HNS Newsletter
Issue 192 - 14.12.2003.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week.


----------------------------------------------------------------
GET THAWTE’S NEW STEP-BY-STEP SSL GUIDE FOR MSIIS
----------------------------------------------------------------
In this guide you will find out how to test, purchase, install 
and use a Thawte Digital Certificate on you MSIIS web server. 
Throughout, best practices for set-up are highlighted to help 
you ensure efficient ongoing management of your encryption 
keys and digital certificates.
----------------------------------------------------------------
Get you copy of this new guide now:
http://ad.doubleclick.net/clk;6091068;8369143;p
----------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Reviews
6) Software
7) Webcasts
8) Conferences
9) Security world
10) Virus news


[ Security news ]

 
----------------------------------------------------------------

WI-FI: SECURE OR NOT? DEBATE RAGES
We all know what kind of internet we have. Most of us have 
dedicated connections at home- whether dialup, broadband, or 
even faster. But what about Wi-Fi? Is it secure or not? The 
following article explains the debate between WiFi proponents 
and detractors.
http://www.net-security.org/news.php?id=4209


MOVING BEYOND PASSWORDS
New options for strong authentication help agencies find the right 
security for their needs.
http://www.net-security.org/news.php?id=4210


CYBERSECURITY WORRIES KEEP MANY FROM BANKING ONLINE
Alma Villalpando, a program director at Eastfield College in 
Mesquite, Texas, says she's comfortable using a computer. 
She even offers training programs on cybersecurity.
http://www.net-security.org/news.php?id=4211


FORTUNE 500 FIRMS PICK SMARTCARD SECURITY
More than one third of enterprise companies will rely on smartcard 
technology by 2006.
http://www.net-security.org/news.php?id=4212


SECURING YOUR LINUX ENVIRONMENT
As Linux gains momentum, Linux systems become more attractive 
to virus writers. Read on to learn more about antivirus software, 
end-user education, and safe computing practices that can 
protect you from attacks.
http://www.net-security.org/news.php?id=4213


SECURITY FEARS PUSH USERS TO OPEN SOURCE
CIOs look seriously at Linux for the desktop as Microsoft's 
security problems continue.
http://www.net-security.org/news.php?id=4214


NEW AUTHENTICATION SYSTEM TRIES TO BLOCK SPAM
Yahoo said it is working on technology to combat e-mail spam by 
changing the way the Internet works to require authentication of 
a message's sender.
http://www.net-security.org/news.php?id=4215


HACKERS STEAL FROM PIRATES, TO NO GOOD END
The people who design rogue programs that take over computers 
from afar are now applying the tactic that made music pirating 
programs so effective--and the Internet may never be the same.
http://www.net-security.org/news.php?id=4217


THE NEXT WINDOWS: MICROSOFT'S BIG CHALLENGE
Microsoft Corp. has been tarred as an illegal monopoly and a 
copycat. Its flagship Windows operating system gets knocked 
for its security holes and user-unfriendly quirks.
http://www.net-security.org/news.php?id=4218


POLICE ARREST IPOD EMAIL SUSPECT
Cambridgeshire force pounces on local man in alleged credit 
card hoax.
http://www.net-security.org/news.php?id=4219


GOOD GUYS VERSUS BAD GUYS - WHO'S AHEAD?
For Symantec CEO John Thompson, there's always something 
new to worry about.
http://www.net-security.org/news.php?id=4220


CONGRESS OKS ANTISPAM LEGISLATION
The U.S. Congress on Monday gave final approval to the first 
federal law regulating spam, which President Bush has indicated 
he will sign before the end of the year.
http://www.net-security.org/news.php?id=4221


Q&A: A TWO-PRONGED APPROACH TO CYBERSECURITY
The head of the US government's cybersecurity programme 
explains why he feels that the public and private sectors are 
making progress towards achieving security.
http://www.net-security.org/news.php?id=4222


HOME USER SECURITY: PERSONAL FIREWALLS
This article discusses personal firewall alternatives, including 
freeware firewalls, firewalls included with current Microsoft and 
Apple OSes, and various commercial offerings of interest to the 
home user.
http://www.net-security.org/news.php?id=4223


