HNS Newsletter Issue 233 - 04.10.2004. http://net-security.org This is a newsletter delivered to you by Help Net Security. It covers weekly roundups of security events that were in the news the past week. ---------------------------------------------------------------- Information Management Network Presents The 3rd Annual Cyber Security in the Financial Services Sector Executive Summit October 27-28, 2004 * New York City ---------------------------------------------------------------- The second edition of our Cyber security event last October in New York was attended by 450+ delegates 1/2 who were from financial services firms. The 3rd annual event promises a new, up-to-date agenda covering such emerging issues like: Spyware, Phishing, Spam, Wireless and a group of small-scale, interactive roundtables that will address key issues in an interactive, intimate setting. For additional information, please go to http://www.imn.org/a680/nse. ---------------------------------------------------------------- Table of contents: 1) Security news 2) Vulnerabilities 3) Advisories 4) Articles 5) Software 6) Webcasts 7) Conferences 8) Security World 9) Virus News [ Security news ] ---------------------------------------------------------------- 'UTM APPLIANCES' WILL SUPPLANT FIREWALLS The basic building block of today's network security is the firewall but two market analyses from research company IDC offer compelling evidence that this is about to change. http://www.net-security.org/news.php?id=6152 VERISIGN, RSA INTRODUCE AUTHENTICATION TOOLS VeriSign Inc. added yet another security system to the industry with VeriSign Unified Authentication. http://www.net-security.org/news.php?id=6153 SECURITY IN A SINGLE PACKAGE Hercules offers patch management, remediation, policies in unified interface. http://www.net-security.org/news.php?id=6154 E-BUSINESS SITES HIT WITH ATTACKS, EXTORTION THREATS Attackers may be shifting strategy and aiming at specific companies. http://www.net-security.org/news.php?id=6155 HACKERS SMELL BLOOD IN COMMON WINDOWS INTERFACE Hackers smell blood in Common Windows Interface http://www.net-security.org/news.php?id=6156 BIOMETRICS: A SECURITY MAKEOVER The reliability of facial biometrics has been seriously questioned in the past. A4Vision has developed and marketed 3D facial biometrics technology that is drawing strong interest. http://www.net-security.org/news.php?id=6157 AUDIO - THE CERTIFICATION OF SSL VPNS Brian Monkman, Technology Programs Manager at ICSA Labs, discusses how SSL VPNs are certified at ICSA Labs. Help Net Security visitors are introduced to the background and the process of this thorough certification procedure. http://www.net-security.org/news.php?id=6159 MANDRAKESOFT IN BID FOR EAL5 CERTIFICATION Mandrakesoft is teaming with a consortium of European partners in an effort to win Common Criteria Evaluation Assurance Level 5, the highest security certification. http://www.net-security.org/news.php?id=6160 INFORMATION SECURITY FAST BECOMING CORE ISSUE IN CORPORATE GOVERNANCE A large number of corporations in Middle East are beginning to identify 'information security' as a core area of corporate governance, said sources from information security sector. http://www.net-security.org/news.php?id=6161 WILL WE HAVE A WIRELESS PUBLIC SAFETY NETWORK? Group demonstrates possible solutions, but lawmakers also need to act. http://www.net-security.org/news.php?id=6162 FINANCIAL WEB SITES VULNERABLE TO PHISHING ATTACKS Survey shows nine out of 10 financial web sites contain security flaws. http://www.net-security.org/news.php?id=6163 NOT YET ANOTHER SETUP TOOL (YAST) ANYMORE GUI-Based, Application-Level Security Management for Novell's SLES 9. http://www.net-security.org/news.php?id=6164 HOUSE STRUGGLES OVER SECURITY BILL House Republicans rejected language in a bill that would have shifted oversight responsibility for cybersecurity from the Homeland Security Department to a newly created position in the Office of Management and Budget. http://www.net-security.org/news.php?id=6165 SECURITY LEADERS GET BIGGER Consolidation in the security sector continued last week as three firms planned a merger to form a new security giant offering global services. http://www.net-security.org/news.php?id=6166 TERRORISTS GROW FAT ON EMAIL SCAMS Organisations