HNS Newsletter
Issue 220 - 05.07.2004.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week.


----------------------------------------------------------------
ADVERTISEMENT
----------------------------------------------------------------
Windows Server System is integrated server infrastructure 
software from Microsoft that is designed to work together and 
interact seamlessly with other data and applications across your 
IT environment so you can reduce the costs of ongoing operations, 
deliver highly reliable and secure IT infrastructure, and drive 
valuable new capabilities for the future growth of your business.

For more information visit
http://ad.sk.doubleclick.net/clk;8032548;9084238;p
----------------------------------------------------------------


Table of contents:

1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Software
6) Webcasts
7) Conferences
8) Security World
9) Virus News


[ Security news ]


----------------------------------------------------------------

VERISIGN SERVICE TAKES ON SPAM
VeriSign on Monday announced a new e-mail security service designed
to stop viruses and spam. 
http://www.net-security.org/news.php?id=5481


CERT RECOMMENDS ANYTHING BUT IE
US Computer Emergency Readiness Team is advising people to ditch
Internet Explorer and use a different browser after the latest
security vulnerability in the software was exposed. 
http://www.net-security.org/news.php?id=5482


EXPLOIT USED TO SPREAD VIRUS COULD BE USED AGAIN
Computer experts warn that now that a new way to spread computer
viruses has gotten a foothold, it won't be long before others try
similar attacks.
http://www.net-security.org/news.php?id=5483


ISO ENDORSES KEY SECURITY CERTIFICATION
The International Standards Organization last week gave its stamp of
approval to the CISSP security certification for IT workers, and a
half-dozen security managers said the endorsement should help enhance
the certification's legitimacy and acceptance. 
http://www.net-security.org/news.php?id=5484


GATES DISHES OUT SECURITY PROMISES
At a news conference in Sydney, Microsoft's chairman said computer
systems must become more secure and must be at least as reliable as
essential physical infrastructure like electricity and water systems.

http://www.net-security.org/news.php?id=5485


IBM ANNOUNCES E-MAIL SECURITY MANAGEMENT SERVICES
IBM has announced E-mail Security Management Services, a new managed
security service designed to help companies reduce the risks inherent
with email communications. 
http://www.net-security.org/news.php?id=5486


AUTHORS OF THE LAST VIRUSES ARE RUSSIANS
The authors of the last malicious action to spread computer viruses
exploiting earlier unknown flaw in the Internet browser are people of
Archangelsk, Russia. 
http://www.net-security.org/news.php?id=5487


MICROSOFT BLAMES HACKERS, NOT VULNERABILITY, FOR WEB ATTACK
The evidence now is leading them to accept Microsoft's explanation
that the IIS 5.0 servers were hacked manually and that the server
software doesn't have an unknown vulnerability. 
http://www.net-security.org/news.php?id=5488


ANTI-PHISHING GROUP BACKS EMAIL AUTHENTICATION
A group attempting to stop the new scourge of phishing fraud on the
Web says email authentication technology could do the job, a concept
backed by Microsoft.
http://www.net-security.org/news.php?id=5489


HP PLANS NEW SECURITY CONSCIOUS PCS
Free software that backs up your hard drive automatically will be
built into three new PC ranges from Hewlett Packard scheduled for
release later this summer.
http://www.net-security.org/news.php?id=5490


NIST AIMS TO EASE XP SECURITY SETUP
Officials at the National Institute of Standards and Technology hope
their new publication will help simplify the process of setting
security controls on Microsoft Corp.'s Windows XP Professional
operating system.
http://www.net-security.org/news.php?id=5491


ARM, TI ENTER TECHNOLOGY SECURITY COLLABORATION
In an effort to combat the results of phone theft, ARM said it will
collaborate with Texas Instruments Inc. for a security solution using
its TrustZone technology. 
http://www.net-security.org/news.php?id=5492


WINDOWS XP SERVICE PACK 2: "A VICTORY FOR THE SECURITY GUYS"
Microsoft has hailed Windows XP Service Pack 2 (SP2) as a "victory
for the security guys" and its new features have been welcomed by
users at the software giant's annual Tech Ed conference in Amsterdam
this week. 
http://www.net-security.org/news.php?id=5493


PATENT FILED FOR VOICE SPAM BLOCKING TECHNOLOGY
A patent application has been filed for a method to identify and
block SPIT - spam over Internet telephony, or VoIP spam.
http://www.net-security.org/news.php?id=5494


