HNS Newsletter Issue 214 - 24.05.2004. http://net-security.org This is a newsletter delivered to you by Help Net Security. It covers weekly roundups of security events that were in the news the past week. ---------------------------------------------------------------- Windows Server System is integrated server infrastructure software from Microsoft that is designed to work together and interact seamlessly with other data and applications across your IT environment so you can reduce the costs of ongoing operations, deliver highly reliable and secure IT infrastructure, and drive valuable new capabilities for the future growth of your business. For more information visit http://ad.sk.doubleclick.net/clk;8019800;9084238;l ---------------------------------------------------------------- Table of contents: 1) Security news 2) Vulnerabilities 3) Advisories 4) Articles 5) Reviews 6) Software 7) Webcasts 8) Conferences 9) Security World 10) Virus News [ Security news ] ---------------------------------------------------------------- MS RETURNS TO BASE Changes to security technology will make it easier to configure. http://www.net-security.org/news.php?id=5227 VOIP IS AS SECURE AS YOU MAKE IT VOIP & Telephony Center Editor Ellen Muraskin says that enterprise VOIP is just as secure as traditional voice— as long as you keep your LAN under wraps. http://www.net-security.org/news.php?id=5228 NO WLAN? YOU STILL NEED WIRELESS SECURITY It was nearly impossible to traverse a significant part of the show floor at this year's Networld+Interop without encountering solutions that dealt with the thorny issue of wireless security. http://www.net-security.org/news.php?id=5229 WINDOWS XP SERVICE PACK 2 STILL IN FLUX Even in the eleventh hour, Redmond is continuing to make changes to its Windows XP update code. http://www.net-security.org/news.php?id=5230 CISCO INVESTIGATES SOURCE CODE LEAK An unspecified amount of the proprietary source code that drives Cisco Systems' networking hardware has appeared on the Internet, the technology giant acknowledged early Monday. http://www.net-security.org/news.php?id=5231 HOW TO SELL - THE DANGER WITHIN The sheer scale of the security threat presented by employees should not be underestimated. http://www.net-security.org/news.php?id=5232 SASSER SUSPECT FANCLUB LAUNCHES APPEAL The German teenager fingered as the author of the Sasser and NetSky worms may not be popular among IT professionals, but fans of the accused miscreant have already sprung to his defense and, apparently, opened their wallets. http://www.net-security.org/news.php?id=5233 STOP SKIRTING NETWORK SECURITY Network security has become the thing that keeps executives up at night. http://www.net-security.org/news.php?id=5236 PHISHING EXPEDITIONS ARE MULTIPLYING More bad news about phishing attacks arrived Friday via message filtering firm SurfControl when it unveiled numbers showing the scams have increased nearly 500% since January. http://www.net-security.org/news.php?id=5237 SYMANTEC TAKES BITE OFF VIRUS-ID SPAM Symantec has shown the way for other antivirus firms to finally end the proliferation of false virus notifications, which wrongly identify the source of an e-mail-borne virus and add to the general deluge swamping users' inboxes. http://www.net-security.org/news.php?id=5238 CRIMINAL GANGS EXPLOIT INTERNET EMPLOYMENT SITES Online job sites like Monster.com, CareerBuilder and HotJobs have given employers a better way to find workers, but it turns out that crime rings are targeting the sites, too. http://www.net-security.org/news.php?id=5239 EUROPEAN RESEARCHERS CRAFT NEW ENCRYPTION Quantum cryptography uses photons' properties to block Echelon, other eavesdropping technology. http://www.net-security.org/news.php?id=5240 INSIDE WINDOWS SERVER 2003 Microsoft Windows 2003 has been out for a while and many books have been released about it. What I have before me is a huge hardcover title covering a lot of ground. The title certainly does promise a lot. Does it deliver? Read on to find out. http://www.net-security.org/news.php?id=5241 SECURITY EXPERTS PLAY DOWN CISCO LEAK The leak of a significant amount of Cisco Systems' source code for its latest network devices