WINDOWS TAKES 7 SPOTS IN SYMANTEC'S TOP 10 NOVEMBER FLAWS
A remote buffer overflow vulnerability in Windows Workstation 
Service has been rated the biggest risk for computer users 
during November, from among vulnerabilities discovered or 
announced during the month.
http://www.net-security.org/news.php?id=4224


MAFIA MUSCLES IN ON SPAM AND VIRUSES
Attacks may become less common, but more dangerous, warns 
antivirus expert.
http://www.net-security.org/news.php?id=4226


ORACLE PATCHES SECURITY FLAWS
Oracle has issued a security alert and software patches for a 
set of serious vulnerabilities in the security protocols used by 
some of its server products.
http://www.net-security.org/news.php?id=4227


FIGHTING SPAM PAYS BETTER THAN SENDING IT
There's money to be made fighting spam--more money than 
even spammers see on their bottom lines, a research firm 
said Monday.
http://www.net-security.org/news.php?id=4228


FLAW COULD UNLEASH ANOTHER SLAMMER
A research company warned Tuesday that an attacker could 
use a recently patched Microsoft flaw to create a fast-moving 
worm similar to SQL Slammer, which spread rapidly across the 
Internet a year ago.
http://www.net-security.org/news.php?id=4230


PATCHING: PROCESS MATTERS
The list of all-too-familiar names - Nachi, Klez, Lovsan, SoBig, 
BugBear, Swen, Blaster and Yaha - represents only a sampling 
of the most prevalent worms and viruses that slithered into 
corporate networks this fall. But they all have one thing in 
common: Patches were readily available before most damage 
had been done.
http://www.net-security.org/news.php?id=4231


CHINESE SECURITY STANDARD COULD FRACTURE WI-FI, SAYS IEEE
The implementation of a Chinese security standard for wireless 
networking could undermine efforts to develop a global standard 
for wireless Lans and drive up the cost of networking equipment 
for end users, warned a senior executive at the Institute of 
Electrical and Electronics Engineers (IEEE).
http://www.net-security.org/news.php?id=4232


WAR GAMES ONLINE
Seeking an edge in the battle against computer worms and viruses, 
UC Berkeley researchers are building a virtual playing field for 
cyber war games. 
http://www.net-security.org/news.php?id=4233


FEDS GET A 'D' IN COMPUTER SECURITY
U.S. federal departments and agencies are showing some improvement 
in protecting their computer networks, but many--including the 
Department of Homeland Security--are failing, according to a 
government report released Tuesday.
http://www.net-security.org/news.php?id=4234


E-VOTING GROUP UNITES ON SECURITY CONCERNS
Stung by criticism over whether its e-voting technology is sound, 
Diebold Election Systems joined with five other electronic voting 
machine manufacturers Tuesday to "identify and address security 
concerns" about the industry.
http://www.net-security.org/news.php?id=4235


CAMERA PHONES ARE A SECURITY RISK
Analysts have warned that camera phones represent a risk for 
employers and could be used to photograph commercially sensitive 
aspects of a business operation.
http://www.net-security.org/news.php?id=4236


ALTERNATIVE METHODS FOR PROTECTING YOUR COMPANY FROM VIRUSES
Microsoft and other software vendors will certainly continue 
refining their software and issuing patches.
http://www.net-security.org/news.php?id=4237


THE HIGHS AND LOWS OF THE CSO
Pity the public-sector CSO. He has to overcome all the typical 
security pitfalls - and he gets to do it all in a bureaucratic 
fishbowl.
http://www.net-security.org/news.php?id=4238


DEVELOPERS TAKE LINUX ATTACKS TO HEART
A handful of recent online attacks on free and open-source 
software servers has open-source developers looking over 
their shoulders.
http://www.net-security.org/news.php?id=4239


IE BUG LETS FAKE SITES LOOK REAL
Microsoft on Tuesday said it was looking into reports of a 
potential bug in its Web browser that could help malicious 
hackers design convincing Web site spoofs.
http://www.net-security.org/news.php?id=4240


UK SPAM BAN COMES INTO FORCE
Sending unsolicited e-mails, or spam, in Britain in now a criminal 
offense under new laws that came into force on Thursday.
http://www.net-security.org/news.php?id=4241


