HNS Newsletter
Issue 210 - 25.04.2004.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week.


----------------------------------------------------------------
ETHICAL HACKING: SECURITY TESTING FOR PROFESSIONALS
----------------------------------------------------------------
This course teaches you a repeatable, documentable methodology 
that can be used in a professional security testing or penetration 
testing situation.

Get 400$ OFF when you mention Help Net Security!
http://www.net-security.org/v/infosec/
----------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Reviews
6) Software
7) Webcasts
8) Conferences
9) Security world
10) Virus news


[ Security news ]

 
----------------------------------------------------------------

COMPANY TO LICENSE SMART-CARD SECURITY TOOLS
Now that it has received needed patents, Cryptography Research 
will embark on a more aggressive effort to license technology that 
can protect devices from differential power analysis, a type of 
decryption attack.
http://www.net-security.org/news.php?id=5055


EARTHLINK UNCOVERS RAMPANT SPYWARE AND TROJANS
Internet service provider EarthLink and Webroot Software released 
a report that said an average of almost 28 spyware programs are 
running on each computer.
http://www.net-security.org/news.php?id=5056


CYBER SECURITY COULD BE UP TO BOSSES
Chief executive officers of U.S. corporations and their boards of 
directors should assume direct responsibility for securing their 
computer networks from worms, viruses and other attacks, an 
industry task force working with the federal government said.
http://www.net-security.org/news.php?id=5057


US SHOWS WAY FOR SECURITY
New US proposals for minimum corporate security standards 
could foster similar measures in the UK.
http://www.net-security.org/news.php?id=5060


DATA SECURITY: EXPECT THE UNEXPECTED
With the proliferation of operating systems, applications and 
internet access points (both broadband and Wi-Fi), demand for 
data backup and storage has grown at an unbelievable rate.
http://www.net-security.org/news.php?id=5061


HOW SECURE IS YOUR HANDHELD?
The No. 1 threat to the sensitive data stored on your handheld 
device or smart phone remains physically losing the device, but 
other threats are looming on the handheld horizon.
http://www.net-security.org/news.php?id=5062


CLIMBING FIREWALLS
In the past, if you were looking for a mental image for the 
ubiquitous firewall you could have pictured it as that old 
western film stand-by, the circled wagon train.
http://www.net-security.org/news.php?id=5063


EVERDAY HACKERS
If you think all "hackers" are computer criminals, think again: A 
new generation is reclaiming a creative, do-it-yourself approach 
to everything from home electronics to home improvements.
http://www.net-security.org/news.php?id=5064


CREATING A PASSWORD SYSTEM THAT WORKS
The all-too-human penchant for using the same password 
everywhere drives computer security firms crazy.
http://www.net-security.org/news.php?id=5065


WIRELESS SECURITY TOPS U.S.-CHINA TRADE TALKS
China's wireless-networking protocol — known as Wireless LAN 
Authentication and Privacy Infrastructure, or WAPI — has most 
grabbed the spotlight. The scheme is aimed at boosting security 
but is incompatible with the industry standard developed by the 
IEEE 802.11 working group.
http://www.net-security.org/news.php?id=5066


MICROSOFT PICKS UP HACKERS' GAUNTLET
New security strategy aims to 'blunt impact of cybercriminals'.
http://www.net-security.org/news.php?id=5067


THE SILLY PRIVACY FEARS ABOUT GOOGLE'S E-MAIL SERVICE
Gmail isn't an invasion of privacy, and its ads are preferable to 
the giant blinking banners for diets and dating services that 
are splashed across my other Web mail accounts.
http://www.net-security.org/news.php?id=5068


NEXT ON FTC'S HIT LIST: SPYWARE
After moving to curb spam with new legislation last year, federal 
regulators are poised to take on the newest scourge of the 
Internet: spyware.
http://www.net-security.org/news.php?id=5069


