HNS Newsletter Issue 238 - 08.11.2004. http://net-security.org This is a newsletter delivered to you by Help Net Security. It covers weekly roundups of security events that were in the news the past week. ---------------------------------------------------------------- Information Management Network Presents The European Cyber Security in the Financial Services Sector Executive Summit & The European Summit on Wireless Technology for Financial Institutions November 30 - December 1, 2004 * London ---------------------------------------------------------------- Sessions target systems technology professionals, lawyers, business continuity professionals, compliance officers and auditors at banks, brokerages, funds, asset managers, building societies and insurance companies, as well as their cyber security advisors and vendors. For additional information, please go to http://www.imn.org/a684/nse ---------------------------------------------------------------- Table of contents: 1) Security news 2) Vulnerabilities 3) Advisories 4) Articles 5) Reviews 6) Software 7) Webcasts 8) Conferences 9) Security World 10) Virus News [ Security news ] ---------------------------------------------------------------- THE GREAT 'STANDALONE' ID CARD SWINDLE The Home Office pulled off quite a coup last week. It contrived to duck or ignore a series of criticisms of its ID card scheme, and announced minor changes which in some cases could actually be seen as strengthening it. http://www.net-security.org/news.php?id=6405 SPYWARE: USERS SAY YES TO IT Tagalong software, generally known as spyware, is an especially tricky security threat because user carelessness is nearly always to blame. http://www.net-security.org/news.php?id=6406 COMMON SENSE ABOUT PASSWORDS Passwords are a pain, but new thinking about passwords and some new tools make it possible to make passwords easier to manage and more effective. http://www.net-security.org/news.php?id=6407 SIMPLER ID MANAGEMENT READIED BY MICROSOFT Portal-like interface to be featured. http://www.net-security.org/news.php?id=6408 THE BASICS OF DNSSEC The DNS is one of the building blocks of the modern Internet. It's showing its age, though; it comes from a time when trust was the default. Now it's time to move to more secure approaches. http://www.net-security.org/news.php?id=6409 CONCERNS OVER WINDOWS CASHPOINTS Cash machine networks could soon be more susceptible to computer viruses, a security firm has warned. http://www.net-security.org/news.php?id=6410 THE CASE FOR SECURE STRATEGIES A comprehensive security strategy aims at leveraging the best information security practices to improve business performance. http://www.net-security.org/news.php?id=6411 BAGLE VIRUS TAKES AIM AT MICROSOFT While only 120 computers in Australia were hit on the weekend by the latest variant of the Bagle virus (W32/Bagle-AU-Sophos), antivirus providers are warning that it is particularly nasty. http://www.net-security.org/news.php?id=6412 LAPTOP USERS CITED AS HIGH SECURITY THREAT Europe-wide survey finds 'massive ignorance' over spyware. http://www.net-security.org/news.php?id=6413 BUSINESS FRETS OVER WIRELESS SECURITY There is no question that a number of the new mobile solutions that are being developed could help many business processes function more efficiently. http://www.net-security.org/news.php?id=6414 AOL JOINS INDUSTRY ANTI-SPAM, ANTI-VIRUS GROUP America Online said it has joined the Messaging Anti-Abuse Working Group, which was formed last December by a group of communications and technology companies to fight spam, viruses and other online attacks and nuisances. http://www.net-security.org/news.php?id=6417 SECURITY AND INTEGRATION BURDEN AS400 MANAGERS Single sign-on, security, heavy workload and constantly changing technical and business requirements are among the issues that keep members of the IBM mid-range systems user group Common UK awake at night. http://www.net-security.org/news.php?id=6419 FIRST AUTOMATED PASSWORD ENTRY APPLICATION FOR USB DRIVES Siber Systems announced it has shifted the power of computer password and digital identity storage/management to a truly portable, increasingly popular, and previously unexpected platform -- the USB drive. http://www.net-security.org/news.php?id=6420 LIMIT USER FREEDOM TO IMPROVE IT SECURITY IT departments need to lock down their users' PC configurations, Gartner research vice-president Brian Gammage has warned. http://www.net-security.org/news.php?id=6421 PHISHING FOR SAVVY USERS Recent "phishing" episodes are still often overlooked by tech-savvy users, but a lesson in history shows how entire nations have been fooled. http://www.net-security.org/news.php?id=6422 ONLINE IDENTITY THEFT: MANY MEDICINES, NO CURE Technologies emerge to address growing problems. http://www.net-security.org/news.php?id=6423 FACE-TO-FACE FOR 20MBYTE CHIP CARD SECURITY CONTROL Infineon claims the world's first chip card security controller using the innovative face-to-face technology, offering 1MByte of memory capacity, manufactured in a 130nm process technology. http://www.net-security.org/news.php?id=6424 SECURITY SOFTWARE SUPPORT SEEN PASSING $800 MILLION MARK U.S. security software