FIRMS FIGHT 500 INTERNET ATTACKS A MONTH
Small businesses facing onslaught from viruses, worms and DoS 
attempts, warns research.
http://www.net-security.org/news.php?id=4242


SCO WEB SITE ATTACKED AGAIN? MAYBE
SCO has reported that they are experiencing an attack on their 
servers. Groklaw has been flooded with information that indicates 
their story doesn't add up.
http://www.net-security.org/news.php?id=4243


WORM PROPAGATION IN PROTECTED NETWORKS
Many documents explore worm propagation methods across the 
global Internet. In contrast, this analysis focuses on the impact 
of three prominent worms (Blaster, Slammer, and Code Red I/II) 
inside protected networks, once the security perimeter has 
been breached.
http://www.net-security.org/news.php?id=4244


IE PHISHING SCAM EXPLOIT UNEARTHED
Security researchers have discovered a way for scam artists to 
disguise more effectively the location of bogus Web sites.
http://www.net-security.org/news.php?id=4245


BUGWATCH: PROVE YOU BELIEVE IN PRIVACY
Privacy issues should not be the concern of IT professionals alone 
but of all users.
http://www.net-security.org/news.php?id=4246


TO EXPLOIT OR NOT TO EXPLOIT
Hackers tread a thin boundary of what is and is not legally 
accepted, and what is and is not ethical. They explore computer 
systems, prod for vulnerabilities, and hope to discover a flaw 
that has gone unnoticed so far.
http://www.net-security.org/news.php?id=4247


IN A DATA-MINING SOCIETY, PRIVACY ADVOCATES SHUDDER
Edward Socorro had a good thing going as a sales manager with 
Hilton Hotels Corp. But not long after he started, a company hired 
by Hilton to do background checks on new employees reported 
that Socorro once spent six months in jail.
http://www.net-security.org/news.php?id=4248


ISSUES SURROUNDING LINUX AND IMPLICATIONS FOR IT MANAGERS
The purpose of this paper is to provide analysis on the Linux 
operating system along with Open Source software in general.
http://www.net-security.org/news.php?id=4249


SINGLE SIGN-ON SECURITY WITH TIVOLI ACCESS MANAGER TUTORIAL
Here's a good tutorial for optimising the enduser experience in 
regard to eliminating multiple logons, while maintaining tight 
website security.
http://www.net-security.org/news.php?id=4253


MACS ARE NOT INVULNERABLE
I know this is wrong, but in one respect I was happy to learn earlier 
this month about the discovery of a significant security hole in the 
Jaguar and Panther versions (10.2 and 10.3, respectively) of the 
Apple operating system (OS).
http://www.net-security.org/news.php?id=4254


BILL GATES TO ADDRESS RSA CONFERENCE
Microsoft Corp. Chairman and Chief Software Architect Bill Gates 
will address the RSA Conference 2004 in February.
http://www.net-security.org/news.php?id=4255


COUNTERFEITERS HAVE NEW IMAGING TECH, TOO
Forged checks have always been a problem, but increasingly 
sophisticated technology is making it easier to create these 
checks. Today, it is not uncommon to see forged checks of 
more than one million dollars-so banks must be on the alert.
http://www.net-security.org/news.php?id=4256


MY SYSADMIN IS A SPECIAL CONSTABLE
Parliamentary lobby group EURIM is working with MPs and industry 
groups to draw a blueprint for the fight against cyber-crime.
http://www.net-security.org/news.php?id=4257


VIRGINIA NABS TWO BIG SPAMMERS
Two prolific spammers from North Carolina are facing four felony 
charges for sending thousands of unsolicited e-mail pitches. Each 
count under Virginia's tough antispam law carries up to five years 
in prison and fines of up to $2,500.
http://www.net-security.org/news.php?id=4258


INFOSEC 2003: 'ZERO-DAY' ATTACKS SEEN AS GROWING THREAT
"Zero-day" attacks that take advantage of software vulnerabilities 
for which there are no available fixes are emerging as a major threat 
to corporate security.
http://www.net-security.org/news.php?id=4259