'PHISHING' SCAMS LURING MORE USERS
The number of "phishing" e-mails circulating on the Web has 
increased from 279 to 215,643 over the past six months, 
according to e-mail security company MessageLabs.
http://www.net-security.org/news.php?id=5070


SOLARIS 10 SECURITY
This article discusses the many new security features in Sun's 
Solaris 10 operating system, as well as Sun's holistic approach 
to security.
http://www.net-security.org/news.php?id=5071


PUTTING THE 'ENTERPRISE' INTO WIRELESS LANS
While a basic, single access point WLAN servicing a handful of 
clients is simplicity itself, expanding that network with a second 
access point causes an immediate spike in complexity.
http://www.net-security.org/news.php?id=5072


SECURITY THREATS INCREASE DEMAND FOR PROTECTION
With internet security attacks on the increase and events such as 
the BT cabling tunnel fire in Manchester, IT security and disaster 
recovery skills are in demand. There is now growing support for a 
British Standard on business continuity.
http://www.net-security.org/news.php?id=5073


THE ECONOMICS OF INFORMATION SECURITY
We asked Lawrence A. Gordon, a renowned economics professor, 
and Robert Richardson, editorial director at our sister organization 
Computer Security Institute and a former systems developer and 
WAN manager, to explore the subject of information security from 
an economics angle.
http://www.net-security.org/news.php?id=5074


THE TROJAN THAT WASN'T
Fear, uncertainty and doubt swirled through the Macintosh community 
last week as an antivirus software company said it had uncovered the 
first Trojan horse software to hit Mac OS X.
http://www.net-security.org/news.php?id=5075


LINUX: UNFIT FOR NATIONAL SECURITY?
Days after an embedded-industry CEO stirred up a firestorm by 
charging that Linux poses a threat to U.S. security, two prominent 
computing-security experts said last week that some developers 
are already inappropriately using Linux in critical security 
applications where it isn't suitable.
http://www.net-security.org/news.php?id=5076


THE MORE BASIC THE BETTER, SECURITY REPORT RECOMMENDS
A coalition of public- and private-sector organizations today called 
on hardware and software vendors to pay more attention to basic 
security in products for the public.
http://www.net-security.org/news.php?id=5079


EXPLOIT FOR WINDOWS SSL FLAW CIRCULATING
Exactly a week after Microsoft announced a SSL vulnerability affecting 
key Windows products, malicious hackers unveiled exploits that could 
lead to widespread denial-of-service attacks.
http://www.net-security.org/news.php?id=5080


ONIONLIKE POLYMER PARTICLES IDEAL FOR SECURE ENCRYPTION
Clever geometry is the basis of a new material that is said to be ideal 
for secure data encryption and dense optical information storage.
http://www.net-security.org/news.php?id=5081


PHISHERS USING SMARTER HOOKS
Fraud attempts grow with Trojans, keystroke loggers and stolen 
screenshots.
http://www.net-security.org/news.php?id=5082


TRAINING WILL TURN RECEPTIONISTS INTO SECURITY GURUS
UK businesses think that their staff could be the weak link in the 
fight against cybercrime - and a new course has been launched to 
turn everyone from CEOs to receptionists into security whizzkids.
http://www.net-security.org/news.php?id=5083


FIVE SIGNS YOUR ENTERPRISE NEEDS DISTRIBUTED SECURITY
After years of merely reacting to new vulnerabilities, a 
centralized security model can no longer counter today's threats.
http://www.net-security.org/news.php?id=5084


WORST SECURITY PROBLEM: ATTACHMENTS
Want to ruin a security manager’s day? Open an attachment - 
any unknown attachment will do.
http://www.net-security.org/news.php?id=5085


MILITARY CADETS PLAY CYBERCOPS
U.S. Military Academy cadets participated in an exercise testing 
how well cadets could defend a military computer network from 
hackers.
http://www.net-security.org/news.php?id=5086