will not result in a large number of discovered vulnerabilities, security experts said Monday. http://www.net-security.org/news.php?id=5242 FUNDS SOUGHT TO AID VIRUS WRITER The Sasser web worm caused trouble for thousands of net users but its author does at least have some fans. http://www.net-security.org/news.php?id=5243 JOHANNESBURG HACKER FOUND GUILTY A 32-year-old Johannesburg man has been found guilty of loading a virus onto the computers of Edgars, an act which the company claims cost them R20 million and affected up to 700 stores. http://www.net-security.org/news.php?id=5244 WHY WINDOWS IS A SECURITY NIGHTMARE Security in all mainstream operating systems is non-existent; however, things are especially bad for Windows. http://www.net-security.org/news.php?id=5245 WEB SERVICES SECURITY DRAFT RELEASED The Web Services Interoperability Organization (WS-I) on Tuesday announced availability of the WS-I Basic Security Profile Working Group Draft, an early version of what is intended to be a guide for use of standards in the development of interoperable Web services. http://www.net-security.org/news.php?id=5246 A NEW CHINESE SPECIALTY: SPAM Despite Beijing's Net censorship, the country appears to be playing host to thousands of the sites spammers want you to visit. http://www.net-security.org/news.php?id=5247 YAHOO SETS UP STANDARD TO COMBAT SPAM Internet portal Yahoo on Tuesday released an e-mail standard that prevents spam marketers from hiding unwanted messages behind legitimate e-mail addresses. http://www.net-security.org/news.php?id=5248 CRITICAL SECURITY HOLE FOUND IN MAC OS X Security research group Secunia is warning all Mac OS X users about what it calls a "highly critical" vulnerability. http://www.net-security.org/news.php?id=5249 TCP/IP SKILLS REQUIRED FOR SECURITY ANALYSTS This article guides users new to the security field through some of the key skills required to work as a security analyst. The focus is on core TCP/IP competency and related technologies such as intrusion detection systems, firewalls and routers. http://www.net-security.org/news.php?id=5250 WLAN SECURITY SHOOTOUT WLAN switches have deposed the intelligent access points of yesteryear. Are they really better? And which WLAN switch is best? http://www.net-security.org/news.php?id=5251 EMBRACING THE ART OF HACKING If you can avoid some of the tedious bits, Paul Graham has some good points to make about the relationship between art and coding. http://www.net-security.org/news.php?id=5252 POLICE LACK SKILLS TO TACKLE CYBER-CRIME More officers need to be trained in computer forensics, says lobby group. http://www.net-security.org/news.php?id=5253 TOP EXECS URGED TO ZERO IN ON SECURITY The Business Roundtable, a national trade association for corporate executives, said Wednesday that company board members and chief executives need to pay more attention to computer security. http://www.net-security.org/news.php?id=5254 VIA PAVES PATH TO ENHANCED PROCESSOR SECURITY "Our approach to processor design allows small, fanless devices to carry out the most demanding security operations while simultaneously processing today's increasingly sophisticated digital entertainment applications," said Glenn Henry, president of Centaur Technology, a company recently acquired by VIA and producer of the new core. http://www.net-security.org/news.php?id=5255 CISCO TO PATENT SECURITY FIX Cisco Systems has applied for patents on technology that it claims will fix a flaw that has recently been found in one of the most common communications protocols. http://www.net-security.org/news.php?id=5256 HOW ARE SCRIPT KIDDIES OUTWITTING I.T. EXPERTS? "Ten years ago, you needed good programming skills to write a virus, but today there are ready made virus-writing programs on the market so you can write a virus and not know much about programming," explains Mikael Albrecht of F-Secure. http://www.net-security.org/news.php?id=5257 FLAWS DRILL HOLES IN OPEN-SOURCE REPOSITORY Flaws in two popular source code repository applications could allow attackers to access and corrupt open-source software projects, a security researcher said Wednesday. http://www.net-security.org/news.php?id=5258 GOOGLE DEFINES