SEVENFOLD INCREASE IN PHISHING ATTACKS
Online fraud watchers reported nearly 1,200 new phishing attacks in
May, and warned that the number is rising.
http://www.net-security.org/news.php?id=5495


HNS AUDIO LEARNING SESSION: SQL INJECTION ATTACKS
Caleb Sima, SPI Dynamics CTO, discusses SQL injection attacks, offers
practical examples of these vulnerabilities and provides tips on both
how to find and how to immunize SQL injection vulnerabilities.
http://www.net-security.org/news.php?id=5496


VIRUS HITS INDIAN BPO NETWORKS
Infosys Technologies, a leading Bangalore-based software and business
process outsourcing (BPO) company, had to bring down its network,
following detection of a virus attack on some machines on the
network.
http://www.net-security.org/news.php?id=5497


UK LAWMAKERS WANT MORE COMPUTER HACKERS BEHIND BARS
Computer hacking, an offence police once dismissed as a teenage
prank, would carry a maximum two-year prison term as part of a
revised cybercrime law proposed by British MPs on Wednesday.
http://www.net-security.org/news.php?id=5498


LEARN COMPUTER FORENSICS AT BRADFORD UNIVERSITY
The University of Bradford has introduced a postgraduate course in
Forensic Computing, in response to "growing demand for computer
scientists" with specialist skills to investigate high tech crimes.
http://www.net-security.org/news.php?id=5499


SEVEN HABITS OF HIGHLY SECURE COMPANIES
Companies, like the humans who make them run, are creatures of habit.
Some of those habits can make information systems more secure, rather
than less. The seven best practices of highly secure companies are a
standard against which CEOs can measure their organizations. 
http://www.net-security.org/news.php?id=5500


BHO SCANNING TOOL AND NEW SCAM TARGETS BANK CUSTOMERS
On June 24th, a visitor to the SANS Internet Storm Center reported
that his company was "in the middle of a very disturbing ... issue
regarding the adware/spyware/IE exploit genre".
http://www.net-security.org/news.php?id=5501


MAGOLD VIRUS WRITER SENTENCED
Sophos is reporting that the creator of the Magold worm has been
found guilty and sentenced to two years of probation as well as a
fine equivalent to around Ł1300 to cover court costs. 
http://www.net-security.org/news.php?id=5502


EXPERTS OUTLINE E-VOTING SECURITY REQUIREMENTS
A panel of IT security experts yesterday proposed a series of
detailed recommendations that they said state and local jurisdictions
must act on immediately to ensure the security of electronic voting
systems and the accuracy and transparency of the November
presidential election.
http://www.net-security.org/news.php?id=5503


INTERNET SECURITY: WHO NEEDS IT? (YOU DO)
The potential threats are many and varied, so protect yourself better
than you believe you should or you could lose it all.
http://www.net-security.org/news.php?id=5504


$1.5M 'HACKER'S HEAVEN' FOR POLY STUDENTS
Homework gets a little unusual for some students at the Singapore
Polytechnic, which has set up a $1.5 million computer centre so they
can hack into it and make it crash. 
http://www.net-security.org/news.php?id=5505


HACKER COUGHS UP ADVICE
You've got to "understand the dark side" to be a good guy in the
computer-hacking world, says ethical hack specialist Mike Sues, and
most computer users don't have the first clue about the dangers they
face.
http://www.net-security.org/news.php?id=5506


VIRUSES PUTTING SMALL BUSINESS OFF INTERNET
Small businesses in Wales are being put off internet trading by
computer viruses and spam, a report has revealed.
http://www.net-security.org/news.php?id=5507


VIRUSES, VIRUSES EVERYWHERE
I never thought I would pine for the good old days in computing when
me and my buddies would take turns typing in the peeks and pokes in
endless listings from "RUN" magazine to make my Commodore 64 actually
do something. 

http://www.net-security.org/news.php?id=5508


FBI OPENS NEW COMPUTER CRIME LAB
The FBI opened a new lab Tuesday dedicated to detecting
computer-related crimes and training federal, state and local police
to catch Internet pedophiles, frauds and thieves. 
http://www.net-security.org/news.php?id=5509