such as al-Qaeda, ETA en PKK are copying Nigerian scams to fund terrorism, two Dutch experts told Dutch daily De Telegraaf. http://www.net-security.org/news.php?id=6167 NUKE WATCHDOG ISSUES CYBERGEDDON ALERT The United Nations' nuclear watchdog agency warned of growing concern about cyber attacks against nuclear facilities. http://www.net-security.org/news.php?id=6168 NOKIA BREAKS INTO HOME SECURITY MARKET Wireless home monitoring device controlled by text message. http://www.net-security.org/news.php?id=6169 SECURITY VENDORS HARDEN PRODUCTS Security companies are trotting out intrusion-prevention system and vulnerability-assessment products. http://www.net-security.org/news.php?id=6170 UK FIRM PROMISES SUPER-SECURE EMAIL Jeftel .safe service bypasses servers to avoid snooping and spam. http://www.net-security.org/news.php?id=6171 WIRELESS SECURITY: 'WE HAVE TO DO THE RIGHT THINGS' With its security improving, wireless is set for deployment. http://www.net-security.org/news.php?id=6172 MICROSOFT, AMAZON.COM FILE PHISHING, SPAMMING LAWSUITS Suit alleges Gold Disk Canada is responsible for sending millions of deceptive e-mails. http://www.net-security.org/news.php?id=6173 OPENSSH MARKS ITS FIFTH BIRTHDAY OpenSSH marks five years of its existence this week and a new round of internet SSH version mapping shows that it has over 88 percent of the SSH server market. http://www.net-security.org/news.php?id=6174 SECURITY IN A WORLD WITHOUT BORDERS As the perimeter loses ground in the battle for secure networks, some security executives want to do away with perimeter security altogether. But others aren't so sure. http://www.net-security.org/news.php?id=6175 SECURITY FIRMS MERGE TO FORM CYBERTRUST "We are going to see more consolidation in this space. I don't think many of these managed security companies are making a huge profit or having much impact on the market. The whole area is a minefield and requires huge investment," Bernie Dodwell, business development director at distributor Wick Hill, said. http://www.net-security.org/news.php?id=6176 JAPANESE BANK USES BIOMETRICS TO BOOST SECURITY Japan's third-largest bank, The Bank of Tokyo-Mitsubishi, will deploy a biometric security system based on vein-pattern recognition technology in branches nationwide in October. http://www.net-security.org/news.php?id=6177 UK POLICEMAN ARRESTED OVER PHONE TAP CLAIMS Six men - including a serving Metropolitan Police officer - have been arrested concerning the alleged illegal interception of private phone calls. http://www.net-security.org/news.php?id=6178 VENDORS STRUGGLE TO COPE WITH WLAN SECURITY THREATS The market for wireless local area network (WLAN) security technologies is growing "phenomenally", but vendors are struggling to keep up with the fast-moving nature of WLAN security threats, industry experts have warned. http://www.net-security.org/news.php?id=6179 IT BOSSES EYE UP BIOMETRIC SECURITY Firms prepare to introduce iris scans and fingerprint recognition in the workplace. http://www.net-security.org/news.php?id=6180 DEFEATING HONEYPOTS : NETWORK ISSUES, PART 1 The purpose of this paper is to explain how attackers behave when they attempt to identify and defeat honeypots, and is useful for security professionals to deploy honeypots in a more stealthy manner. http://www.net-security.org/news.php?id=6181 WHAT SECURITY MEANS FOR THE CHIEF EXECUTIVE Legislation and cybercrime mean greater responsibility for senior management. http://www.net-security.org/news.php?id=6182 SARBANES-OXLEY DOCUMENTATION FOR ADMINISTRATORS This article examines the U.S. Sarbanes-Oxley Act of 2002 from a systems administrator’s viewpoint and looks at some tips to help you be better prepared for such an assessment. http://www.net-security.org/news.php?id=6183 GOING FURTHER TO STOP HACKERS The OpenBSD free Unix project has focused on auditing software security since its inception in 1995, in a bid to thwart malicious hackers. http://www.net-security.org/news.php?id=6184 SYSADMIN TO SYSADMIN: FIVE FLAGS YOU COMPLETELY FORGOT ABOUT Administrators are creatures of habit. So much so that we often read things and think, "hey, that's really cool," and then we completely forget about them, even though they might, in some instances, be useful on a regular basis. http://www.net-security.org/news.php?id=6185 