HNS Newsletter
Issue 204 - 15.03.2004.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week.


----------------------------------------------------------------
ETHICAL HACKING: SECURITY TESTING FOR PROFESSIONALS
----------------------------------------------------------------
This course teaches you a repeatable, documentable methodology 
that can be used in a professional security testing or penetration 
testing situation.

Get 400$ OFF when you mention Help Net Security!
http://www.net-security.org/v/infosec/
----------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Reviews
6) Software
7) Webcasts
8) Conferences
9) Security world
10) Virus news


[ Security news ]

 
----------------------------------------------------------------

SECURITY FORENSICS
As has been stated more frequently than most people care to 
remember, security in IT is important.
http://www.net-security.org/news.php?id=4778


FEDS: E-MAIL SUBPOENA RULING HURTS LAW ENFORCEMENT
An appeals court refuses to reconsider a ruling that an overbroad 
subpoena for stored e-mail can qualify as a computer intrusion, 
despite a plea from the Justice Department to rethink the decision.
http://www.net-security.org/news.php?id=4779


A CRASH COURSE IN SECURITY INCIDENT REPORTING
Security incidents that federal agencies reported in 2003 reveal 
a sharply divided picture of information security across the 
federal government.
http://www.net-security.org/news.php?id=4780


IIS 6.0 SECURITY
This article discusses the major default configuration and design 
changes incorporated in IIS 6.0 to make it a more secure platform 
for hosting critical web applications.
http://www.net-security.org/news.php?id=4781


WINDOWS SERVER 2003 UPDATE TO PRECEDE LONGHORN
Stirring up its Windows Server product road map, Microsoft said 
Friday it plans to ship an updated version of its Windows Server 
2003 product before a Longhorn version of the server operating 
system, expected by about 2007.
http://www.net-security.org/news.php?id=4782


CAMERA PHONES COULD THREATEN COMPANY SECURITY
Businesses are concerned that camera phones can compromise their 
security and employees' privacy, and many businesses are trying to 
ban camera phones from their offices.
http://www.net-security.org/news.php?id=4783


NETWORKING IMPROVEMENTS IN THE 2.6 KERNEL
The new Linux kernel includes support for and improvements in many 
areas of networking: from tunneling and better file security to 
encryption and privacy protection. This article covers how these 
improvements affect users even as they make Linux more secure 
and more enterprise-ready.
http://www.net-security.org/news.php?id=4784


U.S. URGED TO TAKE LEAD IN ISSUING BIOMETRIC PASSPORTS
The State Department should begin issuing passports with chips 
containing biographic information later in the year; an assistant 
secretary of state says the United States needs to take the lead 
encourage other nations to issue similar passports.
http://www.net-security.org/news.php?id=4785


STATES JOIN SPYWARE BATTLE
The drive to control "spyware" and other software that hijacks 
personal computers without owners' permission is spreading to 
state legislatures, turning up pressure on PC pests.
http://www.net-security.org/news.php?id=4786


CALIFORNIAN ISP SUES BOB VILA SITE FOR SPAM
Californian ISP Hypertouch is taking home improvement website 
BobVila.com and its marketing agency to court for alleged violations 
of America's CAN-SPAM Act.
http://www.net-security.org/news.php?id=4787


SCO.COM EMERGES FROM VIRUS BATTLE
SCO Group's primary Web site has only just returned to service after 
being knocked off the Internet more than a month ago by MyDoom.A.
http://www.net-security.org/news.php?id=4788


CARD FRAUD FIGURES SHOW RISE IN ID THEFT
Cardholder-not-present tops Apacs plastic card crime league.
http://www.net-security.org/news.php?id=4789


NEW SOBER WORM POSES AS MICROSOFT PATCH
A new virus discovered Monday plays off fears generated by last 
week's wave of worms by masquerading as a patch from Microsoft 
that purportedly keeps MyDoom at bay.
http://www.net-security.org/news.php?id=4790


LINUX KERNEL VULN RELOADED
Security researchers have discovered a potentialy serious security 
vulnerability within a Linux kernel memory management module.
http://www.net-security.org/news.php?id=4791


