HNS Newsletter
Issue 189 - 24.11.2003.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week.


----------------------------------------------------------------
GET THAWTE’S NEW STEP-BY-STEP SSL GUIDE FOR MSIIS
----------------------------------------------------------------
In this guide you will find out how to test, purchase, install 
and use a Thawte Digital Certificate on you MSIIS web server. 
Throughout, best practices for set-up are highlighted to help 
you ensure efficient ongoing management of your encryption 
keys and digital certificates.
----------------------------------------------------------------
Get you copy of this new guide now:
http://ad.doubleclick.net/clk;6091068;8369143;p
----------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Software
6) Webcasts
7) Conferences
8) Security world
9) Virus news


[ Security news ]

 
----------------------------------------------------------------

ENCRYPTION REVOLUTION: THE TANTALIZING PROMISE 
OF 'UNBREAKABLE' CODES
Code-makers could be on the verge of winning their ancient arms 
race with code-breakers.
http://www.net-security.org/news.php?id=4055


IT WASN'T ME, IT WAS THE TROJAN HORSE
Three U.K residents have been acquitted after saying a Trojan 
horse caused their computers to commit crimes. Robert bets 
we'll soon see creative defenses for tech-related crimes in 
the U.S. as well.
http://www.net-security.org/news.php?id=4056


HOW TO FLOSS YOUR SECURITY SYSTEM
Patch management is a little like flossing your teeth. Everyone 
knows they're supposed to do it, but most of us still don't.
http://www.net-security.org/news.php?id=4057


GATES ADDRESSES SPAM, SECURITY FLAWS AT COMDEX
Addressing a more button-down crowd than in past years, 
Microsoft Chairman Bill Gates attempted Sunday to usher 
in a new era of computing he dubbed "seamless computing."
http://www.net-security.org/news.php?id=4058


KEEPING WATCH FOR INTERSTELLAR COMPUTER VIRUSES
Microsoft may have to fork up big bounty bucks trying to 
unearth future hackers, particularly when they are light 
years away on distant worlds.
http://www.net-security.org/news.php?id=4059


SECURITY: MORE THAN JUST TECHNOLOGY
You have to design for good security, not just load a new program.
http://www.net-security.org/news.php?id=4060


DESKTOP SECURITY: A CONTRARIAN VIEW
Rather than a perimeter defense around a trusted host, I keep 
tight control of the host itself, and make sure there is nothing 
worth stealing. I don't recommend this approach to others. It 
goes against best practices. It may be more lucky than effective. 
But it has two huge virtues. It's simple and I'm in control.
http://www.net-security.org/news.php?id=4061


NEW SYSTEM HALTS MALWARE
A computer scientist at Washington University in St. Louis has 
developed technology to stop malicious software - malware - 
such as viruses and worms long before it has a chance to 
reach computers in the home and office.
http://www.net-security.org/news.php?id=4062


HACKING: POTENTIALLY A NEW KIND OF WAR IN THE MIDDLE EAST
Security for companies’ IT systems is a growth market as firms 
move to protect themselves from costly phenomenon.
http://www.net-security.org/news.php?id=4063


SECURITY CONSIDERATIONS WHEN MIGRATING FROM UNIX TO LINUX
The Linux server market is expected to grow by 35% from last year, 
according to research firm IDC. Many of these Linux systems are 
replacing Unix in corporations looking to reduce IT costs. However, 
at the same time, there are more attacks on Linux than ever before.
http://www.net-security.org/news.php?id=4064


LACK OF WEB SECURITY WILL LIMIT TRADING PARTNERSHIPS
Organisations planning to deploy business-to-business web services 
in the next three years should limit their number of trading partners 
because of immature security products and standards.
http://www.net-security.org/news.php?id=4067


ORACLE ROW LEVEL SECURITY: PART 2
This paper explores the row level security feature added to Oracle 
8i and above, and provides examples.
http://www.net-security.org/news.php?id=4068


THE FIREWALL AND THE WANDERING WORKERS
Corporations that have strong firewall defenses didn't take long to 
figure out that their greatest threat was from employees who log 
on to their networks from outside the building.
http://www.net-security.org/news.php?id=4069


E-MAIL WORM MASQUERADES AS PAYPAL MESSAGE
An e-mail worm is posing as a message from online payment company 
PayPal in an effort to harvest credit card numbers and account 
passwords.
http://www.net-security.org/news.php?id=4070


