HNS Newsletter Issue 235 - 18.10.2004. http://net-security.org This is a newsletter delivered to you by Help Net Security. It covers weekly roundups of security events that were in the news the past week. ---------------------------------------------------------------- IBMSecure World Technical University - November 23-26 - Berlin Do you know how effectively you can protect your IT infrastructure? ---------------------------------------------------------------- Security has become a very important concern in today’s wireless and network computing business. This conference offers 70 sesions organised around 5 main topics: Security Risk Management, Physical & Logical Security Integration and Recovery, Security Architectures & Solutions, Security Management and Control. In addition, you will also have the possibility to take part to a Technology Solutions Forum, during which IBM and its Partners will demonstrate their latest security solutions. Find out more on http://www.ibm.com/services/learning/conf/europe/securew ---------------------------------------------------------------- Table of contents: 1) Security news 2) Vulnerabilities 3) Advisories 4) Articles 5) Reviews 6) Software 7) Webcasts 8) Conferences 9) Security World 10) Virus News [ Security news ] ---------------------------------------------------------------- KEEPING THE BAD GUYS OUT Threat management: organizing defense-in-depth strategies. http://www.net-security.org/news.php?id=6263 COMPANIES RISK SECURITY BY NOT INTRODUCING WIRELESS Enterprise IT managers are interested, but reluctant, to introduce wireless technology to their business for no good reason and, as a result, could be risking security breaches. At least according to a survey by researchers at IDC. http://www.net-security.org/news.php?id=6264 UK ID CARDS TO BE ISSUED WITH FIRST BIOMETRIC PASSPORTS What's left of the 'voluntary' figleaf to the UK's ID scheme will erode in the next few months... http://www.net-security.org/news.php?id=6265 US GOV TARGETS SPYWARE OUTFIT A company which makes software that infiltrates users' computers and demands $30 to be removed has been targeted by US authorities. http://www.net-security.org/news.php?id=6266 SECURITY: END USERS ARE YOUR FIRST LINE OF DEFENSE My column is dedicated to training and education issues for IT professionals but how much do we think about training for end users, particularly educating users to be security-aware? http://www.net-security.org/news.php?id=6267 GLOBAL OPENS UP TRAINING Security vendor sets up a free self-certification process for its partners. http://www.net-security.org/news.php?id=6268 SECURITY REVIEW UNCOVERS RAMPANT VIRUS INFECTIONS A journal writer makes a most unpleasant discovery just as the IT auditors arrive. http://www.net-security.org/news.php?id=6269 REVERSE ENGINEERING THE FIRST POCKET PC TROJAN This tutorial shows you how to reverse engineer a new example of Windows Mobile malware - step by step. We include our methods for background research and even include a fully annotated IDA disassembly of the ARM binary. http://www.net-security.org/news.php?id=6270 SECURITY AWARENESS AND TRAINING 101 Security awareness and training are perhaps the most overlooked parts of your security management program. Why is security awareness and training so important and what constitutes a security awareness and training program? http://www.net-security.org/news.php?id=6271 BALLMER PROMISES BETTER SECURITY AND VALUE Microsoft chief executive Steve Ballmer showed himself ready to face up to user concerns about security and licensing when he spoke to Computer Weekly in London. http://www.net-security.org/news.php?id=6272 INTEL SHIPS PROCESSORS WITH ENHANCED SECURITY CAPABILITIES Intel said it had been shipping central processing units with security capability called XD-bit for some time, while a number of retailers began to supply the chips to end-users. http://www.net-security.org/news.php?id=6273 FORTRESS BUYS WLAN SECURITY TECHNOLOGY FROM LEGRA Wireless networks specialist Fortress Technologies has acquired some technology and assets of failed LAN switch developer Legra Systems Inc. for an undisclosed sum. http://www.net-security.org/news.php?id=6274 WEBROOT: SPYWARE IS WINDOWS-ONLY Spyware, those annoying programs that snoop on a user's actions, remain a Windows-only phenomenon. http://www.net-security.org/news.php?id=6275 SECURE PROGRAMMER: PREVENT RACE CONDITIONS Resource contention can be used against you. http://www.net-security.org/news.php?id=6276 CRACKING THE WIRELESS SECURITY