HOW TO COMBAT SPYWARE There's no doubt that the presence of spyware on a computer is a serious intrusion of privacy that needs to be dealt with. http://www.net-security.org/news.php?id=6186 LARGE SCALE IM VIRUS ATTACK FEARED Security researchers are seeing the first signs of a large-scale virus attack taking advantage of a known flaw in the way JPEG images are processed in Microsoft Windows products. http://www.net-security.org/news.php?id=6187 WARSPAMMER PLEADS GUILTY UNDER ANTI-SPAM LAW A Los Angeles man who spewed porn advertisements from his car likely faces up to six months in jail. http://www.net-security.org/news.php?id=6188 DATA AND SECURITY KEY ISSUES IN BI ROLL-OUT Companies see big operational benefits in implementing business intelligence software but only after overcoming numerous technical, cultural and process challenges. http://www.net-security.org/news.php?id=6189 SO MANY VIRUSES, SO LITTLE TIME Those who design new ways of launching attacks on computers are shortening the development cycle for new exploits, worrying companies and systems manufacturers. http://www.net-security.org/news.php?id=6190 IM WORM CRAWLS THROUGH JPEG HOLE Attack largely unsuccessful, but security experts warn of more to come. http://www.net-security.org/news.php?id=6191 PUTTING WI-FI BEHIND THE CORPORATE FIREWALL "For years, company employees have had dial-up access to the corporate network over a virtual private network," says Wi-Fi Alliance managing director Frank Hanzlik. "Today, the security is still provided with a VPN -- they just connect with Wi-Fi." http://www.net-security.org/news.php?id=6192 SECURE LINUX: HOPE OR HYPE? The race is on to deliver a version of the Linux open-source operating system that will be more secure than any of its predecessors but also manageable and affordable enough to garner widespread acceptance. http://www.net-security.org/news.php?id=6193 STICKY SECURITY PROBLEMS The potential threats posed by memory sticks. http://www.net-security.org/news.php?id=6194 ID RULE EXISTS, BUT CAN'T BE SEEN Justice Department lawyers say there is indeed a rule requiring passengers to show ID at the airport before boarding a plane, but they say the exact wording of the rule can't be read by the public and can't be challenged. http://www.net-security.org/news.php?id=6195 PHISHING TAB TO REACH $500 MILLION By any measure, it is clear that online fraud, or phishing, is bad and getting worse. http://www.net-security.org/news.php?id=6196 OPEN SOURCE VERSUS CLOSED SOURCE SECURITY In the age old battle between open source and closed source operating systems and applications, can either of them really be considered more secure than the other? http://www.net-security.org/news.php?id=6197 ARNOLD VETOES PRIVACY BILL California Gov. Arnold Schwarzenegger says the bill, which would have required businesses to tell employees that their e-mail and internet usage was being monitored, was overly broad. http://www.net-security.org/news.php?id=6198 DELL TO SELL MORE SECURITY-PROOFED BUSINESS HARDWARE New ServGate hardware, starting at less than $1000, has integrated antivirus, spam filtering, and other security features. http://www.net-security.org/news.php?id=6199 PHISHERS COME UP WITH A NEW SCAM A new kind of phishing scam alters the website of a financial institution. http://www.net-security.org/news.php?id=6200 'CYBERNAPPING' DANGER OF UNPROTECTED SYSTEMS Experts warn of exponential rise in the run-up to Christmas. http://www.net-security.org/news.php?id=6201 TEN STEPS TO E-MAIL SECURITY Organizations would be wise to establish clearly defined security and e-mail policies. More than 137,000 computer security incidents were reported in 2003, nearly double the figure from 2002, according to the Carnegie Mellon's Computer Emergency Response Team. http://www.net-security.org/news.php?id=6202 OSIA QUESTIONS GARTNER CLAIM ON LINUX AND PIRACY A Gartner statement claiming that pre-installing Linux on PCs encourages piracy of Windows has been challenged by the Open Source Industry Association. http://www.net-security.org/news.php?id=6203 ---------------------------------------------------------------- [ Vulnerabilities ] All vulnerabilities are located here: http://www.net-security.org/archive_vuln.php ---------------------------------------------------------------- Macromedia