PICKPOCKETS TURN TO TECHNOLOGY
A potential loophole in security for Bluetooth phones, which could 
see strangers hacking into your address books, has been uncovered.
http://www.net-security.org/news.php?id=4071


WI-FI STARTS LEAPING SECURITY BARRIERS
As it proves its worth at work, companies are buying new products 
and services that help remove the worry of open access.
http://www.net-security.org/news.php?id=4072


AUTOMATING RSYNC WITH A SIMPLE EXPECT SCRIPT
This short article provides an example script that uses Expect to 
automate a series of rsync operations using an ssh tunnel.
http://www.net-security.org/news.php?id=4073


BLOGS GET A SECURITY BOOST
Two new applications offer more tools for creating Web logs.
http://www.net-security.org/news.php?id=4074


BUSH PUSHES FOR CYBERCRIME TREATY
President Bush has asked the U.S. Senate to ratify the first 
international cybercrime treaty.
http://www.net-security.org/news.php?id=4076


SECURITY RESEARCHER CALLS FOR VULNERABILITY TRADE ASSOCIATION
The idea for the organization came from Thor Larholm, a senior 
security researcher at PivX Solutions Inc. Larholm is well-known 
in security circles for his research, particularly on Internet 
Explorer.
http://www.net-security.org/news.php?id=4077


CISCO, ANTIVIRUS COMPANIES TEAM TO BATTLE WORMS
Cisco announced licensing agreements with three leading antivirus 
software companies and a new program that it said will protect 
computer networks from worms and viruses.
http://www.net-security.org/news.php?id=4078


THE ECONOMICS OF SPAM
Spammers can make lucrative living even though only 50 in every 
million people respond to unsolicited commercial email.
http://www.net-security.org/news.php?id=4079


NO EASY SOLUTION TO SPYWARE
Congress would be better off protecting individuals against online 
surveillance than trying to legislate spyware that monitors their 
online activity, a policy group says.
http://www.net-security.org/news.php?id=4080


RED HAT OFFERS NEW SECURITY COURSE
Red Hat Tuesday said it is offering a new training course, designed 
to improve the security skills of users.
http://www.net-security.org/news.php?id=4081


GERMANY TOUTS HIGH-SECURITY PHONE
A German company launched a new mobile handset on Tuesday 
targeted at business executives that secures that lines are free 
from eavesdroppers, sparking criticism that it could also make 
criminals harder to catch.
http://www.net-security.org/news.php?id=4083


SYMANTEC CEO URGES SHIFT IN SECURITY TACTICS
Comdex: John Thompson warns that unless the security industry 
changes its focus, technology could become a liability.
http://www.net-security.org/news.php?id=4084


APPLE SECURITY PATCHES POSTED
Apple has released security updates for Mac OS X Panther 10.3.1 
client and server systems and Mac OS X Jaguar 10.2.8 client and 
server operating systems.
http://www.net-security.org/news.php?id=4085


HOME USER SECURITY: YOUR FIRST DEFENSE
The swiss cheese approach to applying security patches that are 
required to keep desktop computers safe and useable just doesn't 
work for the average home user. A firewall should now be a home 
user's first line of defense.
http://www.net-security.org/news.php?id=4086


CISCO SECURITY INITIATIVE
In an unusual alliance among staunch competitors, Cisco Systems 
will collaborate with three of the largest computer security firms 
to fight virus and worm attacks.
http://www.net-security.org/news.php?id=4087


CODEFELLAS - A MAFIA HACKER TELLS HIS STORY
Smart mobs? Fuhgeddaboutit. Not till they hired me. Now they're 
getting a secure P2P bet-processing system. A mafia hacker tells 
his story to Wired magazine's Simson Garfinkel.
http://www.net-security.org/news.php?id=4088


HACKERS DID NOT CAUSE BLACKOUT - REPORT
There is no evidence that the blackout that struck the northeastern 
United States and southern Canada on August 14 was caused by 
hackers, but the power grid's reliance on the Internet makes it 
vulnerable to potentially devastating online attacks.
http://www.net-security.org/news.php?id=4089


SETTING UP SERVER TOOLS FOR SPAM- AND VIRUS-FREE MAIL
After a week of email nearly free of spam and viruses, the time and 
effort it took to configure a Linux mail server with SpamAssassin, 
MIMEDefang, and sendmail seem well worth the trouble.
http://www.net-security.org/news.php?id=4090


SANDIA LABS STUDIES PHONY COMPUTER NETWORK FOR HACKERS
Instead of merely fending off thousands of daily computer attacks, 
federal researchers are trying a new tack: Create a meaningless 
digital universe to bog down hackers and study their tactics.
http://www.net-security.org/news.php?id=4091