SECURE ENOUGH FOR A BANK
In its New York location alone, the Fed maintains more that 10,000
discrete devices, including AS/400, HP-UX, Linux, Novell NetWare, and
Sun Solaris servers, as well as a huge installed base of Microsoft
Windows. The awesome responsibility of managing these assets falls on
the shoulders of Sean Mahon, the New York Fed's vice president of
system management.
http://www.net-security.org/news.php?id=5510


UPSIDE-DOWN SECURITY
How can companies hope to protect their data--and how can we hope to
stop identity theft--when we ignore the most basic protection
methods?
http://www.net-security.org/news.php?id=5511


EXPERTS DEBATE SECURITY THROUGH DIVERSITY
The sheer number of worms and viruses directed at Microsoft Corp.'s
Windows operating system and Internet Explorer browser have many in
the computer industry wondering whether we would all be more secure
if more users relied on alternatives to Microsoft's products.
http://www.net-security.org/news.php?id=5512


NETWORKING: WI-FI SECURITY STILL SPOTTY
A year after WPA's launch, many products aren't certified.
http://www.net-security.org/news.php?id=5513


PC WORLD SELLS "NEW" HARD DRIVE WITH PERSONAL DATA
A hard drive sold as new in a major PC World outlet in London on
Monday contained a couple's personal data including spreadsheets, VAT
information and other sensitive information.
http://www.net-security.org/news.php?id=5514


A HOLISTIC APPROACH TO SECURING THE ENTERPRISE
The continuance of malicious computer attacks has made security a
front page topic in almost every board room and IT oversight
committee. Most IT departments accept that routine updates to
software operating environments are a necessary part of managing
systems.
http://www.net-security.org/news.php?id=5515


SPAMMERS FACE TRI-NATION CRACKDOWN
UK, US and Australia join forces to investigate and prosecute
spammers.
http://www.net-security.org/news.php?id=5516


WIRETAP RULING COULD SIGNAL END OF E-MAIL PRIVACY
A federal appeals court ruling this week has put a spotlight on the
increasingly public nature of e-mail messages and has unraveled
expectations that e-mail would gain the same privacy protections as
traditional communications.
http://www.net-security.org/news.php?id=5517


MICROSOFT IE SECURITY STORM BUILDS
Experts are warning users about Internet Explorer security risks.
While the Mozilla or Opera Web browser may be a good choice for some
consumers, enterprise alternatives are sketchy.
http://www.net-security.org/news.php?id=5518


ENFORCEMENT IS KEY TO FIGHTING CYBERCRIME
The publication of a review of Britain's cybercrime laws by an
influential group of MPs and peers this week has been welcomed by the
IT industry.
http://www.net-security.org/news.php?id=5519

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

Domino 6.5.1 Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=3544


phpMyAdmin version 2.5.7 PHP Code Injection Vulnerability
http://www.net-security.org/vuln.php?id=3543


Domino 6.5.1 Unprivileged User Quota Changing Vulnerability
http://www.net-security.org/vuln.php?id=3542


WinGate Information Disclosure Vulnerability
http://www.net-security.org/vuln.php?id=3541


Linux Kernel 2.6.x Remote Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=3540


Sbus PROM Driver Multiple Integer Overflow Vulnerabilities
http://www.net-security.org/vuln.php?id=3539


Lotus Notes URL Argument Injection Vulnerability
http://www.net-security.org/vuln.php?id=3538


DLINK 614+ DHCP Service Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=3537


DLINK 614+ System Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=3536


Infinity WEB SQL Injection Vulnerability
http://www.net-security.org/vuln.php?id=3535


csFAQ Full Path Disclosure Vulnerability
http://www.net-security.org/vuln.php?id=3534


PowerPortal Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3533


CuteNews Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=3532

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Debian Security Advisory - New pavuk packages fix buffer overflow  
(DSA 527-1)
http://www.net-security.org/advisory.php?id=3498


Debian Security Advisory - New webmin packages fix multiple
vulnerabilities  (DSA 526-1)
http://www.net-security.org/advisory.php?id=3497


US-CERT Technical Cyber Security Alert - Internet Explorer Update to
Disable ADODB.Stream ActiveX Control (TA04-184A)
http://www.net-security.org/advisory.php?id=3496


SUSE Security Announcement - kernel (SUSE-SA:2004:020)
http://www.net-security.org/advisory.php?id=3495


Gentoo Linux Security Advisory - Esearch: Insecure temp file handling
(GLSA 200407-01)
http://www.net-security.org/advisory.php?id=3494