support services are expected to grow from $551 million in 2003 to $808 million in 2008, an IDC report released Monday says. http://www.net-security.org/news.php?id=6425 IE EXPLOITS TOP WEB SECURITY THREAT LIST Internet Explorer exploits posed the fastest growing web security threat to enterprises in the last quarter, according to web security services firm ScanSafe. http://www.net-security.org/news.php?id=6426 NOKIA ADDS RFID TO LATEST HANDSETS Near Field Communication shell system offers touch-based interactions. http://www.net-security.org/news.php?id=6427 IE FALTERS, MOZILLA GAINS AMID SECURITY FEARS Although Microsoft still dominates the Web browser space, Internet Explorer continues to lose market share to open-source rival Mozilla due to security concerns. http://www.net-security.org/news.php?id=6428 SILICON BUILDS STRONGER SECURITY There's a clear need for better PC security - and purpose-built chips could help. http://www.net-security.org/news.php?id=6429 WLAN USERS STILL WORRIED ABOUT SECURITY Although potential wireless network users are being deterred by concerns about network security, companies continue to adopt the technology for data and voice. http://www.net-security.org/news.php?id=6430 REVIEW: SUSE LINUX ENTERPRISE SERVER 9 SUSE Linux Enterprise Server 9 represents a significant step forward for GUI-based enterprise server operating systems. http://www.net-security.org/news.php?id=6431 ANTI-SPYWARE PROGRAMS CLEAN BUT DON'T DISINFECT Though less than a year old, the PC took more than five minutes to start up and never shut down without stalling on error messages. http://www.net-security.org/news.php?id=6432 DAYS IN THE LIFE OF A SECURITY PENETRATION TESTER Foreign hackers, weak passwords, backdoors and buffer overflows - just another day at the office for a penetration tester. Here's a look at a typical few days' testing work at my company, and what all companies can learn from the results. http://www.net-security.org/news.php?id=6433 NSA GIVES SECURITY GUIDANCE FOR MAC OS X The National Security Agency has posted a 109-page document on its Web site telling agencies how to securely install and use Apple Computer Inc.’s Mac OS X Version 10.3.x operating system, code-named Panther. http://www.net-security.org/news.php?id=6434 WIFI SECURITY CONCERNS EASING For corporate deployment of WiFi networks, security has been the biggest hurdle to overcome and one of WiFi's biggest cons. Today, all that has changed. http://www.net-security.org/news.php?id=6435 ONLINE PAYMENT FIRM IN DDOS DRAMA Online payments processing firm Protx is continuing to fight a sustained internet attack which has severely impacting its services for the fourth successive day. http://www.net-security.org/news.php?id=6436 SSH USER IDENTITIES This article shows how to improve SSH security using public key authentication instead of, or in addition to, password authentication. http://www.net-security.org/news.php?id=6437 INSTALLING AND SECURING VOIP WITH LINUX We have been using Linux for years as firewalls and we knew there had to be a low cost open source solution to fulfill the requirements, and that's when we found 'Asterisk' - a full blown Linux based PBX system meeting all the requirements of voice mail, conference calling, caller ID, call parking, music on hold, PBX to PBX dialing and much more. http://www.net-security.org/news.php?id=6438 CISCO FIREWALL SOURCE CODE IS FOR SALE A group describing itself as the Source Code Club (SCC) has offered to sell source code for Cisco's Pix proprietary security firewall software to any taker for $24,000. http://www.net-security.org/news.php?id=6439 RFID RIGHTS The rush by Wal-Mart and other companies to put radio frequency identification devices in their goods could imperil consumer privacy. http://www.net-security.org/news.php?id=6440 USING NETSTAT FOR SURVEILLANCE AND TROUBLESHOOTING Keep an eye on your Linux systems. http://www.net-security.org/news.php?id=6441 A SPYWARE MYSTERY: WHO'S BEHIND IT? In less than two years, CoolWebSearch has become the bane of the computing industry. http://www.net-security.org/news.php?id=6442 TWO FOUND GUILTY IN SPAM CASE A man and his sister, who sent unsolicited junk email to millions of America Online customers, have been convicted in the first felony prosecution of distributors of spam in the US. http://www.net-security.org/news.php?id=6443 NETWORK SECURITY GETS PHYSICAL When you hear about convergence, it's usually in reference to the union of voice and data networks. But the security sector is about to witness its own version of this phenomenon as more customers begin to demand ways to make their networks and physical security systems work better together. http://www.net-security.org/news.php?id=6444 MAKING SECURE REMOTE BACKUPS WITH RSYNC Backups are more important than ever these days, as our digital information collections expand. Many Linux users know rsync as a file transfer utility, but rsync can also be an efficient tool for automating remote backups of your Linux, Windows, and even Mac OS X systems. http://www.net-security.org/news.php?id=6445 NEW PHISHING SCAM EVEN MORE INSIDIOUS Fraudsters have developed a potent new computer program that