CA OFFERS FREE ANTIVIRUS, FIREWALL SOFTWARE
Computer Associates International Inc. (CA) will give away its 
consumer antivirus and firewall software product with a year's 
subscription to virus signature updates.
http://www.net-security.org/news.php?id=4092


BIOMETRICS ARE THE FUTURE, SAY AVIATION SECURITY EXPERTS
Biometric identification methods such as fingerprints and digital 
photographs are tomorrow's technology to ensure security of 
civil aviation, participants of a conference said.
http://www.net-security.org/news.php?id=4093


HP EYES SECURITY, SMB SPACES
Security projects currently in the hopper include moving VPN 
technology to 802.11 wireless networks.
http://www.net-security.org/news.php?id=4094


"PHISHING" IDENTITY THEFT IS GAINING POPULARITY
Most of us know by now not to give out our passwords, ATM PINs, 
or other secret information when requested by e-mail. But an 
increasing number of people are giving out that information, 
even those of us who should know better.
http://www.net-security.org/news.php?id=4095


CYBERCRIME SWEEP NETS 125 ARRESTS
Attorney General John Ashcroft said Thursday that 125 suspects 
have been arrested in a crackdown on Internet crimes ranging 
from hacking to fraud to selling stolen goods.
http://www.net-security.org/news.php?id=4096


TAKING SCAMMERS FOR A RIDE
A scam-baiter has plenty of interesting tales to tell as he takes 
would-be scammers for a ride.
http://www.net-security.org/news.php?id=4097


HACKER LIFE DOESN'T LAST FOREVER
In 2 1/2 years in the late 1990s, Breuninger hacked into dozens 
of computer systems. He peeked at the payroll of a nearby Taco 
Bell, left messages supporting Jesse Ventura on Web sites and 
stole thousands of Internet e-mail accounts and passwords.
http://www.net-security.org/news.php?id=4098


THE FUTURE OF OPEN SOURCE IN SECURITY
This year we held our 2nd Annual Open Source Symposium and it 
certainly fit the bill as a wide variety of topics were presented 
from security to higher education theory.
http://www.net-security.org/news.php?id=4099


GALVANISING PHYSICAL SECURITY WITH IT
Cingulum Security Services has teamed with Internet Solutions 
(IS) to take on-site CCTV recording and physical guarding into 
the realm of "more secure" IT.
http://www.net-security.org/news.php?id=4100


SIX FACE SENTENCING FOR INTERNET ID THEFT AND FRAUD
A London court will hear today that six fraudsters used the 
Internet to obtain false identities and con Lloyds TSB out 
of Ł300,000.
http://www.net-security.org/news.php?id=4101


SECURITY IS ABOUT MORE THAN AN IMAGE PROBLEM
Microsoft's latest hacker bounty won't solve the problem - it'll 
only divert public attention away from the core security problem 
that users face.
http://www.net-security.org/news.php?id=4102


RADIO TAGS SPARK PRIVACY WORRIES
The use of radio tags on consumer products should be put on 
hold, say privacy campaigners.
http://www.net-security.org/news.php?id=4103


DEBIAN PROJECT MACHINES HAVE BEEN COMPROMISED
Some Debian servers were found to have been compromised 
on November 20th. The archive was not affected by this 
compromise.
http://www.net-security.org/news.php?id=4105

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

FreeRADIUS Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=3084


EffectOffice Server 2.9 Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=3083


Kerio Winroute Firewall Xroxy Information Disclosure Vulnerability
http://www.net-security.org/vuln.php?id=3082


Half Life Dedicated Server Information Leak and Denial 
of Service Vulnerabilities
http://www.net-security.org/vuln.php?id=3081


NetServe 1.0.7 Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3080


phpWebFileManager Directory Traversal Vulnerability
http://www.net-security.org/vuln.php?id=3079


Web Wiz Forums Multiple Cross Site Scripting Vulnerabilities
http://www.net-security.org/vuln.php?id=3078


Sqwebmail Session Hijacking Vulnerability
http://www.net-security.org/vuln.php?id=3077


HPUX dtmailpr Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=3076


SAP DB Privillege Escalation and Remote Code 
Execution Vulnerabilities
http://www.net-security.org/vuln.php?id=3075


SAP DB web-tools Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3074


PCAnywhere Local SYSTEM Compromise Vulnerability
http://www.net-security.org/vuln.php?id=3073


PHPlist File Injection Vulnerability
http://www.net-security.org/vuln.php?id=3072


