor Personal Firewall To 
Protect the PCs of 60,000 Mobile Employees
http://www.net-security.org/press.php?id=1661


McAfee Personal Firewall Plus Safeguards Home Users Against 
Attacks Exploiting The Recently Discovered Microsoft Windows 
Operating System Vulnerabilities
http://www.net-security.org/press.php?id=1660


Third of Small Businesses Have no Antivirus Protection
http://www.net-security.org/press.php?id=1659


Thawte Announces New Channel Aimed at The Reseller Market
http://www.net-security.org/press.php?id=1658


Network Associates Introduces Essential New Spam Protection 
Features in Latest Version of McAfee SpamKiller for Consumers
http://www.net-security.org/press.php?id=1657


CipherOptics Adds Members To Board Of Directors
http://www.net-security.org/press.php?id=1656


nCipher Teams With Oracle to Deliver Enterprise Grid 
Computing Software
http://www.net-security.org/press.php?id=1655


Diversinet Buys Boston-Based Caradas, Expands 
Push Into U.S.
http://www.net-security.org/press.php?id=1654


Utimaco Lands Anchor Financial Investor and Raises 
Euro 12.1 Million
http://www.net-security.org/press.php?id=1653


Trend Micro Spam Prevention Service Continues to Block Spam 
at the Internet Gateway Despite Spam's Virus-Like Behavior
http://www.net-security.org/press.php?id=1652


Trend Micro InterScan Web Security Suite Brings High 
Performance Gateway Protection for Enterprise Customers
http://www.net-security.org/press.php?id=1651


Neoteris Announces Extension Of Access Series To Address 
Industry Demand For Secure Wireless Mobile Access
http://www.net-security.org/press.php?id=1650


Blue Coat Introduces ProxySG - Secure Proxy Appliances 
Control User Communications Over the Web
http://www.net-security.org/press.php?id=1649


Blue Coat Integrates SurfControl Filtering Onto Secure 
Proxy Appliance
http://www.net-security.org/press.php?id=1648

----------------------------------------------------------------




[ Virus News ]


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

Weekly Virus Report - Mimail.B, Gaobot.L, Neroma, Gelcan.A 
and Vote.K Worms
http://www.net-security.org/virus_news.php?id=305

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
GET THAWTE’S NEW STEP-BY-STEP SSL GUIDE FOR MSIIS
----------------------------------------------------------------
In this guide you will find out how to test, purchase, install 
and use a Thawte Digital Certificate on you MSIIS web server. 
Throughout, best practices for set-up are highlighted to help 
you ensure efficient ongoing management of your encryption 
keys and digital certificates.
----------------------------------------------------------------
Get you copy of this new guide now:
http://ad.doubleclick.net/clk;6091068;8369143;p
----------------------------------------------------------------