CISCO EXPANDS INTEGRATED SECURITY SYSTEM PORTFOLIO
Cisco Systems on Tuesday expanded its integrated security systems 
product portfolio, unveiling a smorgasbord of new hardware and 
software tools designed to facilitate enhanced performance, 
flexibility, and network resilience to security threats.
http://www.net-security.org/news.php?id=4793


BRUCE SCHNEIER ON AIRPORT SECURITY
Security is only as strong as its weakest link; three locks on the 
front door do little good if the back door is open. Likewise, the 
air transportation system is only as secure as the country's most 
insecure airport, because once someone passes through security 
at one location, they don't have to do so at another.
http://www.net-security.org/news.php?id=4794


'THIS IS THE FINAL VARIANT' SAYS NETSKY VIRUS WRITER
Should we believe it? Virus writers are so reliable normally…
http://www.net-security.org/news.php?id=4795


SSL'S CREDIBILITY AS PHISHING DEFENSE IS TESTED
Internet "phishing" scams are incorporating the use of SSL 
certificates - both real and faked - in their efforts to trick users 
into divulging sensitive login information for financial accounts.
http://www.net-security.org/news.php?id=4796


APPLICATION FIREWALLS ADD WEB SERVICES
Web application firewalls are evolving to support XML- and Web 
services-based applications, and vendors Teros and NetContinuum 
are both driving upcoming product releases in that direction.
http://www.net-security.org/news.php?id=4797


GOOGLING UP PASSWORDS
Google is in many ways the most useful tool available to the bad 
guys, and the most dangerous Web site on the Internet for many, 
many thousands of individuals and organizations.
http://www.net-security.org/news.php?id=4799


MICROSOFT'S HIGH-RISK SECURITY STRATEGY
Fighting to protect its operating system monopoly by making Windows 
more secure, Microsoft this year finds itself sitting between the 
rock of inevitable antitrust oversight, and the hard place of its 
reputation regarding security.
http://www.net-security.org/news.php?id=4800


A PEEK AT SCRIPT KIDDIE CULTURE
From the (edited) interview transcript with Andrew D. Kirch you'll 
learn that one of the "new waves" in DDoS coordination is hijacking 
corporate conference call facilities.
http://www.net-security.org/news.php?id=4801


NET USERS WARNED ABOUT EBAY FRAUD
The NSW government and police today warned internet buyers about 
serial fraudsters preying on customers using the Australian site of 
the world's most popular online auction service.
http://www.net-security.org/news.php?id=4802


BYPASSING CHINA'S NET FIREWALL
Numerous efforts are under way in the West to help Chinese web 
users get around China's censorship of the internet.
http://www.net-security.org/news.php?id=4803


INTERNET PROVIDERS SUE HUNDREDS FOR SPAM
Leading Internet companies, in an unusual joint effort among corporate 
rivals, announced six lawsuits Wednesday against hundreds of people 
accused of sending millions of unwanted e-mails in violation of the 
new federal law against "spam."
http://www.net-security.org/news.php?id=4804


MICROSOFT RETHINKS LATEST SECURITY PATCH
One day after releasing a trio of security patches, Microsoft is 
upgrading the seriousness of one of those fixes to "critical."
http://www.net-security.org/news.php?id=4805


RISK MANAGEMENT SEEN KEY TO IT SECURITY
In IT security, emotional reactions, panic and legislation are 
counterproductive. But intelligent risk management can enable 
organizations to face an uncertain future optimistically.
http://www.net-security.org/news.php?id=4806


RESUME FRAUD GETS SLICKER AND EASIER
Simple misrepresentation of facts on a resume is passe. Lying 
convincingly is in.
http://www.net-security.org/news.php?id=4807


SYMBIOT LAUNCHES DDOS COUNTER-STRIKE TOOL
Security company Symbiot is about to launch a product that can hit 
back at hackers and DDoS attacks by lashing out with its own arsenal 
of tricks, but experts say it may just be a bit too trigger-happy.
http://www.net-security.org/news.php?id=4808