THE CIO AS A SECURITY STRATEGIST
While some pundits say that security should be the responsibility 
of a separate individual, a chief security officer (CSO), corporate 
India still relies on its CIOs to protect information from the 
barbarians at the gate, says Rahul Neel Mani.
http://www.net-security.org/news.php?id=4260


LOS ALAMOS NATIONAL LAB SUFFERS SECURITY LAPSE
Officials say they can't account for a high-capacity disk and nine 
diskettes but that they may have been destroyed and simply 
not accounted for.
http://www.net-security.org/news.php?id=4261


COMMENTARY: DOS ATTACK--PAYING FOR OTHERS' PROBLEMS
It's hard to feel sympathy for the SCO Group these days. The 
litigious company has tried to lay claim to some key parts of 
the Linux operating system as part of its contract dispute with 
IBM, a move that has distracted an important part of software 
development.
http://www.net-security.org/news.php?id=4262

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

Mambo Open Source 4.0.14 SQL Injection Vulnerability
http://www.net-security.org/vuln.php?id=3124


Sybase Anywhere 9 Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3123


Visitorbook LE Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3122 


Multiple Vendor SOAP Server (XML Parser) Attribute 
Blowup Denial of Service Vulnerabilities
http://www.net-security.org/vuln.php?id=3121


BNCweb File Disclosure Vulnerability
http://www.net-security.org/vuln.php?id=3120


@Mail Web Interface Multiple Security Vulnerabilities
http://www.net-security.org/vuln.php?id=3119


Xoops Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3118


Cdwrite 1.3 Insecure Tmp File Handling Vulnerability
http://www.net-security.org/vuln.php?id=3117


eZ Multiple Packages Stack Overflow Vulnerability
http://www.net-security.org/vuln.php?id=3116


Ben's Guestbook Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=3115


VP-ASP Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=3114


PLDaniels Ebola Remote Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=3113


Appleshare IP FTP Server Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=3112


Linux 4inarow Game Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3111


Alan Ward Acart Improper Authentication Check Vulnerability
http://www.net-security.org/vuln.php?id=3110


Alan Ward Acart register.asp Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=3109


Alan Ward Acart msg Parameter Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=3108


Alan Ward Acart Plaintext Passwords Vulnerability
http://www.net-security.org/vuln.php?id=3107

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Mandrake Linux Security Update Advisory - net-snmp (MDKSA-2003:115)
http://www.net-security.org/advisory.php?id=2810


Gentoo Linux Security Announcement - app-crypt/gnupg (200312-05)
http://www.net-security.org/advisory.php?id=2809


Slackware Security Advisory - cvs security update (SSA:2003-345-01)
http://www.net-security.org/advisory.php?id=2808


SGI Security Advisory - SGI Advanced Linux Environment 
security update #6 (20031202-01-U)
http://www.net-security.org/advisory.php?id=2807


Red Hat Security Advisory - Updated gnupg packages 
disable ElGamal keys (RHSA-2003:390-01)
http://www.net-security.org/advisory.php?id=2806


Mandrake Linux Security Update Advisory - ethereal (MDKSA-2003:114)
http://www.net-security.org/advisory.php?id=2805


Mandrake Linux Security Update Advisory - cvs (MDKSA-2003:112-1)
http://www.net-security.org/advisory.php?id=2804


Gentoo Linux Security Announcement - dev-util/cvs (200312-04)
http://www.net-security.org/advisory.php?id=2803


Cisco Security Advisory - Unity Vulnerabilities on IBM-based Servers
http://www.net-security.org/advisory.php?id=2802


Conectiva Linux Security Announcement - gnupg (CLA-2003:798)
http://www.net-security.org/advisory.php?id=2801


Immunix Secured OS Security Advisory - rsync (IMNX-2003-73-001-01)
http://www.net-security.org/advisory.php?id=2800


Mandrake Linux Security Update Advisory - screen (MDKSA-2003:113)
http://www.net-security.org/advisory.php?id=2799


Mandrake Linux Security Update Advisory - cvs (MDKSA-2003:112)
http://www.net-security.org/advisory.php?id=2798


Apple Security Advisory - Security Update 2003-12-05 
(APPLE-SA-2003-12-05)
http://www.net-security.org/advisory.php?id=2797