TOWER RECORDS SETTLES HACKER ATTACK SUIT
The company that operates the Web site for music retailer Tower 
Records has settled complaints by U.S. regulators that it allowed 
hackers in 2002 to steal personal information about thousands of 
its online customers.
http://www.net-security.org/news.php?id=5087


CYBER CRIME IS RIGHT UNDER YOUR NOSE
A company's worst nightmare is when a trusted employee with 
access to sensitive data simply vanishes. It gets worse when 
the employee turns up at a competitor's firm.
http://www.net-security.org/news.php?id=5088


THE NEED FOR SECURITY WILL NOT GO AWAY
Company management will always believe that security is a 
temporary problem which given time will subside.
http://www.net-security.org/news.php?id=5089


CISCO WARNS OF MORE CRITICAL SOFTWARE HOLES
Cisco Systems Inc. warned its customers about two critical 
security holes that affect almost every product the company 
makes.
http://www.net-security.org/news.php?id=5090


SECURING THE IP TELEPHONY PERIMETER
Can Application-layer firewalls deliver the security and reliability 
network managers need to build out tomorrow's IP telephony 
networks?
http://www.net-security.org/news.php?id=5091


CONSUMER GRADE *NIX
Consumer grade *nix is a powder keg looking for a place to happen.
http://www.net-security.org/news.php?id=5092


THE ENEMY WITHIN
On March 23, 2004, an employee at an Anaheim, Calif.-based insurance 
company was indicted on federal wiretapping charges for allegedly 
installing an electronic device onto a company computer to record 
every keystroke made on one keyboard.
http://www.net-security.org/news.php?id=5093


SECURING A FRESH LINUX INSTALL, PART 3
In the previous article in this series we looked at ways to secure 
files and monitor system logs on a Linux server. To finish the series 
we'll look at security considerations for some important networking 
tools.
http://www.net-security.org/news.php?id=5094


WHO SHOULD KEEP OUT THE HACKERS?
The calm of a few months without a major attack of a computer worm, 
virus or other form of cyber-harassment was rattled hard this week.
http://www.net-security.org/news.php?id=5095


MANAGING THE PATCH PROCESS
A software developer who began his career with Microsoft at its 
Melbourne operation is now at the nerve centre of one of the 
company's most important divisions - its security response centre.
http://www.net-security.org/news.php?id=5096


SUPER WORMS ON THE WAY?
The threat from malicious Internet worms is about to explode 
exponentially, a security expert said Thursday as he predicted 
release of an especially menacing "super worm" in the near future.
http://www.net-security.org/news.php?id=5097


NETWORK ASSOCIATES ADOPTS NEW NAME
The security firm will change its name to reflect its most 
prominent product line.
http://www.net-security.org/news.php?id=5098


LINUX/WINDOWS SECURITY DEBATE ROLLS ON
No overall winner as analysts ponder pros and cons of both 
operating systems.
http://www.net-security.org/news.php?id=5099


HACKER PROFILE: PEITER MUDGE ZATKO
It's hard to tell if Peiter Mudge Zatko was born eccentric or whether 
he's just a stickler for privacy.
http://www.net-security.org/news.php?id=5100


SPAMHAUS BREACHES GREAT FIREWALL OF CHINA
Monitoring project works with Chinese authorities to crack 
down on spammers.
http://www.net-security.org/news.php?id=5101


CODE EXISTS TO EXPLOIT TCP FLAW
Symantec has confirmed that malicious code that can take advantage 
of the Transmission Control Protocol flaw reported this week exists 
but says that the risk of real problems is remote.
http://www.net-security.org/news.php?id=5102

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

Unreal Engine UMOD Arbitrary File Overwriting Vulnerability
http://www.net-security.org/vuln.php?id=3409


Advanced Guestbook 2.2 SQL Injection Exploit Vulnerability
http://www.net-security.org/vuln.php?id=3408


Yahoo! Mail Account Filter Overflow Hijack Vulnerability
http://www.net-security.org/vuln.php?id=3407