HACKING NEED NOT ALWAYS BE A DIRTY WORD
Most look at a toaster and see a kitchen appliance. Scott Fullam 
looks at a toaster and sees an engineering challenge. The result: 
a toaster that burns the words "hot" or "cool" on the side of a 
bread slice.
http://www.net-security.org/news.php?id=4809


CUSTOMERS REQUIRED TO WAIVE RIGHT TO SUE
In the face of ongoing attacks by computer hackers, some companies 
that store their customers' personal data are adopting a new defensive
tactic: If your information is stolen, they're not legally responsible.
http://www.net-security.org/news.php?id=4810


WHY ARE VIRUS ATTACKS GETTING WORSE?
Why have we seen so many new virus attacks in recent weeks?
http://www.net-security.org/news.php?id=4811


TOUCHING SAP DATA: USER ACCESS AND BIOMETRICS
Enterprises can record when users access data in an SAP system, 
but biometrics makes it possible to add physical evidence to the log.
http://www.net-security.org/news.php?id=4813


WE'RE JUST INNOCENT TECHIES, SAY ACCUSED SPAMMERS
Lawyers for a Florida firm accused of inundating AOL users with spam 
have hit back with a motion seeking to dismiss the lawsuit.
http://www.net-security.org/news.php?id=4814


SECURE CODING? ABSOLUTELY
Andrew Briney's column, "Secure Coding? Bah!" (January 2004), struck 
a chord, as it should have been titled "Secure Coding? Absolutely." 
Given that the software industry as a whole has never made a 
concerted effort to write better code, it's far too early to throw 
in the towel.
http://www.net-security.org/news.php?id=4815


THE RETHINKING OF COMPUTER SECURITY
The security industry is in the midst of a transition, one that 
promises to profoundly change the way businesses think about 
the subject.
http://www.net-security.org/news.php?id=4816


INSIDE THE DOD'S CRIME LAB
Digital evidence comes in all shapes and sizes: pallets full of 
computers, a hard drive with an AK-47 bullet hole in it, audio 
tapes fished out of the ocean, mangled floppies, garbled 911 calls.
http://www.net-security.org/news.php?id=4817


PKI APPLIANCE GOES FOR SELECTIVE SECURITY
A system from Ingrian Networks aims to end network security 
overkill by concentrating on the important bits.
http://www.net-security.org/news.php?id=4818


802.11I AND WPA2: ADDRESSING WLAN SECURITY WEAKNESSES
As it stands now, WPA2 exists as a subset of the pending 802.11i 
standard and is designed within the 802.1X framework. It provides 
a snapshot of how to address weaknesses with robust key 
management and encryption.
http://www.net-security.org/news.php?id=4819


SECURITY APPLIANCES
Is your business properly protected from today's security hackers? 
We tested several security appliances and found Fortinet's 
FortiGate 60 to be the leader of the pack.
http://www.net-security.org/news.php?id=4820

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

EpicGames Unreal Engine Format String Vulnerability
http://www.net-security.org/vuln.php?id=3322


Pegasi Web Server 0.2.2 Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3321


MyProxy 20030629 Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=3320


wMCam Server Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=3319


Microsoft Outlook "mailto:" Parameter Passing Vulnerability
http://www.net-security.org/vuln.php?id=3318


IBM DB2 Remote Command Execution Privilege Upgrade Vulnerability
http://www.net-security.org/vuln.php?id=3317


SLWebMail Multiple Buffer Overflow Vulnerabilities
http://www.net-security.org/vuln.php?id=3316


SLMail Pro Supervisor Report Center Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=3315


PWebServer 0.3.3 Directory Traversal Vulnerability
http://www.net-security.org/vuln.php?id=3314


WFTPD Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=3313


Invision Power Board SQL Injection Vulnerability
http://www.net-security.org/vuln.php?id=3312


InnoMedia VideoPhone Authorization Bypass Vulnerability 
http://www.net-security.org/vuln.php?id=3311

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

cPanel Security Advisory - CPANEL-2004:01-01
http://www.net-security.org/advisory.php?id=3083


SOT Linux Security Advisory - Updated gdk-pixbuf package 
for SOT Linux 2003 (SLSA-2004:6)
http://www.net-security.org/advisory.php?id=3082