CODE Is it possible to deploy a secure wireless LAN with technology available today? http://www.net-security.org/news.php?id=6277 SONICWALL RELEASES STAND-ALONE CONTENT FILTERING DEVICE Device helps companies restrict Web sites their users can access. http://www.net-security.org/news.php?id=6278 SOLARIS SECURITY SUFFERS IMAGE PROBLEM A highly critical security hole has been reported in the X Pixmap (libXpm) technology shipped with Solaris and JDS for Linux, which could allow someone to run code on your system if a modified X Pixmmap (.xpm) image is loaded. http://www.net-security.org/news.php?id=6279 BECKHAM + STRUMPET PIC ACTUALLY TROJAN Virus writers have moved on from using Osama bin Laden's or Arnold Schwarzenegger's supposed suicides as a lure to trying a similar trick involving "compromising pictures" of football superstar David Beckham. http://www.net-security.org/news.php?id=6280 MOTOROLA SIGNS FOR SECURE CORES Actel has licensed its DirectCore intellectual property (IP) for use in its ProASIC Plus FPGAs)to the Motorola Broadband Communications Sector. http://www.net-security.org/news.php?id=6282 PROSECUTOR RESIGNS OVER HACKED PC A leading Dutch prosecuter resigned yesterday after hackers entered his mail box and revealed yet another classified letter addressed to the public prosecutor's office. http://www.net-security.org/news.php?id=6283 MICROSOFT PUSHES OUT 'CRITICAL' SECURITY FIXES Microsoft has released 10 software security patches for its products, including seven it deemed critical and that could allow remote attackers to take control of systems running the company's software. http://www.net-security.org/news.php?id=6284 WEB AND E-MAIL MONITORING IS COMMON IN THE WORKPLACE Big Brother may not be watching you, but Big Employer probably is. http://www.net-security.org/news.php?id=6285 PATRIOT ACT TOUR CARRIED A HEFTY PRICE TAG U.S. Attorney General Ashcroft spent $200,000 of taxpayer money promoting the embattled surveillance law coast-to-coast. http://www.net-security.org/news.php?id=6286 SNIFFING OUT THE CYBER HANNIBALS Cyber sleuths are studying the bad guys to crack down on internet crime, writes Helen Meredith. They act like bait or decoys, helping network administrators detect anyone "sniffing" their network. http://www.net-security.org/news.php?id=6287 CARDHOLDERS TARGETTED BY PHISHING ATTACK USING VISA-SECURE.COM A new and widely disseminated phishing attack aimed at Visa cardholders uses the visa-secure.com domain to collect authentication information from Visa customers. http://www.net-security.org/news.php?id=6288 WHY SNORT, NESSUS, OSS BUILD SECURE IT FORTRESSES There's no way that Todd Sanders would ever think of building network security and monitoring applications for businesses without using open source tools. http://www.net-security.org/news.php?id=6289 BROADBAND PROGRESS RAISES SECURITY ISSUES Industry expert warns public to be aware of threat. http://www.net-security.org/news.php?id=6290 ENTERPRISE SECURITY IS THE WORST EVER Despite the number of IT security products and services cramming the market, businesses are more exposed than ever to emerging threats, according to industry experts speaking at the Etre technology conference in Cannes. http://www.net-security.org/news.php?id=6291 HOW TO RESET FORGOTTEN ROOT PASSWORDS Suppose you have just taken over as a new system administrator from another person just before they left and they forgot to give you the root password. http://www.net-security.org/news.php?id=6292 U.S., INDIA TO COOPERATE ON TECH SECURITY India and the United States agreed Wednesday to develop new ways of securing data and to expand cooperation to protect networks from destructive viruses and computer hackers. http://www.net-security.org/news.php?id=6293 SECURE COMMUNICATION WITH STUNNEL Stunnel is an SSL encryption wrapper that allows what are normally plain text and insecure communications to be encrypted during transmission. http://www.net-security.org/news.php?id=6294 VIRUSES IN HANDHELD DEVICES The advertising of computer systems is increasingly centered on handheld devices or PDAs. Prices of these devices have gone down considerably making them more accessible to the general public. With their popularization fears over possible viruses which might infect them have come up for discussion again. http://www.net-security.org/news.php?id=6295 ARE HACKERS NOW GUNNING FOR THE MAC? Macs still have fewer bugs than Windows PCs, but Apple moves to plug security holes before problems crop up. http://www.net-security.org/news.php?id=6296 