ColdFusion MX 6.1 Java Class Creation Vulnerability http://www.net-security.org/vuln.php?id=3740 dbPowerAmp Buffer Overflow and Denial of Service Vulnerabilities http://www.net-security.org/vuln.php?id=3739 W-Agora Forum Multiple Vulnerabilities http://www.net-security.org/vuln.php?id=3738 Silent Storm Portal Multiple Vulnerabilities http://www.net-security.org/vuln.php?id=3737 Samba Arbitrary File Access Vulnerability http://www.net-security.org/vuln.php?id=3736 Macromedia JRun 4 mod_jrun Apache Module Buffer Overflow Vulnerability http://www.net-security.org/vuln.php?id=3735 Vignette Application Portal MUltiple Vulnerabilities http://www.net-security.org/vuln.php?id=3734 Icecast 2.0.1 Remote Code Execution Vulnerability http://www.net-security.org/vuln.php?id=3733 Wordpress 1.2 Multiple Cropss Site Scripting Vulnerabilities http://www.net-security.org/vuln.php?id=3732 BroadBoard Instant ASP Message Board SQL Injection Vulnerability http://www.net-security.org/vuln.php?id=3731 MyWebServer 1.0.3 Multiple Vulnerabilities http://www.net-security.org/vuln.php?id=3730 Chatman 1.5.1 RC1 Broadcast Crash Vulnerability http://www.net-security.org/vuln.php?id=3729 @lex Guestbook File Include Vulnerability http://www.net-security.org/vuln.php?id=3728 IBM AIX ctstrtcasd Local File Corruption Vulnerability http://www.net-security.org/vuln.php?id=3727 Motorola Wireless Router WR850G Authentication Circumvention Vulnerability http://www.net-security.org/vuln.php?id=3726 Sophos Small Business Suite Reserved Device Name Handling Vulnerability http://www.net-security.org/vuln.php?id=3725 ---------------------------------------------------------------- [ Advisories ] All advisories are located at: http://www.net-security.org/archive_advi.php ---------------------------------------------------------------- Gentoo Linux Security Advisory - sharutils: Buffer overflows in shar.c and unshar.c (GLSA 200410-01) http://www.net-security.org/advisory.php?id=3803 Fedora Legacy Update Advisory - Updated Ethereal packages fix security issues (FLSA:1840) http://www.net-security.org/advisory.php?id=3802 Fedora Legacy Update Advisory - Updated xchat resolves security vulnerabilities (FLSA:1549) http://www.net-security.org/advisory.php?id=3801 Fedora Legacy Update Advisory - Updated flim resolves security vulnerabilities (FLSA:1581) http://www.net-security.org/advisory.php?id=3800 Fedora Legacy Update Advisory - Updated rsync package fixes security issues (FLSA:2003) http://www.net-security.org/advisory.php?id=3799 Trustix Secure Linux Security Advisory - gettext, ghostscript, glibc, groff, gzip, kerberos5, lvm, mysql, netatalk, openssl, perl, postgresql (#2004-0050) http://www.net-security.org/advisory.php?id=3798 Debian Security Advisory - freenet6 (DSA 555-1) http://www.net-security.org/advisory.php?id=3797 HP Security Bulletin - HP StorageWorks Command View XP access restriction bypass (SSRT4794 rev.0) http://www.net-security.org/advisory.php?id=3796 Gentoo Linux Security Advisory - Subversion: Metadata information leak (GLSA 200409-35) http://www.net-security.org/advisory.php?id=3795 Fedora Legacy Update Advisory - Updated cadaver resolves security vulnerabilities (FLSA:1552) http://www.net-security.org/advisory.php?id=3794 Fedora Legacy Update Advisory - Updated tcpdump resolves security vulnerabilities (FLSA:1468) http://www.net-security.org/advisory.php?id=3793 SGI Security Advisory - bsd.a kernel networking vulnerabilities (20040905-01-P) http://www.net-security.org/advisory.php?id=3792 Conectiva Linux Security Announcement - kernel (CLA-2004:869) http://www.net-security.org/advisory.php?id=3791 Debian Security Advisory - sendmail (DSA 554-1) http://www.net-security.org/advisory.php?id=3790 Mandrakelinux Security Update Advisory - netpbm (MDKSA-2004:011-1) http://www.net-security.org/advisory.php?id=3789 Mandrakelinux Security Update Advisory - OpenOffice.org (MDKSA-2004:103) http://www.net-security.org/advisory.php?id=3788 Conectiva Linux Security Announcement - imlib (CLA-2004:870) http://www.net-security.org/advisory.php?id=3787 Debian Security Advisory - getmail (DSA 553-1) http://www.net-security.org/advisory.php?id=3786 Gentoo Linux Security Advisory - X.org, XFree86: Integer and stack overflows in libXpm (GLSA 