US-CERT Technical Cyber Security Alert TA04-070A -- Microsoft 
Outlook mailto URL Handling Vulnerability
http://www.net-security.org/advisory.php?id=3081


Microsoft Office Security Bulletin Summary for March 2004 (Revised)
http://www.net-security.org/advisory.php?id=3080


Debian Security Advisory - New sysstat packages fix insecure 
temporary file creation (DSA 460-1)
http://www.net-security.org/advisory.php?id=3079


Debian Security Advisory - New kdelibs, kdelibs-crypto packages 
fix cookie traversal bug (DSA 459-1)
http://www.net-security.org/advisory.php?id=3078


Mandrakelinux Security Update Advisory - kdelibs (MDKSA-2004:022)
http://www.net-security.org/advisory.php?id=3077


Mandrakelinux Security Update Advisory - mozilla (MDKSA-2004:021)
http://www.net-security.org/advisory.php?id=3076


Mandrakelinux Security Update Advisory - gdk-pixbuf (MDKSA-2004:020)
http://www.net-security.org/advisory.php?id=3075


Red Hat Security Advisory - Updated sysstat packages fix security 
vulnerabilities (RHSA-2004:093-01)
http://www.net-security.org/advisory.php?id=3074


Red Hat Security Advisory - Updated gdk-pixbuf packages fix denial 
of service vulnerability (RHSA-2004:102-01)
http://www.net-security.org/advisory.php?id=3073


Red Hat Security Advisory - Updated kdelibs packages resolve cookie 
security issue (RHSA-2004:075-01)
http://www.net-security.org/advisory.php?id=3072


Debian Security Advisory - New python2.2 packages fix buffer 
overflow (DSA 458-1)
http://www.net-security.org/advisory.php?id=3071


Mandrakelinux Security Update Advisory - python (MDKSA-2004:019)
http://www.net-security.org/advisory.php?id=3070


Netwosix Linux Security Advisory - libxml2 (2004-0004)
http://www.net-security.org/advisory.php?id=3069


Microsoft Security Bulletin MS03-22 - Vulnerability in ISAPI 
Extension for Windows Media Services Could Cause Code 
Execution (822343)
http://www.net-security.org/advisory.php?id=3068


Microsoft MSN Products Security Bulletin Summary for March 2004
http://www.net-security.org/advisory.php?id=3067


Microsoft Security Updates Summary For March 2004
http://www.net-security.org/advisory.php?id=3066


Microsoft Office Security Bulletin Summary for March 2004
http://www.net-security.org/advisory.php?id=3065


Microsoft Windows Security Bulletin Summary for March 2004
http://www.net-security.org/advisory.php?id=3064


NetScreen Advisory - XSS Bug in NetScreen-SA SSL VPN (58412)
http://www.net-security.org/advisory.php?id=3063


Debian Security Advisory - New wu-ftpd packages fix 
multiple vulnerabilities (DSA 457-1)
http://www.net-security.org/advisory.php?id=3062


OpenPKG Security Advisory - mutt (OpenPKG-SA-2004.005)
http://www.net-security.org/advisory.php?id=3061


OpenPKG Security Advisory - libtool (OpenPKG-SA-2004.004)
http://www.net-security.org/advisory.php?id=3060


Gentoo Linux Security Advisory - Linux kernel do_mremap local 
privilege escalation vulnerability (GLSA 200403-02)
http://www.net-security.org/advisory.php?id=3059


Gentoo Linux Security Advisory - Libxml2 URI Parsing Buffer 
Overflow Vulnerabilities (GLSA 200403-01)
http://www.net-security.org/advisory.php?id=3058


Trustix Secure Linux Security Advisory - libxml2 (2004-0010)
http://www.net-security.org/advisory.php?id=3057


Trustix Secure Linux Security Advisory - nfs-utils (2004-0009)
http://www.net-security.org/advisory.php?id=3056


Debian Security Advisory - New Linux 2.2.19 packages fix local 
root exploit (arm) (DSA 456-1)
http://www.net-security.org/advisory.php?id=3055


OpenPKG Security Advisory - libxml (OpenPKG-SA-2004.003) 
http://www.net-security.org/advisory.php?id=3054