PostNuke 0.726 Phoenix Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3406


Linux Kernel Setsockopt MCAST_MSFILTER Integer 
Overflow Vulnerability
http://www.net-security.org/vuln.php?id=3405


Phorum 3.4.7 SQL Injection Vulnerability
http://www.net-security.org/vuln.php?id=3404


Zaep AntiSpam Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=3403


NETFile FTP/Web Server Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=3402


Microsoft Windows Expand-Down Data Segment Local 
Privilege Escalation Vulnerability
http://www.net-security.org/vuln.php?id=3401


X-Micro WLAN 11b Broadband Router Default Username 
and Password Vulnerability
http://www.net-security.org/vuln.php?id=3400


Nuked-Klan Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3399


Microsoft Windows Local Security Authority Service 
Remote Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=3398


SCT Javascript Execution Vulnerability
http://www.net-security.org/vuln.php?id=3397


GEMITEL v 3.50 Include File Vulnerability
http://www.net-security.org/vuln.php?id=3396


SquirrelMail Chpasswod Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=3395


phpBB 2.0.8a IP Spoofing Vulnerability 
http://www.net-security.org/vuln.php?id=3394

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

SOT Linux Security Advisory - Updated cvs package for SOT 
Linux 2003 (SLSA-2004:17)
http://www.net-security.org/advisory.php?id=3260


SGI Security Advisory - Vulnerabilities in long-lived TCP 
connections (20040403-01-A)
http://www.net-security.org/advisory.php?id=3259


PostNuke Security Advisory - SQL injection in Comments and 
Your_Account modules (PNSA 2004-2)
http://www.net-security.org/advisory.php?id=3258


Trustix Secure Linux Security Advisory - kernel (2004-0022)
http://www.net-security.org/advisory.php?id=3257


Debian Security Advisory - New ident2 packages fix buffer 
overflow (DSA 494-1)
http://www.net-security.org/advisory.php?id=3256


Mandrakelinux Security Update Advisory - utemper (MDKSA-2004:031-1)
http://www.net-security.org/advisory.php?id=3255


Mandrakelinux Security Update Advisory - xchat (MDKSA-2004:036)
http://www.net-security.org/advisory.php?id=3254


NetBSD Security Advisory - TCP protocol and implementation 
vulnerability (2004-006)
http://www.net-security.org/advisory.php?id=3253


NetBSD Security Advisory - Denial of service vulnerabilities in 
OpenSSL (2004-005)
http://www.net-security.org/advisory.php?id=3252


Red Hat Security Advisory - Updated kernel packages resolve 
security vulnerabilities (RHSA-2004:166-01)
http://www.net-security.org/advisory.php?id=3251


Debian Security Advisory - New xchat packages fix arbitrary 
code execution (DSA 493-1)
http://www.net-security.org/advisory.php?id=3250


Slackware Security Advisory - xine security update (SSA:2004-111-01)
http://www.net-security.org/advisory.php?id=3249


US-CERT Technical Cyber Security - Cisco IOS SNMP Message 
Handling Vulnerability (Alert TA04-111B)
http://www.net-security.org/advisory.php?id=3248


Cisco Security Advisory - Vulnerabilities in SNMP Message Processing
http://www.net-security.org/advisory.php?id=3247


Cisco Security Advisory - TCP Vulnerabilities in Multiple IOS 
Based Cisco Products
http://www.net-security.org/advisory.php?id=3246


NISCC Vulnerability Advisory - Vulnerability Issues in TCP (236929)
http://www.net-security.org/advisory.php?id=3245


Cisco Security Advisory - TCP Vulnerabilities in Multiple 
Non-IOS Cisco
http://www.net-security.org/advisory.php?id=3244


US-CERT Technical Cyber Security Alert - Vulnerabilities 
in TCP (TA04-111A)
http://www.net-security.org/advisory.php?id=3243


Mandrakelinux Security Update Advisory -samba (MDKSA-2004:035)
http://www.net-security.org/advisory.php?id=3242