200409-34) http://www.net-security.org/advisory.php?id=3785 ---------------------------------------------------------------- ---------------------------------------------------------------- Do you have an effective security strategy? You do now! Read Addison-Wesley books to craft your strategy. http://www.awprofessional.com/security ---------------------------------------------------------------- [ Articles ] All articles are located at: http://www.net-security.org/articles_main.php Articles can be contributed to articles@net-security.org ---------------------------------------------------------------- HOW TO COMBAT SPYWARE There's no doubt that the presence of spyware on a computer is a serious intrusion of privacy that needs to be dealt with. Spyware is actually installed remarkably easily on computers and many users are shocked -on scanning their systems- to find their computers crawling with this kind of program. http://www.net-security.org/article.php?id=731 THE CERTIFICATION OF SSL VPNS The majority of this audio session focuses on how SSL VPNs are certified at ICSA Labs. Help Net Security visitors are introduced to the background and the process of this thorough certification procedure. http://www.net-security.org/article.php?id=730 ---------------------------------------------------------------- [ Software ] Windows software is located at: http://net-security.org/software_main.php?cat=1 Linux software is located at: http://net-security.org/software_main.php?cat=2 Pocket PC software is located at: http://net-security.org/software_main.php?cat=3 ---------------------------------------------------------------- FIREWALL BUILDER 2.0.3 (Linux) Firewall Builder consists of an object-oriented GUI and a set of policy compilers for various firewall platforms. http://www.net-security.org/software.php?id=230 GFI LANGUARD PORTABLE STORAGE CONTROL 2.0 (Windows) This tool offers you network-wide control of which users can use removable storage such as USB sticks, CDs, handhelds, iPods, digital cameras and more. http://www.net-security.org/software.php?id=576 MAILSCANNER 4.34.8 (Linux) MailScanner is a virus scanner for e-mail designed for use on e-mail gateways. http://www.net-security.org/software.php?id=144 PADS 1.1.3 (Linux) Pads (Passive Asset Detection System) is a signature-based detection engine used to passively detect network assets. http://www.net-security.org/software.php?id=60 PRISMSTUMBLER 0.7.3 (Linux) PrismStumbler is a wireless LAN (WLAN) which scans for beaconframes from access points. http://www.net-security.org/software.php?id=142 REVELATION 0.3.4 (Linux) Revelation is a password manager for the GNOME 2 desktop. http://www.net-security.org/software.php?id=293 SAMHAIN 1.8.12 (Linux) Samhain is an open source file integrity and host-based intrusion detection system. http://www.net-security.org/software.php?id=125 SHOREWALL 2.0.9 (Linux) Shorewall is an iptables based firewall that can be used on a dedicated firewall system, a multi-function masquerade gateway/server or on a standalone Linux system. http://www.net-security.org/software.php?id=40 ---------------------------------------------------------------- [ Webcasts ] All webcasts are located at: http://net-security.org/webcasts.php ---------------------------------------------------------------- Building Effective & Auditable ITIL Change Management Processes in 4 Steps: Phase 3 and 4 of The Visible Ops Methodology Organized by Tripwire on 5 October 2004, 11:00 AM http://www.net-security.org/webcast.php?id=328 The Basics of WLAN Security Organized by Funk Software on 5 October 2004, 1:00 PM http://www.net-security.org/webcast.php?id=275 Managing Sarbanes-Oxley Act Compliance at Microsoft Organized by Microsoft on 6 October 2004, 10:00 AM http://www.net-security.org/webcast.php?id=335 Architecting Your 802.1x-Based WLAN Deployment Organized by Funk Software on 12 October 2004, 1:00 PM http://www.net-security.org/webcast.php?id=297 Consolidated email protection: An introduction to PureMessage Organized by Sophos on 13 October 2004, 10:00 AM http://www.net-security.org/webcast.php?id=303 Penetration Testing with CORE IMPACT Organized by Core Security Technologies on 14 October 2004, 1:00 PM http://www.net-security.org/webcast.php?id=304 Understanding Service Pack 2 for Windows XP Organized by Global Knowledge on 14 