Quagga Remote Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=3071


PeopleSoft PeopleBooks Multiple Search CGI Vulnerabilities
http://www.net-security.org/vuln.php?id=3070


PeopleSoft IScript Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=3069


PeopleSoft Gateway Administration Servlet Path 
Disclosure Vulnerability
http://www.net-security.org/vuln.php?id=3068


Webwasher Classic Error Message Cross Site Scripting 
Vulnerability
http://www.net-security.org/vuln.php?id=3067


Auto Directory Index Cross Site Scripting Vulnerability 
http://www.net-security.org/vuln.php?id=3066

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Red Hat Security Advisory - Updated XFree86 packages provide 
security and bug fixes (RHSA-2003:288-01)
http://www.net-security.org/advisory.php?id=2738


Conectiva Security Announcement - zebra (CLA-2003:786)
http://www.net-security.org/advisory.php?id=2737


SOT Linux Security Advisory - Updated apache package for 
SOT Linux 2003 (SLSA-2003:53)
http://www.net-security.org/advisory.php?id=2736


Gentoo Linux Security Announcement - net-misc/hylafax (200311-03)
http://www.net-security.org/advisory.php?id=2735


Gentoo Linux Security Announcement - net-www/opera (200311-02)
http://www.net-security.org/advisory.php?id=2734


Gentoo Linux Security Announcement - kde-base/kdebase (200311-01)
http://www.net-security.org/advisory.php?id=2733


Gentoo Linux Security Announcement - net-www/apache (200310-03)
http://www.net-security.org/advisory.php?id=2732


Apple Security Advisory - Security Update 2003-11-19 
(APPLE-SA-2003-11-19)
http://www.net-security.org/advisory.php?id=2731


SGI Security Advisory - SGI Advanced Linux Environment 
security update #5 (20031101-01-U)
http://www.net-security.org/advisory.php?id=2730


Mandrake Linux Security Update Advisory - glibc (MDKSA-2003:107)
http://www.net-security.org/advisory.php?id=2729


SUSE Security Announcement - sane (SuSE-SA:2003:046)
http://www.net-security.org/advisory.php?id=2728


SCO Security Advisory - OpenLinux: Linux NFS utils package contains 
remotely exploitable off-by-one bug (CSSA-2003-037.0)
http://www.net-security.org/advisory.php?id=2727


SCO Security Advisory - OpenLinux: Sendmail prescan remotely 
exploitable vulnerability (CSSA-2003-036.0)
http://www.net-security.org/advisory.php?id=2726


SCO Security Advisory - OpenLinux: Webmin/Usermin Session ID 
Spoofing Vulnerability (CSSA-2003-035.0)
http://www.net-security.org/advisory.php?id=2725


SCO Security Advisory - OpenLinux: Key validity bug in GnuPG 1.2.1 
and earlier (CSSA-2003-034.0)
http://www.net-security.org/advisory.php?id=2724


Trustix Secure Linux Security Advisory - coreutils/fileutils/anonftp 
(2003-0042)
http://www.net-security.org/advisory.php?id=2723


Trustix Secure Linux Security Advisory - apache (2003-0041)
http://www.net-security.org/advisory.php?id=2722


Trustix Secure Linux Security Advisory - postgresql (2003-0040)
http://www.net-security.org/advisory.php?id=2721


Trustix Secure Linux Security Advisory - glibc (2003-0039)
http://www.net-security.org/advisory.php?id=2720


SOT Linux Security Advisory - Updated glibc package available 
for SOT Linux 2003 (SLSA-2003:52)
http://www.net-security.org/advisory.php?id=2719


Debian Security Advisory - New minimalist package fixes 
remote command execution (DSA 402-1)
http://www.net-security.org/advisory.php?id=2718


Debian Security Advisory - New hylafax packages fix 
remote root exploit (DSA 401-1) 
http://www.net-security.org/advisory.php?id=2717

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org

----------------------------------------------------------------

WHY BOTHER VIRUS SCANNING?
I have always thought the idea of scanning for viruses to be 
flawed, well certainly as a security measure. Yet nearly all of 
you reading this article will be relying on just that technology 
to protect your networks, PCs and laptops.
http://www.net-security.org/article.php?id=605


SOAP WEB SERVICES ATTACKS
This whitepaper discusses various types of attacks based on the 
SOAP implementation of Web services over HTTP and describes 
how you can shield your applications from these assaults.
http://www.net-security.org/article.php?id=604