Turbolinux Security Announcement - glibc and rsync(06/Dec/2003)
http://www.net-security.org/advisory.php?id=2796


Conectiva Linux Security Announcement - kernel
http://www.net-security.org/advisory.php?id=2795


Slackware Security Advisory - rsync security update 
(SSA:2003-337-01)
http://www.net-security.org/advisory.php?id=2794


SGI Security Advisory - rpc.mountd Vulnerabilities (20031102-02-P)
http://www.net-security.org/advisory.php?id=2793

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org

----------------------------------------------------------------

INTERVIEW WITH MICHAEL J. WEBER
In this interview with Help Net Security, the author of "Invasion of 
Privacy" discusses the privacy and security issues regular users are 
troubled with and offers and insight into his latest book.
http://www.net-security.org/article.php?id=611


REMOTE HOT SPOT - THE MARKET FOR SSL VPNS CATCHES FIRE
Infonetics Research, for example, predicts that SSL VPNs will 
become a $607m market opportunity by 2006. Mobile-enabled 
workers are the future, and SSL VPN networks offer them a 
secure, straight, simple access route to their data.
http://www.net-security.org/article.php?id=612


OVERVIEW OF VIRUS BULLETIN DECEMBER 2003 ISSUE
In this article you discover what's included in the latest issue of 
the world's authority when it comes to information on viruses.
http://net-security.org/article.php?id=613


HACKPROOFING DB2
This presentation by Aaron C. Newman, CTO of Application Security, 
discusses DB2 security as well as database vulnerabilities.
http://net-security.org/article.php?id=614

----------------------------------------------------------------




[ Reviews ]


All reviews are located at: 
http://www.net-security.org/reviews.php 


----------------------------------------------------------------

OPEN SOURCE NETWORK ADMINISTRATION
You would think that with all the information that comes with a 
Linux or Unix operating system and the wealth of information that 
can be found online that a book of this type is unnecessary. When 
you pick it up you also realize it's not one of those mammoth 
guides. So what did the author put into this title to make it 
interesting for all you network administrators using or interested 
in using open source tools? Read on to find out.
http://www.net-security.org/review.php?id=116


WIRELESS HACKS
Wireless networks are something quite new for the majority of 
computer users. We know its pros and cons, its security issues, 
but we don't have so much experience to create our own 
workarounds, helping tools and similar gadgets. Flickenger 
has that kind of experience and unselfishly shares that 
knowledge with his readers.
http://www.net-security.org/review.php?id=117

----------------------------------------------------------------




[ Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2


----------------------------------------------------------------

BTSCANNER 1.0
btscanner is a tool designed specifically to extract as much 
information as possible from a Bluetooth device without the 
requirement to pair.
http://www.net-security.org/software_d.php?id=529


PWSEX 1.0 BETA 2
The Proactive Windows Security Explorer (PWSEX) is a password 
security test tool that's designed to allow Windows NT, Windows 
2000, and Windows XP- based systems administrators to identify 
and close security holes in their networks.
http://www.net-security.org/software.php?id=530


ROOTKIT HUNTER 1.00RC1
Rootkit scanner is scanning tool to ensure you for about 99.9% 
you're clean of nasty tools.
http://www.net-security.org/software.php?id=531

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at: 
http://www.net-security.org/webcasts.php


----------------------------------------------------------------

Tripwire for Servers: Overview and Product Demo
Organized by Tripwire on 16 December 2003, 9:00 AM PDT
http://www.net-security.org/webcast.php?id=146


Applying Technology to Regulatory Compliance
Organized by Network Associates on 16 December 2003, 11:00 AM PT
http://www.net-security.org/webcast.php?id=85


Architecting Your 802.1x-Based WLAN Deployment
Organized by Funk Software on 16 December 2003, 1:00 PM EST
http://www.net-security.org/webcast.php?id=147


Tripwire for Network Devices: Overview and Product Demo
Organized by Tripwire on 18 December 2003, 11:00 AM PDT
http://www.net-security.org/webcast.php?id=145


The Basics of WLAN Security
Organized by Funk Software on 6 January 2004, 1:00 PM EDT
http://www.net-security.org/webcast.php?id=148