October 2004, 4:00 PM http://www.net-security.org/webcast.php?id=333 Ensuring Security Beyond Patch Management Organized by Microsoft on 19 October 2004, 11:00 AM http://www.net-security.org/webcast.php?id=336 Fighting Spam in an Exchange Environment with Microsoft Exchange Server 2003 Organized by Microsoft on 20 October 2004, 8:00 AM http://www.net-security.org/webcast.php?id=337 All anti-virus software is not created equal Organized by Sophos on 20 October 2004, 10:00 AM http://www.net-security.org/webcast.php?id=286 Custom Authentication and Authorization in ASP.NET Organized by Microsoft on 20 October 2004, 1:00 PM http://www.net-security.org/webcast.php?id=338 Microsoft Security Vision-Progress and Commitment Organized by Microsoft on 26 October 2004, 11:00 AM http://www.net-security.org/webcast.php?id=339 Introduction to ASP.NET 2.0 Security Organized by Microsoft on 29 October 2004, 9:00 AM http://www.net-security.org/webcast.php?id=340 Trust, but Verify: How to Manage Risk in Outsourced Applications Organized by Foundstone on 18 November 2004, 4:00 PM http://www.net-security.org/webcast.php?id=334 ---------------------------------------------------------------- [ Conferences ] All conferences are located at: http://net-security.org/conferences.php ---------------------------------------------------------------- HITBSecConf2004 Organized by Hack In The Box - 4 October-7 October 2004 http://www.net-security.org/conference.php?id=95 SecurIT Summit Organized by Marcus Evans - 18 October-20 October 2004 http://www.net-security.org/conference.php?id=98 The 3rd Annual Cyber Security in the Financial Services Sector Executive Summit Organized by Financial Services Sector Executive Summit - 27 October-28 October 2004 http://www.net-security.org/conference.php?id=101 RSA Conference Europe 2004 Organized by RSA Security - 3 November-5 November 2004 http://www.net-security.org/conference.php?id=90 e-Nordic: Business & Technology Integration Summit Organized by Marcus Evans - 8 November-10 November 2004 http://www.net-security.org/conference.php?id=99 IBM SecureWorld Conference EMEA 2004 Organized by IBM - 23 November-26 November 2004 http://www.net-security.org/conference.php?id=91 The European Cyber Security in the Financial Services Sector Executive Summit 2004 Organized by Information Management Network - 30 November-1 December 2004 http://www.net-security.org/conference.php?id=100 Middle East IT Security Conference 2004 Organized by MEITSEC - 12 December-14 December 2004 http://www.net-security.org/conference.php?id=97 ECCE E-crime and Computer Evidence 2005 Organized by n-gate ltd. - 29 March-30 March 2005 http://www.net-security.org/conference.php?id=94 ---------------------------------------------------------------- [ Security World ] All press releases are located at: http://www.net-security.org/press_main.php Send your press releases to press@net-security.org ---------------------------------------------------------------- Hurricane Season Possible Cause Of Reduction In September Spam Output Says Email Systems http://www.net-security.org/press.php?id=2515 (ISC)2 And Asis International Sign Memorandum Of Understanding Cross-Endorsing Certifications To Advance Security Profession http://www.net-security.org/press.php?id=2514 Astaro Software Protects Networks From New Microsoft .jpg Vulnerability http://www.net-security.org/press.php?id=2513 LURHQ Expert Testimony Leads To Preliminary Injunction In Ftc Can-Spam Case Against Phoenix-Avatar LLC http://www.net-security.org/press.php?id=2512 Astaro Announces Security Reporting Tool to Strengthen Management of Astaro Security Linux http://www.net-security.org/press.php?id=2511 New Panda GateDefender 8000 Series: The First Line Of Corporate Defense Against Viruses, Spam and Undesirable Web Content http://www.net-security.org/press.php?id=2510 Monitoring Software Licenses Reduces Security Risks http://www.net-security.org/press.php?id=2509 AEP Systems Releases Next Generation High-Security VPN http://www.net-security.org/press.php?id=2508 Norman Adds Spyware Protection To Its Extensive Portfolio http://www.net-security.org/press.php?id=2507 BeCrypt Launches Connect Protecttm To Help Enterprises Clamp Down On Growing Security Risks From Portable USB Devices http://www.net-security.org/press.php?id=2506 