WORMS OF THE FUTURE: TRYING TO EXORCISE THE WORST
This is a research paper on the security (or lack of) within 
computer systems and ways of improvement with respect 
to mobile and hostile code such as worms.
http://www.net-security.org/article.php?id=603


FLOODING FROM THE UNDERGROUND - A GLOBAL THREAT
When Khaled Mardam-Bey developed an IRC client for the 
Windows platform, I doubt he envisaged mIRC becoming the 
basis for the control of an immeasurable number of compromised 
machines in bot-nets. Khaled has the original authors of the 
Global-Threat bot to thank for that.
http://www.net-security.org/article.php?id=602

----------------------------------------------------------------




[ Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2


----------------------------------------------------------------

NOTRAX 1.4.0.4
NoTrax is a web browser that lets you surf the Net anonymously 
since it cleans as you surf. NoTrax does not remember what sites 
you've visited.
http://www.net-security.org/software.php?id=523

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at: 
http://www.net-security.org/webcasts.php


----------------------------------------------------------------

Tripwire for Servers: Overview and Product Demo
Organized by Tripwire on 25 November 2003, 9:00 AM PDT
http://www.net-security.org/webcast.php?id=125


Authentication and Authorization Design
Organized by Microsoft on 25 November 2003, 1:00 PM PT
http://www.net-security.org/webcast.php?id=105


Wireless LAN Security: Risks & Defenses
Organized by AirDefense on 25 November 2003, 2:00 PM ET
http://www.net-security.org/webcast.php?id=78


Using Portable Handheld Devices in a Secure Manner
Organized by Microsoft on 2 December 2003, 8:00 AM PT
http://www.net-security.org/webcast.php?id=106


Secure Network Access
Organized by Microsoft on 2 December 2003, 9:30 AM PT
http://www.net-security.org/webcast.php?id=107


Stopping Spam with Sophos PureMessage
Organized by ActiveState on 2 December 2003, 10:00 AM PST
http://www.net-security.org/webcast.php?id=131


Designing a Secure - Reliable - and Usable Patch Management 
Infrastructure
Organized by Microsoft on 2 December 2003, 11:30 AM
http://www.net-security.org/webcast.php?id=108


Securing Your Exchange 2003 Environment
Organized by Microsoft on 3 December 2003, 8:00 AM PT
http://www.net-security.org/webcast.php?id=109


Effectively Using IIS Security
Organized by Microsoft on 3 December 2003, 9:30 AM PT
http://www.net-security.org/webcast.php?id=110


Penetration Testing, Vulnerability Scanning, and Security Auditing
Organized by Microsoft on 3 December 2003, 11:30 AM PT
http://www.net-security.org/webcast.php?id=111


Ten Ways To Hack Proof Your Identity
Organized by SANS on 3 December 2003, 1:00 PM EST
http://www.net-security.org/webcast.php?id=73


Using the Microsoft Security Tools
Organized by Microsoft on 4 December 2003, 8:00 AM PT
http://www.net-security.org/webcast.php?id=112


Safeguarding Information with Windows Rights Management Services
Organized by Microsoft on 4 December 2003, 9:30 AM PT
http://www.net-security.org/webcast.php?id=113


Microsoft Windows Server 2003 Security Enhancements
Organized by Microsoft on 4 December 2003, 12:30 PM PT
http://www.net-security.org/webcast.php?id=114


Demystifying IPsec
Organized by Microsoft on 5 December 2003, 9:30 AM PT 
http://www.net-security.org/webcast.php?id=115

----------------------------------------------------------------




[ Conferences ]


All conferences are located at: 
http://www.net-security.org/conferences.php


----------------------------------------------------------------

Le Salon de la Securite Informatique
Organized by Reed Expositions France - 26 November-27 November 2003
http://www.net-security.org/conference.php?id=33


e-Gov Homeland Security Conference 2003
Organized by e-gov - 2 December-3 December 2003
http://www.net-security.org/conference.php?id=76


The Forum on Information Warfare
Organized by MIS Training Institute - 3 December-4 December 2003
http://www.net-security.org/conference.php?id=8


IndoCrypt 2003
Organized by Indian Statistical Institute - 8 December-10 December 2003
http://www.net-security.org/conference.php?id=14


Department of Defense Cyber Crime Conference
Organized by Technology Forums - 8 December-12 December 2003
http://www.net-security.org/conference.php?id=28


Infosecurity 2003
Organized by Information Security Magazine /ISSA - 9 December -
11 December 2003
http://www.net-security.org/conference.php?id=3