Mandrakelinux Security Update Advisory - MySQL (MDKSA-2004:034)
http://www.net-security.org/advisory.php?id=3241


Mandrakelinux Security Update Advisory - xine-ui (MDKSA-2004:033)
http://www.net-security.org/advisory.php?id=3240


Mandrakelinux Security Update Advisory - libneon (MDKSA-2004:032)
http://www.net-security.org/advisory.php?id=3239


Mandrakelinux Security Update Advisory - Updated utempter 
packages fix several vulnerabilities (MDKSA-2004:031)
http://www.net-security.org/advisory.php?id=3238


Gentoo Linux Security Advisory - Multiple format string 
vulnerabilities in cadaver (GLSA 200404-14)
http://www.net-security.org/advisory.php?id=3237


Gentoo Linux Security Advisory - XChat 2.0.x SOCKS5 
Vulnerability (GLSA 200404-15)
http://www.net-security.org/advisory.php?id=3236


Gentoo Linux Security Advisory - Multiple new security 
vulnerabilities in monit (GLSA 200404-16)
http://www.net-security.org/advisory.php?id=3235


Slackware Security Advisory - utempter security update 
(SSA:2004-110-01)
http://www.net-security.org/advisory.php?id=3234


Netwosix Linux Security Advisory - CVS Server and Client 
Vulnerabilities (2004-0011)
http://www.net-security.org/advisory.php?id=3233


Netwosix Linux Security Advisory - Multiple format string 
vulnerabilities in neon (2004-0012)
http://www.net-security.org/advisory.php?id=3232


Debian Security Advisory - New iproute packages fix denial 
of service (DSA 492-1)
http://www.net-security.org/advisory.php?id=3231


Slackware Security Advisory - cvs security update (SSA:2004-108-02)
http://www.net-security.org/advisory.php?id=3230


Slackware Security Advisory - tcpdump denial of service 
(SSA:2004-108-01)
http://www.net-security.org/advisory.php?id=3229


Debian Security Advisory - New Linux 2.4.19 packages fix 
local root exploit (mips) (DSA 491-1)
http://www.net-security.org/advisory.php?id=3228


Debian Security Advisory - New Zope packages fix arbitrary 
code execution (DSA 490-1)
http://www.net-security.org/advisory.php?id=3227


Debian Security Advisory - New Linux 2.4.17 packages fix local 
root exploit (mips+mipsel) (DSA 489-1)
http://www.net-security.org/advisory.php?id=3226


Debian Security Advisory - New logcheck packages fix insecure 
temporary directory (DSA 488-1)
http://www.net-security.org/advisory.php?id=3225


Debian Security Advisory - New perl packages fix information leak 
in suidperl (DSA 431-2)
http://www.net-security.org/advisory.php?id=3224


Debian Security Advisory - New neon packages fix format string 
vulnerabilities (DSA 487-1)
http://www.net-security.org/advisory.php?id=3223


Debian Security Advisory - cvs (DSA 486-1) 
http://www.net-security.org/advisory.php?id=3222

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org

----------------------------------------------------------------

HNS LEARNING SESSION: SESSION HIJACKING EXPLAINED
This eleven minute audio shows you all the important 
characteristics of session hijacking and presents a 
number of practical examples of these attacks on 
online e-commerce sites.
http://www.net-security.org/article.php?id=679


SENDING IPV6 PACKETS TO CHECK FIREWALL RULES
This article describes netwox toolbox which can be used 
to send IPv6 packets.
http://www.net-security.org/article.php?id=678

----------------------------------------------------------------




[ Reviews ]


All reviews are located at: 
http://www.net-security.org/reviews.php 


----------------------------------------------------------------

STAT SCANNER 5.27
A security scanner is one of the most important software tools 
in a network administrator's toolbox. Read the review and find 
out how this scanner can empower your arsenal.
http://www.net-security.org/review.php?id=130