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org

----------------------------------------------------------------

QWIK-FIX PRO - TECHNICAL WHITEPAPER
Qwik-Fix Pro works to proactively protect against threats to the 
Microsoft Windows platform before they are discovered and well 
before malicious code writers have a chance to develop exploits 
to compromise hosts that are vulnerable.
http://www.net-security.org/article.php?id=664


PATCH MANAGEMENT
Before rushing out and patching every system, when a new patch 
is released, a Network Manager must understand the patch and 
what it is doing. It also needs to be tested on a test network 
running the business applications prior to be rolled out. The roll 
out of a patch could compromise your business if it breaks the 
business software and stops everyone from working. It would 
not be the first time... 
http://www.net-security.org/article.php?id=663

----------------------------------------------------------------




[ Reviews ]


All reviews are located at: 
http://www.net-security.org/reviews.php 


----------------------------------------------------------------

LANGUARD NETWORK SECURITY SCANNER 3.3
In order to maintain your systems secure you need to keep a 
constant watch at what vulnerabilities have been released and 
what your machines are running. Today I'm taking a look at a 
software title already well-known in the security community 
that can help you secure your systems.
http://www.net-security.org/review.php?id=126

----------------------------------------------------------------




[ Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2


----------------------------------------------------------------

JPORTSCANNER 1.0.4
jPortScanner is a Java port scan utility.
http://www.net-security.org/software.php?id=540

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at: 
http://www.net-security.org/webcasts.php


----------------------------------------------------------------

Tripwire for Network Devices: Overview and Product Demo
Organized by Tripwire on 16 March 2004, 9:00 AM PDT
http://www.net-security.org/webcast.php?id=239


Stopping spam in the educational environment: Stanford and 
University of Washington case studies
Organized by Sophos on 16 March 2004, 10:00 AM PST
http://www.net-security.org/webcast.php?id=234


Network Forensics Made Easy
Organized by eEye on 16 March 2004, 11:00 AM PST
http://www.net-security.org/webcast.php?id=244


Automate Remediation Activities for Efficient Vulnerability 
Management
Organized by eEye on 18 March 2004, 10:00 AM PST
http://www.net-security.org/webcast.php?id=245


Effective Strategies to Protect Your Network from Malware
Organized by Foundstone on 18 March 2004, 5:00 PM CET
http://www.net-security.org/webcast.php?id=219


Closing the Loop in Change Management
Organized by Tripwire on 19 March 2004, 11:00 AM PDT
http://www.net-security.org/webcast.php?id=238


Tripwire for Servers: Overview and Product Demo
Organized by Tripwire on 23 March 2004, 9:00 AM PDT
http://www.net-security.org/webcast.php?id=240


Using Enterprise Vulnerability Assessment to Detect, Prioritize 
And Remediate Vulnerabilities
Organized by eEye on 23 March 2004, 11:00 AM PST
http://www.net-security.org/webcast.php?id=246


Top Five Web Application Server Protection Strategies
Organized by eEye on 24 March 2004, 11:00 AM PST
http://www.net-security.org/webcast.php?id=247


Stop Internet Attacks in Their Tracks with Proventia
Organized by ISS on 25 March 2004, 12:00 PM EST
http://www.net-security.org/webcast.php?id=248


Tripwire Challenge Series: The IT Audit
Organized by Tripwire on 26 March 2004, 11:00 AM PDT
http://www.net-security.org/webcast.php?id=241


Sophos Anti-Virus: Stopping viruses in the educational environment
Organized by Sophos on 30 March 2004, 1:00 PM PST
http://www.net-security.org/webcast.php?id=235


Security with the Visual Studio Tools for the Microsoft 
Office System
Organized by Microsoft on 5 May 2004, 11:00 AM PT 
http://www.net-security.org/webcast.php?id=212

----------------------------------------------------------------




[ Conferences ]


All conferences are located at: 
http://www.net-security.org/conferences.php


----------------------------------------------------------------

InfoSec World Conference and Expo 2004
Organized by MIS Training Institute - 22 March-24 March 2004
http://www.net-security.org/conference.php?id=68


cansecwest/core04 Conference
Organized by Dursec Ltd. - 21 April-23 April 2004
http://www.net-security.org/conference.php?id=85