HITBSecConf2003
Organized by Hack In The Box - 12 December-14 December 2003
http://www.net-security.org/conference.php?id=64


Access Denied 2004
Organized by New Leaf Productions - 11 January-13 January 2004
http://www.net-security.org/conference.php?id=75


IT-Defense 2004
Organized by cirosec GmbH/dpunkt.Verlag - 28 January -
30 January 2004
http://www.net-security.org/conference.php?id=56


Infosecurity Italia 2004
Organized by Fiera Milano International - 13 February -
14 February 2004
http://www.net-security.org/conference.php?id=34


Southeast Cybercrime Summit 2004
Organized by ATLCCS - 2 March-5 March 2004
http://www.net-security.org/conference.php?id=77


InfoSec World Conference and Expo 2004
Organized by MIS Training Institute - 22 March-24 March 2004
http://www.net-security.org/conference.php?id=68


RSA Conference 2003 USA
Organized by RSA Security - 13 April-17 April 2004
http://www.net-security.org/conference.php?id=55


Infosecurity Europe 2004
Organized by Reed Exhibitions - 27 April-29 April 2004 
http://www.net-security.org/conference.php?id=27

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org

----------------------------------------------------------------

Diebold and Sygate Join Forces to Provide Powerful Endpoint 
Security for Windows-Based ATMs and Networks Worldwide
http://www.net-security.org/press.php?id=1859


Panda Antivirus Platinum 7.0 Protection Certified 
by West Coast Labs
http://www.net-security.org/press.php?id=1858


IISFA Announces Formation Of Greater New York Chapter
http://www.net-security.org/press.php?id=1857


Corsaire are Chosen to Distribute Secunia's Security 
Advisory Services
http://www.net-security.org/press.php?id=1856


Oblix Selects NetContinuum Web Security Solution
http://www.net-security.org/press.php?id=1855


GSA Standardizes on Datakey Smart Card Technology For 
Employee Smart ID Badges
http://www.net-security.org/press.php?id=1854


Leading Lottery And Gaming Developer Embeds Diversinet's 
Secure Mobile Solutions Into its Applications
http://www.net-security.org/press.php?id=1853


IS3 Inc. And Mosaic Software Announce Product 
Development Alliance
http://www.net-security.org/press.php?id=1852


IntelliReach Expands Strategic Partnership Initiative 
With Xantiv
http://www.net-security.org/press.php?id=1851


SSH Completes The Sale Of its OEM Business To Safenet
http://www.net-security.org/press.php?id=1850


Captus Networks Announces Availability of Performance 
Test Results from the Test Labs of National Technical 
Systems
http://www.net-security.org/press.php?id=1849


Captus Networks Announces Release 1.3 for Captus IPS 4000 Series
http://www.net-security.org/press.php?id=1848


Trend Micro Survey Indicates Less Than Half of U.S. Small 
Businesses Have a Virus Outbreak Response Policy in Place
http://www.net-security.org/press.php?id=1847


Trend Micro Launches Small and Medium Business Content 
Security Makeover Sweepstakes
http://www.net-security.org/press.php?id=1846


Trend Micro Redesigns Comprehensive Antivirus, Content Security, 
and Anti-spam for Small and Medium Business Customers
http://www.net-security.org/press.php?id=1845


KaVaDo Chosen as Spearhead Technologies' Exclusive OEM 
Partner For Web Application Protection
http://www.net-security.org/press.php?id=1844


NetScreen Completes Neoteris Acquisition
http://www.net-security.org/press.php?id=1843


The Training Camp Reveals Windows Server Administration 
and Security Skills in Demand
http://www.net-security.org/press.php?id=1842


Brevard County Wins InfoWorld 100 Award by Installing 
bioLock from realtime 
http://www.net-security.org/press.php?id=1841

----------------------------------------------------------------




[ Virus News ]


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

Weekly Virus Report - Mimail.j, Lohack.E Worms and Banbra Trojan
http://www.net-security.org/virus_news.php?id=330

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
GET THAWTE’S NEW STEP-BY-STEP SSL GUIDE FOR MSIIS
----------------------------------------------------------------
In this guide you will find out how to test, purchase, install 
and use a Thawte Digital Certificate on you MSIIS web server. 
Throughout, best practices for set-up are highlighted to help 
you ensure efficient ongoing management of your encryption 
keys and digital certificates.
----------------------------------------------------------------
Get you copy of this new guide now:
http://ad.doubleclick.net/clk;6091068;8369143;p
----------------------------------------------------------------