GOOD MANNERS FOR ADWARE In an attempt to cut down on misbehaving adware and spyware, Google has released a set of suggested principles for software makers to follow when writing programs that embed themselves on Internet users' PCs. http://www.net-security.org/news.php?id=5259 HOW TO STOP VIRUSES? BUILD A 'KILLER BOT' The computer virus is, it seems, as unstoppable as its biological forebears--and possesses the same appetite for evolution. http://www.net-security.org/news.php?id=5260 SPAM ADVERSARIES TO MEET, DEBATE Alleged spammer Scott Richter and SpamCop founder Julian Haight will meet next month to duke it out in a public debate. It could get nasty. http://www.net-security.org/news.php?id=5261 FBI PLANS SPAMMER SMACKDOWN It's been nearly six months since President Bush signed the first federal spam law with criminal sanctions--and not one bulk e-mailer has been criminally charged under it so far. http://www.net-security.org/news.php?id=5262 U.S. MAY GET A PRIVACY CZAR To protect the privacy and civil liberties of Americans, the federal government may get a privacy czar if two congressional representatives have their way. http://www.net-security.org/news.php?id=5263 MALWARE ANALYSIS FOR ADMINISTRATORS The purpose of this article is to help administrators and power users use behavioral analysis to determine if a binary is harmful malware, by analyzing it in a lab environment without the use of anti-virus software, debuggers, or code disassembly. http://www.net-security.org/news.php?id=5264 ATHENS OLYMPICS BRACED FOR WAVE OF CYBERATTACKS The Athens Olympics organizers are bracing themselves for a wave of cyberattacks once the games are under way, but insist that a physical breach of security still represents the biggest threat. http://www.net-security.org/news.php?id=5265 AUDIO INTERVIEW WITH BRIAN COHEN, SPI DYNAMICS CEO Mr. Cohen introduces his company, discusses the current state and future of the web application security market and provides information on the SPI Dynamics WebInspect product line. http://www.net-security.org/news.php?id=5266 ---------------------------------------------------------------- [ Vulnerabilities ] All vulnerabilities are located here: http://www.net-security.org/archive_vuln.php ---------------------------------------------------------------- Libneon Date Parsing Vulnerability http://www.net-security.org/vuln.php?id=3466 Subversion Remote Vulnerability http://www.net-security.org/vuln.php?id=3465 CVS Remote Vulnerability http://www.net-security.org/vuln.php?id=3464 Zen Cart login.php SQL Injection Vulnerability http://www.net-security.org/vuln.php?id=3463 phpMyFAQ Local File Inclusion Vulnerability http://www.net-security.org/vuln.php?id=3462 Safari Remote Arbitrary Code Execution Vulnerability http://www.net-security.org/vuln.php?id=3461 PhpNuke 6.x - 7.3 Multiple Vulnerabilities http://www.net-security.org/vuln.php?id=3460 Microsoft Internet Explorer ImageMap URL Spoof Vulnerability http://www.net-security.org/vuln.php?id=3459 PhpNuke Remote File Inclusion Vulnerability http://www.net-security.org/vuln.php?id=3458 Wget Race Condition Vulnerability http://www.net-security.org/vuln.php?id=3457 NetChat HTTP Server Stack Overflow Vulnerability http://www.net-security.org/vuln.php?id=3456 TTT-C Multiple Cross Site Scripting Vulnerabilities http://www.net-security.org/vuln.php?id=3455 WebCT Cross Site Scripting Vulnerability http://www.net-security.org/vuln.php?id=3454 oscommerce 2.2 file_manager.php File Browsing Vulnerability http://www.net-security.org/vuln.php?id=3453 Microsoft Windows Help and Support Center Remote Code Execution Vulnerability http://www.net-security.org/vuln.php?id=3452 ---------------------------------------------------------------- [ Advisories ] All advisories are located at: http://www.net-security.org/archive_advi.php ---------------------------------------------------------------- Gentoo Linux Security Advisory - Multiple vulnerabilities in metamail (GLSA 200405-17) http://www.net-security.org/advisory.php?id=3370 Gentoo Linux Security Advisory - Multiple XSS Vulnerabilities in SquirrelMail (200405-16) http://www.net-security.org/advisory.php?id=3369 OpenPKG Security Advisory - rsync (OpenPKG-SA-2004.025) http://www.net-security.org/advisory.php?id=3368 Turbolinux Security Announcement - Multiple vulnerabilities within the kernel (21/May/2004) http://www.net-security.org/advisory.php?id=3367 Gentoo Linux Security Advisory - cadaver heap-based buffer overflow (GLSA 200405-15) http://www.net-security.org/advisory.php?id=3366 Gentoo Linux Security Advisory - Buffer overflow in Subversion (GLSA 200405-14) http://www.net-security.org/advisory.php?id=3365 Gentoo Linux Security Advisory - neon heap-based buffer overflow (GLSA 200405-13) http://www.net-security.org/advisory.php?id=3364 Gentoo Linux Security Advisory - CVS heap overflow vulnerability (200405-12) http://www.net-security.org/advisory.php?id=3363 Slackware Security Advisory - cvs (SSA:2004-140-01) http://www.net-security.org/advisory.php?id=3362 SGI Security Advisory - SGI ProPack v2.4: Kernel Update #4 - Security and other fixes (20040505-01-U) http://www.net-security.org/advisory.php?id=3361 SGI Security Advisory - SGI ProPack 3: Kernel Update #1 - Security and other fixes (20040504-01-U) http://www.net-security.org/advisory.php?id=3360 OpenPKG Security Advisory - neon (OpenPKG-SA-2004.024) http://www.net-security.org/advisory.php?id=3359 OpenPKG Security Advisory - subversion (OpenPKG-SA-2004.023) http://www.net-security.org/advisory.php?id=3358 OpenPKG Security Advisory - cvs (OpenPKG-SA-2004.022) http://www.net-security.org/advisory.php?id=3357 Gentoo Linux Security Advisory - KDE URI Handler Vulnerabilities (GLSA 200405-11) http://www.net-security.org/advisory.php?id=3356 Mandrakelinux Security Update Advisory - libneon (MDKSA-2004:049) http://www.net-security.org/advisory.php?id=3355 Mandrakelinux Security Update Advisory - cvs (MDKSA-2004:048) http://www.net-security.org/advisory.php?id=3354 Gentoo Linux Security Advisory - Icecast denial of service vulnerability (GLSA 200405-10) http://www.net-security.org/advisory.php?id=3353 Gentoo Linux Security Advisory - ProFTPD Access Control List bypass vulnerability (GLSA 200405-09) http://www.net-security.org/advisory.php?id=3352 Debian Security Advisory - New cadaver packages fix buffer overflow (DSA 507-1) http://www.net-security.org/advisory.php?id=3351 Debian Security Advisory - New cvs packages fix remote exploit (DSA 505-1) http://www.net-security.org/advisory.php?id=3350 Debian Security Advisory - New neon packages fix buffer overflow (DSA 506-1) http://www.net-security.org/advisory.php?id=3349 FreeBSD Security Advisory - CVS pserver protocol parser errors (FreeBSD-SA-04:10.cvs) http://www.net-security.org/advisory.php?id=3348 SUSE Security Announcement - cvs (SuSE-SA:2004:013) http://www.net-security.org/advisory.php?id=3347 Mandrakelinux Security Update Advisory - kdelibs (MDKSA-2004:047) http://www.net-security.org/advisory.php?id=3346 KDE Security Advisory: URI Handler Vulnerabilities (2004-05-17) http://www.net-security.org/advisory.php?id=3345 Debian Security Advisory - New heimdal packages fix potential buffer overflow (DSA 504-1) http://www.net-security.org/advisory.php?id=3344 Slackware Security Advisory - kdelibs (SSA:2004-238-01) http://www.net-security.org/advisory.php?id=3343 SGI Security Advisory - IRIX 6.5.24 rpc.mountd infinte loop (20040503-01-P) http://www.net-security.org/advisory.php?id=3342 Mandrakelinux Security Update Advisory - apache (MDKSA-2004:046) http://www.net-security.org/advisory.php?id=3341 Mandrakelinux Security Update Advisory - passwd (MDKSA-2004:045) http://www.net-security.org/advisory.php?id=3340 Mandrakelinux Security Update Advisory - libuser (MDKSA-2004:044) http://www.net-security.org/advisory.php?id=3339 HP Security Bulletin - HP-UX B6848AB GTK+ Support Libraries elevated privileges (SSRT3613 rev.0) http://www.net-security.org/advisory.php?id=3338 HP Security Bulletin - HP-UX dtlogin unauthorized privileged access, Denial of Service (SSRT4721 rev.0) http://www.net-security.org/advisory.php?id=3337 HP Security Advisory - HP-UX Mozilla denial of service (SSRT4722 rev.0) http://www.net-security.org/advisory.php?id=3336 Symantec Security Advisory - Symantec Client Firewall Remote Access and Denial of Service Issues (SYM04-008) http://www.net-security.org/advisory.php?id=3335 