SSH HOST KEY PROTECTION This is the first in a series of articles on SSH in-depth. We start with looking at standard SSH host keys by examining the verification process to ensure you have not been the victim of an attack. http://www.net-security.org/news.php?id=6297 ZONEMINDER: LINUX HOME SECURITY PAR EXCELLENCE ZoneMinder was written by and is maintained by Philip Coombes, who explains on his site that he wrote ZoneMinder after having been burgled. http://www.net-security.org/news.php?id=6298 HOW TO SHOP FOR A SMALL-BUSINESS FIREWALL So your business has outgrown the el cheapo hardware firewall you picked up at the mall? Learn how to find top-of-the-line capabilities without paying top-of-the-line prices. http://www.net-security.org/news.php?id=6299 AS BAD AS SPYWARE Where do we draw the line between spyware and pre-installed trial software that tricks people into paying for it? I have had enough. http://www.net-security.org/news.php?id=6300 FOUR CHARGED IN LANDMARK UK PHISHING CASE Four eastern Europeans appeared in a London court yesterday charged with defrauding online banks of hundreds of thousands through an elaborate 'phishing' scam. http://www.net-security.org/news.php?id=6301 IT SECURITY PROFESSIONALS WANTED With a reported 300% growth in demand for security experts in the region, only 22% of enterprises in Middle East have high level in-house technology security operations. http://www.net-security.org/news.php?id=6302 ---------------------------------------------------------------- [ Vulnerabilities ] All vulnerabilities are located here: http://www.net-security.org/archive_vuln.php ---------------------------------------------------------------- ProFTPD 1.2.x Remote Users Enumeration Vulnerability http://www.net-security.org/vuln.php?id=3777 Norton AntiVirus 2004 Script Blocking Failure Vulnerability http://www.net-security.org/vuln.php?id=3776 Yak! 2.1.2 Directory Traversal Vulnerability http://www.net-security.org/vuln.php?id=3775 Microsoft Windows SetWindowLong Shatter Vulnerability http://www.net-security.org/vuln.php?id=3774 Macromedia JRun Unsanitized Session ID Cookie Modifying Server Response Vulnerability http://www.net-security.org/vuln.php?id=3773 Macromedia JRun Management Console HTML Injection Vulnerability http://www.net-security.org/vuln.php?id=3772 Macromedia JRun Management Console Session Fixation Vulnerability http://www.net-security.org/vuln.php?id=3771 3COM 3CRADSL72 Wireless Router Information Disclosure Vulnerability http://www.net-security.org/vuln.php?id=3770 Microsoft Windows NT4 RPC Server Memory Leak and Denial of Service Vulnerabilities http://www.net-security.org/vuln.php?id=3769 RIM Blackberry Multiple Vulnerabilities http://www.net-security.org/vuln.php?id=3768 SCT Campus Pipeline Cross Site Scripting Vulnerability http://www.net-security.org/vuln.php?id=3767 Fusetalk 4.0 Cross Site Scripting Vulnerability http://www.net-security.org/vuln.php?id=3766 Microsoft IIS NNTP Service XPAT Command Vulnerabilities http://www.net-security.org/vuln.php?id=3765 Microsoft IIS 5.x/6.0 WebDAV XML Parser Attribute Blowup Denial of Service Vulnerability http://www.net-security.org/vuln.php?id=3764 ocPortal 1.0.3 Remote File Inclusion Vulnerability http://www.net-security.org/vuln.php?id=3763 Microsoft Internet Explorer Install Engine Control Buffer Overflow Vulnerability http://www.net-security.org/vuln.php?id=3762 Squid Web Proxy Cache Remote Denial of Service Vulnerability http://www.net-security.org/vuln.php?id=3761 GoSmart Message Board Multiple Vulnerabilities http://www.net-security.org/vuln.php?id=3760 ZanfiCmsLite 1.1 Multiple Vulnerabilities http://www.net-security.org/vuln.php?id=3759 ---------------------------------------------------------------- [ Advisories ] All advisories are located at: http://www.net-security.org/archive_advi.php ---------------------------------------------------------------- Fedora Legacy Update Advisory - Updated gaim package resolves security issues (FLSA:1237) http://www.net-security.org/advisory.php?id=3873 Fedora Legacy Update Advisory - Updated CUPS packages fix security vulnerability (FLSA:2072) http://www.net-security.org/advisory.php?id=3872 Debian Security Advisory - cyrus-sasl-mit (DSA 568-1) http://www.net-security.org/advisory.php?id=3871 Debian Security Advisory - tiff (DSA 567-1) http://www.net-security.org/advisory.php?id=3870 OpenPKG Security Advisory - apache (option "with_mod_ssl yes" only) (OpenPKG-SA-2004.044) http://www.net-security.org/advisory.php?id=3869 Trustix Secure Linux