'Sloppy' Plug & Play USB Device Security Is Rife On British Computer Networks,Study Shows http://www.net-security.org/press.php?id=2505 Protego Establishes European Pro Advantage Partner Program http://www.net-security.org/press.php?id=2504 Pointsec Partners With Integralis To Expand European Market Presence http://www.net-security.org/press.php?id=2503 Forum Systems Announces Technology Integration with AmberPoint to Advance SOA Lifecycle Management http://www.net-security.org/press.php?id=2502 Latest Release of ForeScout Anti-Worm Solution Provides Greater Protection Against Network Worms http://www.net-security.org/press.php?id=2501 Senforce Technologies Unveils SPF+ Advanced Hacker Protection http://www.net-security.org/press.php?id=2500 F-Secure Integrates PureSight's Parental Control Features Into its Flagship ISP product -- Security as a Service Suite http://www.net-security.org/press.php?id=2499 GFI Releases Freeware Version of GFI LANguard Portable Storage Control (P.S.C.) http://www.net-security.org/press.php?id=2498 SSH Adopts Data Protection Technology From Cryptico http://www.net-security.org/press.php?id=2497 The Syscom Group Secures its Network with iPolicy Networks' Intrusion Prevention Firewall http://www.net-security.org/press.php?id=2496 Aventail Launches Two-Tier Distribution Strategy in North America Through Arrow Electronics http://www.net-security.org/press.php?id=2495 Vexira Antivirus For Linux Stops 2.1 Million Viruses For Georgia ISP http://www.net-security.org/press.php?id=2494 New Dekart Private Disk Multifactor V.1.21 - Strong Data Protection with 256-bit AES Encryption and Strong Authentication http://www.net-security.org/press.php?id=2493 StreamShield Networks Selects SurfControl’s Web Content Filtering Database http://www.net-security.org/press.php?id=2492 New Jersey Education Association Standardizes On Blue Coat For Web Communications Security And Control http://www.net-security.org/press.php?id=2491 F-Secure Unveils A New Linux-Product For High Speed Virus And Content Scanning At The Corporate Network Perimeter http://www.net-security.org/press.php?id=2490 Fortinet Named Market Leader of New Unified Threat Management Security Category http://www.net-security.org/press.php?id=2489 Fortinet Extends Product Family: Introduces FortiGate 5000 Network Security Platform for Large Enterprises, Carriers and Managed Service Providers http://www.net-security.org/press.php?id=2488 Servgate Signs Major New Channel Partner, Visus IT Ltd http://www.net-security.org/press.php?id=2487 "Net Abuse" Crackdown In The NHS As Workers Bid To Kill Time http://www.net-security.org/press.php?id=2486 ---------------------------------------------------------------- [ Virus News ] All virus news are located at: http://www.net-security.org/viruses.php ---------------------------------------------------------------- Top Ten viruses most frequently detected by Panda ActiveScan in September 2004 http://www.net-security.org/virus_news.php?id=465 Top Ten Viruses And Hoaxes Reported To Sophos in September 2004 http://www.net-security.org/virus_news.php?id=464 ---------------------------------------------------------------- Questions, contributions, comments or ideas go to: Help Net Security staff staff@net-security.org http://net-security.org ---------------------- Unsubscribe from this weekly digest on: http://www.net-security.org/subscribe.php The archive of the newsletter in TXT and PDF format is available http://www.net-security.org/newsletter_archive.php ---------------------------------------------------------------- Information Management Network Presents The 3rd Annual Cyber Security in the Financial Services Sector Executive Summit October 27-28, 2004 * New York City ---------------------------------------------------------------- The second edition of our Cyber security event last October in New York was attended by 450+ delegates 1/2 who were from financial services firms. The 3rd annual event promises a new, up-to-date agenda covering such emerging issues like: Spyware, Phishing, Spam, Wireless and a group of small-scale, interactive roundtables that will address key issues in an interactive, intimate setting. For additional information, please go to http://www.imn.org/a680/nse. ----------------------------------------------------------------