Slackware Security Advisory - mc (SSA:2004-136-01) http://www.net-security.org/advisory.php?id=3334 SOT Linux Security Advisory - Updated lha package for SOT Linux 2003 (SLSA-2004:18) http://www.net-security.org/advisory.php?id=3333 Gentoo Linux Security Advisory - libpng denial of service vulnerability (GLSA 200405-06) http://www.net-security.org/advisory.php?id=3332 Gentoo Linux Security Advisory - Exim verify=header_syntax buffer overflow (GLSA 200405-07) http://www.net-security.org/advisory.php?id=3331 SUSE Security Announcement - mc (SuSE-SA:2004:012) http://www.net-security.org/advisory.php?id=3330 ---------------------------------------------------------------- [ Articles ] All articles are located at: http://www.net-security.org/articles_main.php Articles can be contributed to articles@net-security.org ---------------------------------------------------------------- AUDIO INTERVIEW WITH BRIAN COHEN, SPI DYNAMICS CEO In this ten minute audio interview, Brian Cohen, SPI Dynamics Chief Executive Officer introduces his company, discusses the current state and future of the web application security market and provides information on the SPI Dynamics WebInspect product line. http://www.net-security.org/article.php?id=690 CENTRALIZING THE MANAGEMENT OF NETWORK SECURITY Few would argue against the necessity and value of security for a network. Yet for organizations purchasing PCs or servers regularly and deploying them across geographically disparate locations, the implementation of security measures can be a long, tedious task requiring extensive man-hours. And the more locations an organization has, the more likely there are inconsistencies between those locations. http://www.net-security.org/article.php?id=689 ---------------------------------------------------------------- [ Reviews ] All reviews are located at: http://www.net-security.org/reviews.php ---------------------------------------------------------------- INSIDE WINDOWS SERVER 2003 Microsoft Windows 2003 has been out for a while and many books have been released about it. What I have before me is a huge hardcover title covering a lot of ground. The title certainly does promise a lot. Does it deliver? Read on to find out. http://www.net-security.org/review.php?id=131 ---------------------------------------------------------------- [ Software ] Windows software is located at: http://net-security.org/software_main.php?cat=1 Linux software is located at: http://net-security.org/software_main.php?cat=2 Pocket PC software is located at: http://net-security.org/software_main.php?cat=3 ---------------------------------------------------------------- CRIPPIN 2.0 Crippin was designed to protect confidential files in case a Pocket PC is lost or stolen. http://www.net-security.org/software.php?id=544 DEKART PRIVATE DISK 2.02 Easy-to-use, secure and reliable AES disk encryption software. http://www.net-security.org/software.php?id=562 ETTERCAP 0.7.0 pre2 Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. http://www.net-security.org/software.php?id=83 HARDENED-PHP 0.1.1 Hardened-PHP adds security hardening features to PHP. http://www.net-security.org/software.php?id=563 JSCH 0.1.15 JSch is a pure Java implementation of SSH2. http://www.net-security.org/software.php?id=417 NOSPAMPROXY 2.9.55 NoSPAMProxy blocks spam before it reaches the SMTP server. http://www.net-security.org/software.php?id=539 SHOREWALL 2.0.2c Shorewall is an iptables based firewall that can be used on a dedicated firewall system, a multi-function masquerade gateway/server or on a standalone Linux system. http://www.net-security.org/software.php?id=40 SOFTROS LAN MESSENGER 3.3 This is easy LAN messaging software for effective intraoffice communication. It offers strong encryption. http://www.net-security.org/software.php?id=561 SPYBOT - SEARCH & DESTROY 1.3 Spybot - Search & Destroy can detect and remove spyware of different kinds from your computer. http://www.net-security.org/software.php?id=556 ---------------------------------------------------------------- [ Webcasts ] All webcasts are located at: http://net-security.org/webcasts.php ---------------------------------------------------------------- Top 10 Reasons