----------------------------------------------------------------




[ Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2

Pocket PC software is located at:
http://net-security.org/software_main.php?cat=3

----------------------------------------------------------------

AWESUM 0.5.0
Awesum is a graphical checksum verification utility. Awesum is 
very easy to use and includes support for both MD5 and SHA 
checksum algorithms.
http://www.net-security.org/software.php?id=557


BUGS DYNAMIC CRYPTOGRAPHY 4.1.1
Bugs Dynamic Cryptography is a private key cryptography algorithm. 
The package includes a C Library and many sample applications, 
including ones for file encryption, secure chatting, and login 
applications.
http://www.net-security.org/software.php?id=558

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at: 
http://www.net-security.org/webcasts.php


----------------------------------------------------------------

The Many Uses of Tripwire
Organized by Tripwire on 27 April 2004, 9:00 AM PDT
http://www.net-security.org/webcast.php?id=267


Consolidated email protection: An introduction to PureMessage
Organized by Sophos on 27 April 2004, 10:00 AM PST
http://www.net-security.org/webcast.php?id=261


Cyber Crime - Defending Your Business Assets
Organized by Security & Technology Online on 27 April 2004, 
1:00 PM EST
http://www.net-security.org/webcast.php?id=268


Sophos Anti-Virus: Stopping viruses in the educational environment
Organized by Sophos on 28 April 2004, 10:00 AM PST
http://www.net-security.org/webcast.php?id=262


A Secure SSO with Microsoft Active Directory For All 
Your Applications
Organized by Evidian on 29 April 2004, 10:00 AM GMT
http://www.net-security.org/webcast.php?id=269


Security with the Visual Studio Tools for the Microsoft 
Office System
Organized by Microsoft on 5 May 2004, 11:00 AM PT
http://www.net-security.org/webcast.php?id=212


The Symantec End-to-End Security Solution for the 
Microsoft-Driven Enterprise
Organized by Symantec on 5 May 2004, 11:00 AM PST
http://www.net-security.org/webcast.php?id=264


Secure Remote Access – WLAN, VPN, Web, Terminal 
Services, Dial-up
Organized by Activcard on 6 May 2004, 11:00 AM PT
http://www.net-security.org/webcast.php?id=255


Managing Enterprise Risk in a Wireless World
Organized by META Group on 6 May 2004, 2:00 PM ET 
http://www.net-security.org/webcast.php?id=270

----------------------------------------------------------------




[ Conferences ]


All conferences are located at: 
http://www.net-security.org/conferences.php


----------------------------------------------------------------

Dallascon Security Conference 2004
Organized by DallasCon - 1 May-2 May 2004
http://www.net-security.org/conference.php?id=73


Computer Security Mexico 2004
Organized by Computer Security Department and UNAM-CERT 
- 27 May-28 May 2004
http://www.net-security.org/conference.php?id=87


RSA Conference 2004 Japan
Organized by RSA Conference 2004 Japan Executive Comittee 
- 31 May-1 June 2004
http://www.net-security.org/conference.php?id=82


Infosecurity Canada Conference & Exhibition 2004
Organized by Reed Exhibitions - 1 June-3 June 2004
http://www.net-security.org/conference.php?id=86


BCS Birmingham IT Security Conference 2004
Organized by British Computer Society - 8 June-8 June 2004
http://www.net-security.org/conference.php?id=81


16th Annual FIRST Conference
Organized by FIRST - 13 June-18 June 2004
http://www.net-security.org/conference.php?id=22


NetSec 2004
Organized by Computer Security Institute - 14 June-16 June 2004
http://www.net-security.org/conference.php?id=20


2004 USENIX Annual Technical Conference
Organized by USENIX Association - 27 June-2 July 2004
http://www.net-security.org/conference.php?id=66


DIMVA 2004
Organized by German Informatics Society - 6 July-7 July 2004
http://www.net-security.org/conference.php?id=47


RUXCON 2004
Organized by Australian computer security community 
- 10 July-11 July 2004
http://www.net-security.org/conference.php?id=88