Infosecurity Europe 2004
Organized by Reed Exhibitions - 27 April-29 April 2004
http://www.net-security.org/conference.php?id=27


Dallascon Security Conference 2004
Organized by DallasCon - 1 May-2 May 2004
http://www.net-security.org/conference.php?id=73


RSA Conference 2004 Japan
Organized by RSA Conference 2004 Japan Executive Comittee - 
31 May-1 June 2004
http://www.net-security.org/conference.php?id=82


Infosecurity Canada Conference & Exhibition 2004
Organized by Reed Exhibitions - 1 June-3 June 2004
http://www.net-security.org/conference.php?id=86


BCS Birmingham IT Security Conference 2004
Organized by British Computer Society - 8 June-8 June 2004
http://www.net-security.org/conference.php?id=81


16th Annual FIRST Conference
Organized by FIRST - 13 June-18 June 2004
http://www.net-security.org/conference.php?id=22


NetSec 2004
Organized by Computer Security Institute - 14 June-16 June 2004
http://www.net-security.org/conference.php?id=20


2004 USENIX Annual Technical Conference
Organized by USENIX Association - 27 June-2 July 2004
http://www.net-security.org/conference.php?id=66


DIMVA 2004
Organized by German Informatics Society - 6 July-7 July 2004
http://www.net-security.org/conference.php?id=47


13th USENIX Security Symposium
Organized by USENIX Association - 9 August-13 August 2004
http://www.net-security.org/conference.php?id=67


The 14th Virus Bulletin International Conference (VB2004)
Organized by Virus Bulletin - 29 September-1 October 2004 
http://www.net-security.org/conference.php?id=83

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org

----------------------------------------------------------------

SCB Solutions, Inc. to Launch a New Range of Applications 
for "Smart Cards and Beyond"
http://www.net-security.org/press.php?id=2019


Citadel Security Software Joins The Cyber Security Industry Alliance
http://www.net-security.org/press.php?id=2018


Panda Software Presents its New Technologies for Virus 
and Intrusion Prevention at CeBIT 2004
http://www.net-security.org/press.php?id=2017


GFI MailSecurity's Exploit Engine Safeguards Against New 
High Risk Outlook Vulnerability
http://www.net-security.org/press.php?id=2016


Tumbleweed Announces Availability Of Anti-Spam Quarantine 
Manager To Eliminate False Positives
http://www.net-security.org/press.php?id=2015


North East Wales NHS Trust to Pilot iLumin’s Secure Mail 
System Secure-DX
http://www.net-security.org/press.php?id=2014


Privacyware Releases ThreatSentryT Small Business Edition - Neural 
Intrusion Detection and Prevention System for Microsoft IIS
http://www.net-security.org/press.php?id=2013


Forum Systems Named First Web Services Security Vendor To Be Awarded
Department Of Defense Public Key Infrastructure (DOD-PKI) Certification
http://www.net-security.org/press.php?id=2012


The Board Of Directors Have Signed The Terms Of Merger 
Between SSH and ACR
http://www.net-security.org/press.php?id=2011


Sanctum Delivers First Security Testing Solution to Accelerate and 
Streamline Security Assurance across Entire Enterprise
http://www.net-security.org/press.php?id=2010


MicroOLAP Technologies Has Created Components For The Raw Network 
Traffic Capture With Unprecedented Operating Performance 
http://www.net-security.org/press.php?id=2009

----------------------------------------------------------------




[ Virus News ]


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

Panda Software Warns of a Possible Virus Attack on March 11
http://www.net-security.org/virus_news.php?id=376


Sophos Warns Of Bilingual Bogus Microsoft Virus Fix
http://www.net-security.org/virus_news.php?id=375

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
ETHICAL HACKING: SECURITY TESTING FOR PROFESSIONALS
----------------------------------------------------------------
This course teaches you a repeatable, documentable methodology 
that can be used in a professional security testing or penetration 
testing situation.

Get 400$ OFF when you mention Help Net Security!
http://www.net-security.org/v/infosec/
----------------------------------------------------------------