to Analyze your Firewall and Antivirus Server Logs Organized by eIQnetworks on 24 May 2004, 2:00 PM http://www.net-security.org/webcast.php?id=290 Consolidated email protection: An introduction to PureMessage Organized by Sophos on 25 May 2004, 10:00 AM http://www.net-security.org/webcast.php?id=282 The Next Generation of Managed Security Services Organized by ISS on 25 May 2004, 11:00 AM http://www.net-security.org/webcast.php?id=273 Where Privacy Policies Fail: Addressing Compliance with Secure Messaging Technology Organized by ZixCorp on 26 May 2004, 1:00 PM http://www.net-security.org/webcast.php?id=289 Automate Remediation Activities for Efficient Vulnerability Management Organized by eEye on 27 May 2004, 10:00 AM http://www.net-security.org/webcast.php?id=280 Sophos Anti-Virus: Stopping viruses in the educational environment Organized by Sophos on 2 June 2004, 10:00 AM http://www.net-security.org/webcast.php?id=283 A Field Guide to Spam / Introduction to PureMessage (Australasia) Organized by Sophos on 2 June 2004, 4:30 PM http://www.net-security.org/webcast.php?id=284 Virtual Patch - The Next Generation of Managed Protection Services Organized by ISS on 8 June 2004, 11:00 AM http://www.net-security.org/webcast.php?id=274 All anti-virus software is not created equal Organized by Sophos on 16 June 2004, 10:00 AM http://www.net-security.org/webcast.php?id=285 Building Security into Your Software Development Lifecycle Organized by Foundstone on 16 June 2004, 4:00 PM http://www.net-security.org/webcast.php?id=292 Tips & Tricks for Secure Access to Cisco Routers Organized by Global Knowledge on 25 June 2004, 4:00 PM http://www.net-security.org/webcast.php?id=293 All anti-virus software is not created equal Organized by Sophos on 30 June 2004, 10:00 AM http://www.net-security.org/webcast.php?id=286 Developing a Software Security Metrics Program Organized by Foundstone on 14 July 2004, 4:00 PM http://www.net-security.org/webcast.php?id=294 ---------------------------------------------------------------- [ Conferences ] All conferences are located at: http://net-security.org/conferences.php ---------------------------------------------------------------- Computer Security Mexico 2004 Organized by Computer Security Department and UNAM-CERT - 27 May-28 May 2004 http://www.net-security.org/conference.php?id=87 RSA Conference 2004 Japan Organized by RSA Conference 2004 Japan Executive Comittee - 31 May-1 June 2004 http://www.net-security.org/conference.php?id=82 Infosecurity Canada Conference & Exhibition 2004 Organized by Reed Exhibitions - 1 June-3 June 2004 http://www.net-security.org/conference.php?id=86 BCS Birmingham IT Security Conference 2004 Organized by British Computer Society - 8 June-8 June 2004 http://www.net-security.org/conference.php?id=81 16th Annual FIRST Conference Organized by FIRST - 13 June-18 June 2004 http://www.net-security.org/conference.php?id=22 NetSec 2004 Organized by Computer Security Institute - 14 June-16 June 2004 http://www.net-security.org/conference.php?id=20 2004 USENIX Annual Technical Conference Organized by USENIX Association - 27 June-2 July 2004 http://www.net-security.org/conference.php?id=66 DIMVA 2004 Organized by German Informatics Society - 6 July-7 July 2004 http://www.net-security.org/conference.php?id=47 RUXCON 2004 Organized by Australian computer security community - 10 July-11 July 2004 http://www.net-security.org/conference.php?id=88 Open Source Convention 2004 Organized by O'Reilly - 26 July-30 July 2004 http://www.net-security.org/conference.php?id=89 13th USENIX Security Symposium Organized by USENIX Association - 9 August-13 August 2004 http://www.net-security.org/conference.php?id=67 The 14th Virus Bulletin International Conference (VB2004) Organized by Virus Bulletin - 29 September-1 October 2004 http://www.net-security.org/conference.php?id=83 RSA Conference Europe 2004 Organized by RSA Security - 3 November-5 November 2004 http://www.net-security.org/conference.php?id=90 ---------------------------------------------------------------- [ Security World ] All press releases are located at: http://www.net-security.org/press_main.php Send your press releases to press@net-security.org ---------------------------------------------------------------- Symantec Secures New State-of-the-Art US Nationwide Amber Alert Network http://www.net-security.org/press.php?id=2157 Macrovision Wins Preliminary Injunction Against 321 Studios In Patent and Copyright Infringement Lawsuit http://www.net-security.org/press.php?id=2156 Security Architects launches its new product, Ozone, a Host Intrusion Prevention System http://www.net-security.org/press.php?id=2155 Symantec To Acquire Brightmail http://www.net-security.org/press.php?id=2154 Kavado Appoints Technology Industry Veteran Vikram K. Desai as President and CEO http://www.net-security.org/press.php?id=2153 Certicom Licenses Security Builder Toolkits to Unisys http://www.net-security.org/press.php?id=2152 Endforce, Inc. And Shavlik Technologies, LLC Announce Licensing Agreement To Deliver Industry Leading Endpoint Security Capability http://www.net-security.org/press.php?id=2151 eIQnetworks Announces New Centralized Event Correlation and Management Solution With Compliance Reporting for Windows, UNIX and Linux Systems http://www.net-security.org/press.php?id=2150 F-Secure Introduces Complete Information Security Solution For Small Businesses http://www.net-security.org/press.php?id=2149 ServGate Helps Charles Tyrwhitt Shirts Make 80% Reduction in IT Support and Management Costs http://www.net-security.org/press.php?id=2148 Kavado Wins Crossroads A-List Award 2004 http://www.net-security.org/press.php?id=2147 Syngress Publishing Announces the Release of "Managing and Securing a Cisco Structured Wireless-Aware Network" http://www.net-security.org/press.php?id=2146 Trapeze Networks Outscores The Competition In The First Ever Mobility Test Focused On Advanced Security and Active Roaming http://www.net-security.org/press.php?id=2145 Las Vegas Metropolitan Police Department Books The Training Camp for Ethical Hacking Course http://www.net-security.org/press.php?id=2144 America Online Blocks More Than One Billion Virus-Infected Emails in Past Year http://www.net-security.org/press.php?id=2143 Trend Micro Network VirusWall Helps Stop Spread of “Sasser” Network Virus http://www.net-security.org/press.php?id=2142 Astaro Raises $6.7 Million In Second Round Venture Funding http://www.net-security.org/press.php?id=2141 Sygate Introduces First Endpoint Security Solution For Windows XP Embedded-Based Devices http://www.net-security.org/press.php?id=2140 Sybari Files Registration Statement With The Securities And Exchange Commission For Initial Public Offering http://www.net-security.org/press.php?id=2139 "Network Security Hacks" Released by O'Reilly http://www.net-security.org/press.php?id=2138 ---------------------------------------------------------------- [ Virus News ] All virus news are located at: http://www.net-security.org/viruses.php ---------------------------------------------------------------- Weekly Report on Viruses and Intrusions - Bobay A/B/C, Kibuv.A and Lovgate.AF Worms http://www.net-security.org/virus_news.php?id=411 Bobax Worm Turns Computers Into Spam Zombies http://www.net-security.org/virus_news.php?id=410 Sober-G Worm Spreading Widely Across Europe http://www.net-security.org/virus_news.php?id=409 ---------------------------------------------------------------- Questions, contributions, comments or ideas go to: Help Net Security staff staff@net-security.org http://net-security.org ---------------------- Unsubscribe from this weekly digest on: http://www.net-security.org/subscribe.php The archive of the newsletter in TXT and PDF format is available http://www.net-security.org/newsletter_archive.php ---------------------------------------------------------------- Windows Server System is integrated server infrastructure software from Microsoft that is designed to work together and interact seamlessly with other data and applications across your IT environment so you can reduce the costs of ongoing operations, deliver highly reliable and secure IT infrastructure, and drive valuable new capabilities for the future growth of your business. For more information visit http://ad.sk.doubleclick.net/clk;8019800;9084238;l ----------------------------------------------------------------