FreeBSD Security Advisory  - Linux binary compatibility mode input
validation error (FreeBSD-SA-04:13.linux)
http://www.net-security.org/advisory.php?id=3493


Cisco Security Advisory - Cisco Collaboration Server Vulnerability
http://www.net-security.org/advisory.php?id=3492


Trustix Secure Linux Bugfix Advisory - apache, libpng, python
(#2004-0038)
http://www.net-security.org/advisory.php?id=3491


Gentoo Linux Security Advisory - Pavuk: Remote buffer overflow (GLSA
200406-22)
http://www.net-security.org/advisory.php?id=3490


Mandrakelinux Security Update Advisory - apache (MDKSA-2004:065)
http://www.net-security.org/advisory.php?id=3489


Mandrakelinux Security Update Advisory - apache2 (MDKSA-2004:064)
http://www.net-security.org/advisory.php?id=3488


Mandrakelinux Security Update Advisory - libpng (MDKSA-2004:063)
http://www.net-security.org/advisory.php?id=3487


Gentoo Linux Security Advisory - mit-krb5: Multiple buffer overflows
in krb5_aname_to_localname (GLSA 200406-21)
http://www.net-security.org/advisory.php?id=3486

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org


----------------------------------------------------------------

A HOLISTIC APPROACH TO SECURING THE ENTERPRISE
The continuance of malicious computer attacks has made security a
front page topic in almost every board room and IT oversight
committee. Most IT departments accept that routine updates to
software operating environments are a necessary part of managing
systems.
http://www.net-security.org/article.php?id=706


HNS AUDIO LEARNING SESSION: SQL INJECTION ATTACKS
In this HNS audio learning session, Caleb Sima, SPI Dynamics CTO,
discusses SQL injection attacks, offers practical examples of these
vulnerabilities and gives tips on both how to find and how to
immunize SQL injection vulnerabilities.
http://www.net-security.org/article.php?id=705

----------------------------------------------------------------




[ Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2

Pocket PC software is located at:
http://net-security.org/software_main.php?cat=3


----------------------------------------------------------------

BOTAN 1.4.0
Botan aims to be a portable, easy to use, and efficient C++ crypto
library.
http://www.net-security.org/software.php?id=94


ID_BANK 1.21
ID_Bank is a secure identity and password protection system.
http://www.net-security.org/software.php?id=91


MARADNS 1.1.22
MaraDNS is a DNS server that strives to be secure and fully
open-sourced.
http://www.net-security.org/software.php?id=84


PAM_IMAP 0.3.6
This is a PAM module that authenticates a user login against a remote
IMAP or IMAPS server.
http://www.net-security.org/software.php?id=405


RSSH 2.2.1
rssh is a restricted shell for use with OpenSSH, allowing only scp
and/or sftp.
http://www.net-security.org/software.php?id=236


SHOREWALL 2.0.3b
Shorewall is an iptables based firewall that can be used on a
dedicated firewall system, a multi-function masquerade gateway/server
or on a standalone Linux system.
http://www.net-security.org/software.php?id=40


VISUALROUTE 8.0f
VisualRoute delivers the functionality of key Internet "ping,"
"whois," and "traceroute" tools, in a high-speed visually integrated
package.
http://www.net-security.org/software.php?id=2

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at:
http://net-security.org/webcasts.php


----------------------------------------------------------------

Developing a Software Security Metrics Program
Organized by Foundstone on 14 July 2004, 4:00 PM
http://www.net-security.org/webcast.php?id=294

----------------------------------------------------------------




[ Conferences ]


All conferences are located at:
http://net-security.org/conferences.php


----------------------------------------------------------------

DIMVA 2004
Organized by German Informatics Society - 6 July-7 July 2004
http://www.net-security.org/conference.php?id=47


RUXCON 2004
Organized by Australian computer security community - 10 July-11 July
2004
http://www.net-security.org/conference.php?id=88


Open Source Convention 2004
Organized by O'Reilly - 26 July-30 July 2004
http://www.net-security.org/conference.php?id=89


13th USENIX Security Symposium
Organized by USENIX Association - 9 August-13 August 2004
http://www.net-security.org/conference.php?id=67


The 14th Virus Bulletin International Conference (VB2004)
Organized by Virus Bulletin - 29 September-1 October 2004
http://www.net-security.org/conference.php?id=83