Security Advisory - libtiff, mysql, squid, cyrus-sasl (#2004-0054) http://www.net-security.org/advisory.php?id=3868 Gentoo Linux Security Advisory - BNC: Input validation flaw (GLSA 200410-13) http://www.net-security.org/advisory.php?id=3867 Fedora Legacy Update Advisory - Updated samba resolves security vulnerabilities (FLSA:2102) http://www.net-security.org/advisory.php?id=3866 OpenPKG Security Advisory - tiff (OpenPKG-SA-2004.043) http://www.net-security.org/advisory.php?id=3865 Conectiva Linux Security Announcement - glibc (CLA-2004:874) http://www.net-security.org/advisory.php?id=3864 Debian Security Advisory - cupsys (DSA 566-1) http://www.net-security.org/advisory.php?id=3863 Conectiva Linux Security Announcement - cyrus-sasl (DSA 563-3) http://www.net-security.org/advisory.php?id=3862 Conectiva Linux Security Announcement - Fix for samba vulnerabilities (CLA-2004:873) http://www.net-security.org/advisory.php?id=3861 Conectiva Linux Security Announcement - cups (CLA-2004:872) http://www.net-security.org/advisory.php?id=3860 Gentoo Linux Security Advisory - WordPress: HTTP response splitting and XSS vulnerabilities (GLSA 200410-12) http://www.net-security.org/advisory.php?id=3859 Fedora Legacy Update Advisory - Updated mod_ssl package fixes Apache security vulnerabilities (FLSA:1888) http://www.net-security.org/advisory.php?id=3858 Fedora Legacy Update Advisory - Updated httpd packages fix a mod_proxy security vulnerability (FLSA:1737) http://www.net-security.org/advisory.php?id=3857 Fedora Legacy Update Advisory - Updated lha resolves security vulnerabilities (FLSA:1833) http://www.net-security.org/advisory.php?id=3856 Fedora Legacy Update Advisory - Updated samba resolves security vulnerabilities (FLSA:2102) http://www.net-security.org/advisory.php?id=3855 Gentoo Linux Security Advisory - tiff: Buffer overflows in image decoding (GLSA 200410-11) http://www.net-security.org/advisory.php?id=3854 Debian Security Advisory - sox (DSA 565-1) http://www.net-security.org/advisory.php?id=3853 Debian Security Advisory - mpg123 (DSA 564-1) http://www.net-security.org/advisory.php?id=3852 Microsoft Security Bulletin - Summary for October 2004 (1.0) http://www.net-security.org/advisory.php?id=3851 Microsoft Security Bulletin - October 2004 Re-Releases (October 12, 2004) http://www.net-security.org/advisory.php?id=3850 SCO Security Advisory - UnixWare 7.1.4 : Multiple Vulnerabilities in libpng (SCOSA-2004.16) http://www.net-security.org/advisory.php?id=3849 SCO Security Advisory - UnixWare 7.1.3up UnixWare 7.1.4 : CUPS before 1.1.21 allows remote attackers to cause a denial of service (SCOSA-2004.15) http://www.net-security.org/advisory.php?id=3848 Debian Security Advisory - cyrus-sasl (DSA 563-2) http://www.net-security.org/advisory.php?id=3847 Debian Security Advisory - cyrus-sasl (DSA 563-1) http://www.net-security.org/advisory.php?id=3846 Slackware Security Advisory - rsync (SSA:2004-285-01) http://www.net-security.org/advisory.php?id=3844 Debian Security Advisory - mysql (DSA 562-1) http://www.net-security.org/advisory.php?id=3843 Debian Security Advisory - xfree86 (DSA 561-1) http://www.net-security.org/advisory.php?id=3842 Gentoo Linux Security Advisory - gettext: Insecure temporary file handling (GLSA 200410-10) http://www.net-security.org/advisory.php?id=3841 ---------------------------------------------------------------- [ Articles ] All articles are located at: http://www.net-security.org/articles_main.php Articles can be contributed to articles@net-security.org ---------------------------------------------------------------- VIRUSES IN HANDHELD DEVICES The advertising of computer systems is increasingly centered on handheld devices or PDAs. Prices of these devices have gone down considerably making them more accessible to the general public. With their popularization fears over possible viruses which might infect them have come up for discussion again. http://www.net-security.org/article.php?id=734 SO MANY WORMS, SO LITTLE TIME There is no single security countermeasure, or silver bullet, that can protect our networks completely. Over time the threats have grown in both number and complexity, while the timeframe for response has been shortened dramatically. http://www.net-security.org/article.php?id=733 ---------------------------------------------------------------- [ Reviews ] All reviews are located at: http://www.net-security.org/reviews.php ---------------------------------------------------------------- WARDRIVING: DRIVE, DETECT, DEFEND, A GUIDE TO WIRELESS