Open Source Convention 2004
Organized by O'Reilly - 26 July-30 July 2004
http://www.net-security.org/conference.php?id=89


13th USENIX Security Symposium
Organized by USENIX Association - 9 August-13 August 2004
http://www.net-security.org/conference.php?id=67


The 14th Virus Bulletin International Conference (VB2004)
Organized by Virus Bulletin - 29 September-1 October 2004
http://www.net-security.org/conference.php?id=83


RSA Conference Europe 2004
Organized by RSA Security - 3 November-5 November 2004 
http://www.net-security.org/conference.php?id=83

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org

----------------------------------------------------------------

Juniper Networks Positioned in the Leader Quadrant in Enterprise 
Firewall Magic Quadrant
http://www.net-security.org/press.php?id=2087


Security Leader Network Associates Outlines Major Business, 
Productivity and Branding Changes Including Sale of Sniffer 
Business and Renaming of the Company to McAfee, Inc.
http://www.net-security.org/press.php?id=2086


Syhunt Introduces All-in-One Web Application Security 
Software for SMEs
http://www.net-security.org/press.php?id=2085


Swisscom Eurospot Enhances Ease of Use and Security 
on Its Network
http://www.net-security.org/press.php?id=2084


Region 18 Education Service Center Deploys TippingPoint’s UnityOne 
Intrusion Prevention System to Block Cyber Threats, Prevent 
Piracy and Protect Network Integrity
http://www.net-security.org/press.php?id=2083


New Approach to IT Security Needed To Meet The Challenges 
of Rising Cost and Globalisation
http://www.net-security.org/press.php?id=2082


European Patent Office Uses PinkRoccade Smart Cards In 
Electronic Patent Application Process
http://www.net-security.org/press.php?id=2081


AEP Systems' SSL VPN Provides Exciting Reseller Opportunity, 
Says MasStor Technologies
http://www.net-security.org/press.php?id=2080


AOK Selects Blue Coat To Secure Web Use For 10,000 Users
http://www.net-security.org/press.php?id=2079


Global Chemical Company Selects Ubizen For Worldwide 
Managed Security Services
http://www.net-security.org/press.php?id=2078


Trend Network Services to Launch NetSecure Threat 
Management Service at InfoSec 2004
http://www.net-security.org/press.php?id=2077


Sigaba Chosen By Rex Healthcare as Preferred Provider 
For Secure Messaging
http://www.net-security.org/press.php?id=2076


Office Workers Give Away Passwords for a Chocolate Bar
http://www.net-security.org/press.php?id=2075


Skybox Security Opens European Operations
http://www.net-security.org/press.php?id=2074


Kavado Web Application Security Product Suite Wins 01 
Réseaux Security Trophy
http://www.net-security.org/press.php?id=2073


BitDefender Showcases New Technologies At Infosecurity, The 
World's Data Security Arena 27-29 April, Booth 50
http://www.net-security.org/press.php?id=2072


New Panda CVPSecure Antivirus: Integrated Protection For 
The Corporate Firewall 
http://www.net-security.org/press.php?id=2071

----------------------------------------------------------------




[ Virus News ]


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

Panda Software Reports a Spam Message That Downloads a Trojan
http://www.net-security.org/virus_news.php?id=392


Weekly Report on Viruses and Intrusions - Netsky and MyDoom 
Variants, Blaster.H and Spam/Trojan Combo
http://www.net-security.org/virus_news.php?id=391


Panda Software Reports the Appearance of Netsky.X
http://www.net-security.org/virus_news.php?id=390

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
ETHICAL HACKING: SECURITY TESTING FOR PROFESSIONALS
----------------------------------------------------------------
This course teaches you a repeatable, documentable methodology 
that can be used in a professional security testing or penetration 
testing situation.

Get 400$ OFF when you mention Help Net Security!
http://www.net-security.org/v/infosec/
----------------------------------------------------------------