Penetration Testing with CORE IMPACT
Organized by Core Security Technologies on 6 January 2004, 2:00 PM ET
http://www.net-security.org/webcast.php?id=150


Best Practices: Taking Proactive Measures Before The Next Exploit
Organized by eEye on 22 January 2004, 2:00 PM PST 
http://www.net-security.org/webcast.php?id=149

----------------------------------------------------------------




[ Conferences ]


All conferences are located at: 
http://www.net-security.org/conferences.php


----------------------------------------------------------------

Access Denied 2004
Organized by New Leaf Productions - 11 January-13 January 2004
http://www.net-security.org/conference.php?id=75


IT-Defense 2004
Organized by cirosec GmbH/dpunkt.Verlag - 28 January -
30 January 2004
http://www.net-security.org/conference.php?id=56


Infosecurity Italia 2004
Organized by Fiera Milano International - 13 February -
14 February 2004
http://www.net-security.org/conference.php?id=34


Southeast Cybercrime Summit 2004
Organized by ATLCCS - 2 March-5 March 2004
http://www.net-security.org/conference.php?id=77


InfoSec World Conference and Expo 2004
Organized by MIS Training Institute - 22 March-24 March 2004
http://www.net-security.org/conference.php?id=68


RSA Conference 2004 USA
Organized by RSA Security - 13 April-17 April 2004
http://www.net-security.org/conference.php?id=55


Infosecurity Europe 2004
Organized by Reed Exhibitions - 27 April-29 April 2004
http://www.net-security.org/conference.php?id=27


Dallascon Security Conference 2004
Organized by DallasCon - 1 May-2 May 2004
http://www.net-security.org/conference.php?id=73


16th Annual FIRST Conference
Organized by FIRST - 13 June-18 June 2004
http://www.net-security.org/conference.php?id=22


NetSec 2004
Organized by Computer Security Institute - 14 June-16 June 2004
http://www.net-security.org/conference.php?id=20


2004 USENIX Annual Technical Conference
Organized by USENIX Association - 27 June-2 July 2004
http://www.net-security.org/conference.php?id=66


DIMVA 2004
Organized by German Informatics Society - 6 July-7 July 2004
http://www.net-security.org/conference.php?id=47


13th USENIX Security Symposium
Organized by USENIX Association - 9 August-13 August 2004 
http://www.net-security.org/conference.php?id=67

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org

----------------------------------------------------------------

Secure Handling of Plug&Play Hardware in Enterprise Environments
http://www.net-security.org/press.php?id=1889


InfoExpress Introduces CyberGatekeeper LAN, The First Solution 
for Enforcing Security Policies on All LAN Endpoint Devices
http://www.net-security.org/press.php?id=1888


Astaro Unveils Configuration Manager for Management of Security 
Policies Across Multiple Network Security Devices
http://www.net-security.org/press.php?id=1887


Pointsec Wins Contract Worth 1.2m Euros from AstraZenenca 
to Secure Their Mobile Devices
http://www.net-security.org/press.php?id=1886


Symmetricom Announces Domain Time II Audit Server
http://www.net-security.org/press.php?id=1885


Excedent Appoints Kevin Minnick, VP of Product Development
http://www.net-security.org/press.php?id=1884


Online Shopping and Spam Floods Before Christmas
http://www.net-security.org/press.php?id=1883


Panda Software and Europe Online (EOL) Team Up Against 
Viruses and Intruders 
http://www.net-security.org/press.php?id=1882

----------------------------------------------------------------




[ Virus News ]


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

Weekly Virus Report - Scold.A and Alphx.B Worms and 
Downloader.L Trojan
http://www.net-security.org/virus_news.php?id=334

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
GET THAWTE’S NEW STEP-BY-STEP SSL GUIDE FOR MSIIS
----------------------------------------------------------------
In this guide you will find out how to test, purchase, install 
and use a Thawte Digital Certificate on you MSIIS web server. 
Throughout, best practices for set-up are highlighted to help 
you ensure efficient ongoing management of your encryption 
keys and digital certificates.
----------------------------------------------------------------
Get you copy of this new guide now:
http://ad.doubleclick.net/clk;6091068;8369143;p
----------------------------------------------------------------