SECURITY Wardriving is extremely important for the state of wireless security, as it shows how many unprotected WLANs are out there and is therefore directly influencing wireless security awareness. The book will both teach you how to participate in wardriving projects as well as to get familiar on what kind of information outsiders can discover about your wireless networks. http://www.net-security.org/review.php?id=144 ---------------------------------------------------------------- [ Software ] Windows software is located at: http://net-security.org/software_main.php?cat=1 Linux software is located at: http://net-security.org/software_main.php?cat=2 Pocket PC software is located at: http://net-security.org/software_main.php?cat=3 ---------------------------------------------------------------- CAIN & ABEL 2.5 beta60 (Windows) Cain & Abel is a password recovery tool for Microsoft operating systems. http://www.net-security.org/software.php?id=110 KISKIS 0.12 (Linux) KisKis (KisKis – Keep It Secret! Keep It Safe!) is an easy-to-use password manager. http://www.net-security.org/software.php?id=578 OINKMASTER 1.1 (Linux) Oinkmaster is a simple Perl script to update/manage Snort signatures. http://www.net-security.org/software.php?id=577 SSL-EXPLORER 0.1.3 (Windows) The 3SP SSL-Explorer is the world's first open-source SSL-based VPN solution of its kind. http://www.net-security.org/software.php?id=579 TRACEPROTO 1.1.0beta4 (Linux) Traceproto is a traceroute replacement written in c that allows the user to specify the protocol and port to trace to. http://www.net-security.org/software.php?id=196 WINSCP 3.7.0 beta (Windows) WinSCP is an open source SSH file transfer protocol and secure copy client for Windows using SSH. http://www.net-security.org/software.php?id=6 ---------------------------------------------------------------- [ Webcasts ] All webcasts are located at: http://net-security.org/webcasts.php ---------------------------------------------------------------- Ensuring Security Beyond Patch Management Organized by Microsoft on 19 October 2004, 11:00 AM http://www.net-security.org/webcast.php?id=336 Fighting Spam in an Exchange Environment with Microsoft Exchange Server 2003 Organized by Microsoft on 20 October 2004, 8:00 AM http://www.net-security.org/webcast.php?id=337 All anti-virus software is not created equal Organized by Sophos on 20 October 2004, 10:00 AM http://www.net-security.org/webcast.php?id=286 Custom Authentication and Authorization in ASP.NET Organized by Microsoft on 20 October 2004, 1:00 PM http://www.net-security.org/webcast.php?id=338 Microsoft Security Vision-Progress and Commitment Organized by Microsoft on 26 October 2004, 11:00 AM http://www.net-security.org/webcast.php?id=339 Introduction to ASP.NET 2.0 Security Organized by Microsoft on 29 October 2004, 9:00 AM http://www.net-security.org/webcast.php?id=340 Trust, but Verify: How to Manage Risk in Outsourced Applications Organized by Foundstone on 18 November 2004, 4:00 PM http://www.net-security.org/webcast.php?id=334 ---------------------------------------------------------------- [ Conferences ] All conferences are located at: http://net-security.org/conferences.php ---------------------------------------------------------------- SecurIT Summit Organized by Marcus Evans - 18 October-20 October 2004 http://www.net-security.org/conference.php?id=98 The 3rd Annual Cyber Security in the Financial Services Sector Executive Summit Organized by Financial Services Sector Executive Summit - 27 October-28 October 2004 http://www.net-security.org/conference.php?id=101 RSA Conference Europe 2004 Organized by RSA Security - 3 November-5 November 2004 http://www.net-security.org/conference.php?id=90 e-Nordic: Business & Technology Integration Summit Organized by Marcus Evans - 8 November-10 November 2004 http://www.net-security.org/conference.php?id=99 IBM SecureWorld Conference EMEA 2004 Organized by IBM - 23 November-26 November 2004 http://www.net-security.org/conference.php?id=91 The European Cyber Security in the Financial Services Sector Executive Summit 2004 Organized by Information Management Network - 30 November-1 December 2004 http://www.net-security.org/conference.php?id=100 Middle East IT Security Conference 2004 Organized by MEITSEC - 12 December-14 December 2004 http://www.net-security.org/conference.php?id=97 ECCE E-crime and Computer Evidence 2005 Organized by n-gate ltd. - 29 March-30 March 2005 http://www.net-security.org/conference.php?id=94 ---------------------------------------------------------------- [ Security World ] All press releases are located at: http://www.net-security.org/press_main.php Send your press releases to press@net-security.org ---------------------------------------------------------------- Zertificon Solutions Takes Over Devolopment And Customer Care for SecureMail Gateway http://www.net-security.org/press.php?id=2558 Beta Versions Of The New Titanium Antivirus 2005, Platinum Internet Security 2005 and TruPrevent Personal 2005 Now Available http://www.net-security.org/press.php?id=2557 Ubizen To Provide Security Certificates In Belgian Digital Tachograph Project http://www.net-security.org/press.php?id=2556 Kaspersky Lab presents Kaspersky Anti-Virus for Sendmail with Milter API http://www.net-security.org/press.php?id=2555 Astaro Announces New Astaro Secure Client for Virtual Private Networks http://www.net-security.org/press.php?id=2554 TippingPoint’s UnityOne Delivers Protection for New Microsoft Vulnerabilities http://www.net-security.org/press.php?id=2553 Symantec System Recovery Solutions To Support Microsoft Data Protection Server http://www.net-security.org/press.php?id=2552 Aventail New Partner Program Gives Resellers Opportunity to be Virtual Channel of Aventail’s Best-of-Breed Technology Partners http://www.net-security.org/press.php?id=2551 Take Total Control Of Your Computer With Handy Keylogger: Record Internet Activity, Capture Keystrokes, Receive Logs Via E-Mail And More! http://www.net-security.org/press.php?id=2550 F-Secure Partners with OTEnet to Offer Subscription Based Data Security Services to the Greek Market http://www.net-security.org/press.php?id=2549 Alcatel and Thales Partner to Secure IP Communications For Enterprises http://www.net-security.org/press.php?id=2548 Outblaze Ltd. Partners with Central Command to Offer Vexira Antivirus for Linux to its 35 Million Email Users Worldwide http://www.net-security.org/press.php?id=2547 Realtime's Identity Management For SAP Solutions Now Also Available With Smart-Card Functionality http://www.net-security.org/press.php?id=2546 Aladdin Extends eToken OEM Partnership Agreement with VeriSign http://www.net-security.org/press.php?id=2545 Finnet Selects F-Secure to Offer Hosted Security Services http://www.net-security.org/press.php?id=2544 Forum Systems and F5 Form Technology Alliance Offering Interoperable Web Ervices And Traffic Management http://www.net-security.org/press.php?id=2543 Andrews Kurth Shields Internal Network with Mirage Networks http://www.net-security.org/press.php?id=2542 Cyberguard Develops Innovative, Secure Wireless Network Solution For Leading Online Retailer http://www.net-security.org/press.php?id=2541 Free Vulnerability Scan Now Available for New SANS Top-20 http://www.net-security.org/press.php?id=2540 ---------------------------------------------------------------- [ Virus News ] All virus news are located at: http://www.net-security.org/viruses.php ---------------------------------------------------------------- Weekly Report On Viruses And Intruders: Netsky.AG, Darby.gen, JPGTrojan.D, Funner.A and Nemsi.A http://www.net-security.org/virus_news.php?id=470 Trojan Horse Disguised Horse As Sleazy David Beckham Photographs http://www.net-security.org/virus_news.php?id=469 ---------------------------------------------------------------- Questions, contributions, comments or ideas go to: Help Net Security staff staff@net-security.org http://net-security.org ---------------------- Unsubscribe from this weekly digest on: http://www.net-security.org/subscribe.php The archive of the newsletter in TXT and PDF format is available http://www.net-security.org/newsletter_archive.php ---------------------------------------------------------------- IBMSecure World Technical University - November 23-26 - Berlin Do you know how effectively you can protect your IT infrastructure? ---------------------------------------------------------------- Security has become a very important concern in today’s wireless and network computing business. This conference offers 70 sesions organised around 5 main topics: Security Risk Management, Physical & Logical Security Integration and Recovery, Security Architectures & Solutions, Security Management and Control. In addition, you will also have the possibility to take part to a Technology Solutions Forum, during which IBM and its Partners will demonstrate their latest security solutions. Find out more on http://www.ibm.com/services/learning/conf/europe/securew ----------------------------------------------------------------