RSA Conference Europe 2004
Organized by RSA Security - 3 November-5 November 2004
http://www.net-security.org/conference.php?id=90


IBM SecureWorld Conference EMEA 2004
Organized by IBM - 23 November-26 November 2004
http://www.net-security.org/conference.php?id=91

----------------------------------------------------------------




[ Security World ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org


----------------------------------------------------------------

TippingPoint’s UnityOne Intrusion Prevention System Awarded
Prestigious Network Protection Product of the Year by IDG
http://www.net-security.org/press.php?id=2267


Datakey Axis Strong Authentication Thwarts the Scob Virus
http://www.net-security.org/press.php?id=2266


PureSight, Inc. Now Shipping PureSight PC v.3.1 with New User
Friendly Interface
http://www.net-security.org/press.php?id=2265


GFI launches GFI MailEssentials for Exchange/SMTP 10
http://www.net-security.org/press.php?id=2264


SecureInfo CEO Steven Kiser Moderates Distinguished CyberSecurity
Leadership Panel at VA InfoSec 2004 Conference
http://www.net-security.org/press.php?id=2263


Beta Version Of The New Panda Webadmin Antivirus: Protection Via The
Internet For The Entire Organization
http://www.net-security.org/press.php?id=2262


Nedbank Limited Deploys TippingPoint’s UnityOne Intrusion Prevention
Systems to Protect Their Customers from Electronic and Identity Theft
http://www.net-security.org/press.php?id=2261


New Version of Aladdin eSafe Offers Advanced Application Filtering
Technology and Unique Email and Virus Protection
http://www.net-security.org/press.php?id=2260


SPI Dynamics Introduces SecureObjects for Microsoft Visual Studio
.NET 2003
http://www.net-security.org/press.php?id=2259


'APIG' Right To Call For Proactive Security Monitoring By ISPs -
MessageLabs
http://www.net-security.org/press.php?id=2258


Approval Of Landmark IEEE Security Standard Enables Wireless LAN
Vendors To Add Stronger Encryption To Product Portfolios
http://www.net-security.org/press.php?id=2257


Vontu Urges Presidential Signature On First Bill That Seeks To Stem
Rising Tide Of "Insider" ID Theft
http://www.net-security.org/press.php?id=2256


F-Secure Introduces Antivirus Product For Citrix MetaFrame
http://www.net-security.org/press.php?id=2255


TippingPoint’s UnityOne Protects Against Web Attacks Exploiting
Internet Explorer Vulnerabilities
http://www.net-security.org/press.php?id=2254


Panda Software Launches TruPrevent: The Most Intelligent Technologies
to Combat Unknown Viruses and Intruders
http://www.net-security.org/press.php?id=2253


Tekmark Global Solutions, LLC Renames its Risk Management Division to
TekSecure  Labs
http://www.net-security.org/press.php?id=2252


Swiss Internet Service Provider Telephoenix Launches Anti-Virus
E-Service In  Co-Operation With F-Secure
http://www.net-security.org/press.php?id=2251


Juniper Networks First To Deliver SSL VPN Solution With SAML Support
To Transform Secure Extranet Access
http://www.net-security.org/press.php?id=2250


Panda Anti-Virus engine integrates with Blue Coat High-Performance
ProxyAV Appliance
http://www.net-security.org/press.php?id=2249

----------------------------------------------------------------




[ Virus News ]


All virus news are located at:
http://www.net-security.org/viruses.php


----------------------------------------------------------------

Weekly Report On Viruses And Intruders  - Webber Backdoors, Bankhook
and Scob Trojans and Korgo Variants
http://www.net-security.org/virus_news.php?id=428


Top Ten Viruses Most Frequently Detected by Panda ActiveScan in June
http://www.net-security.org/virus_news.php?id=427


Top Ten Viruses And Hoaxes Reported To Sophos In June 2004
http://www.net-security.org/virus_news.php?id=426

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:

Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
ADVERTISEMENT
----------------------------------------------------------------
Windows Server System is integrated server infrastructure 
software from Microsoft that is designed to work together and 
interact seamlessly with other data and applications across your 
IT environment so you can reduce the costs of ongoing operations, 
deliver highly reliable and secure IT infrastructure, and drive 
valuable new capabilities for the future growth of your business.

For more information visit
http://ad.sk.doubleclick.net/clk;8032548;9084238;p
----------------------------------------------------------------