steals Internet banking customers' details by duping them into opening up a bogus e-mail, a British security firm said Wednesday. http://www.net-security.org/news.php?id=6446 STAMPING OUT SPAM It clutters your e-mail, slows your PC, and worse - but plenty of weapons can combat spam. Here's how to choose the best one for you. http://www.net-security.org/news.php?id=6447 SUSPECTED HACKER FACES FOUR COUNTS OF FRAUD Former UT student allegedly stole personal information. http://www.net-security.org/news.php?id=6448 RSA CONFERENCE EUROPE 2004 SHOWCASE VIDEO Here's a showcase of the RSA Conference Europe 2004 in Barcelona. The video is 3:44 minutes in length, available in Windows Media 9 256K (6.9 MB) and 64K (1.7 MB). http://www.net-security.org/news.php?id=6449 TCP/IP CHECKSUM VECTORIZATION USING ALTIVEC, PART 1 This two-part article demonstrates the kinds of performance gains AltiVec can produce on the TCP/IP checksum, or on code similar to it. http://www.net-security.org/news.php?id=6450 SECURITY IMPROVEMENTS URGED TO BOOST E-COMMERCE "There are three factors holding consumers back from using the Internet for e-commerce: it's scary, it's hard to use, and it is confusing and chaotic." RSA Security chief executive Arthur Coviello said. http://www.net-security.org/news.php?id=6451 ADVANCED FEATURES OF NETFILTER/IPTABLES Iptables has many hidden gems that can allow you do things with your firewall that you might never have even imagined. http://www.net-security.org/news.php?id=6452 MICROSOFT ENDS EXCLUSIVE PATCH PEEKS Microsoft plans to open up who gets a sneak peek at its security bulletins. http://www.net-security.org/news.php?id=6453 PHISHERS ADOPT SCAM TRICKS FROM VIRUS WRITERS Dangerous new ways to try to steal your money are in progress. http://www.net-security.org/news.php?id=6454 GOOD SAMARITAN BREAKS UP ID GANG A good Samaritan who handed a lost CD wallet into his local police station helped cyber plods crack what they are calling Australia's largest identity fraud ring. http://www.net-security.org/news.php?id=6455 SECURE WINDOWS SERVER 2003 ACTIVE DIRECTORY Make Active Directory more secure under Windows Server 2003. http://www.net-security.org/news.php?id=6456 ---------------------------------------------------------------- [ Vulnerabilities ] All vulnerabilities are located here: http://www.net-security.org/archive_vuln.php ---------------------------------------------------------------- Linux Zip Long Path Buffer Overflow Vulnerability http://www.net-security.org/vuln.php?id=3806 Microsoft ISA Server Authentication Bypassing Vulnerability http://www.net-security.org/vuln.php?id=3805 Web Forums Server Multiple Vulnerabilities http://www.net-security.org/vuln.php?id=3804 WinRAR Repair Archive Vulnerability http://www.net-security.org/vuln.php?id=3803 HELM Web Hosting Control Panel SQL Injection and Cross Site Scripting Vulnerabilities http://www.net-security.org/vuln.php?id=3802 ---------------------------------------------------------------- [ Advisories ] All advisories are located at: http://www.net-security.org/archive_advi.php ---------------------------------------------------------------- Mandrakelinux Security Update Advisory - libxml/libxml2 (MDKSA-2004:127) http://www.net-security.org/advisory.php?id=3989 Mandrakelinux Security Update Advisory - shadow-utils (MDKSA-2004:126) http://www.net-security.org/advisory.php?id=3988 Mandrakelinux Security Update Advisory - iptables (MDKSA-2004:125) http://www.net-security.org/advisory.php?id=3987 Ubuntu Security Notice - passwd vulnerabilities (USN-17-1) http://www.net-security.org/advisory.php?id=3986 Mandrakelinux Security Update Advisory - KDE (MDKA-2004:041) http://www.net-security.org/advisory.php?id=3985 Gentoo Linux Security Advisory - shadow: Unauthorized modification of account information (GLSA 200411-09) http://www.net-security.org/advisory.php?id=3984 Debian Security Advisory - dhcp (DSA 584-1) http://www.net-security.org/advisory.php?id=3983 Conectiva Linux Security Announcement - apache (CLA-2004:885) http://www.net-security.org/advisory.php?id=3982 Conectiva Linux Security Announcement - gaim (CLA-2004:884) http://www.net-security.org/advisory.php?id=3981 Conectiva Linux Security Announcement - subversion (CLA-2004:883) http://www.net-security.org/advisory.php?id=3980 Conectiva Linux Security Announcement - squid (CLA-2004:882) http://www.net-security.org/advisory.php?id=3979 Gentoo Linux Security Advisory - Proxytunnel: Format string vulnerability (GLSA 200411-07) http://www.net-security.org/advisory.php?id=3978 Gentoo Linux Security Advisory - GD: Integer overflow (GLSA 200411-08) http://www.net-security.org/advisory.php?id=3977 Debian Security Advisory - lvm10 (DSA 583-1) http://www.net-security.org/advisory.php?id=3976 Ubuntu Security Notice - perl vulnerabilities (USN-16-1) http://www.net-security.org/advisory.php?id=3975 Gentoo Linux Security Advisory - ppp: No denial of service vulnerability (GLSA 200411-01) http://www.net-security.org/advisory.php?id=3974 Gentoo Linux Security Advisory - MIME-tools: Virus detection evasion (GLSA 200411-06) http://www.net-security.org/advisory.php?id=3973 Gentoo Linux Security Advisory - libxml2: Remotely exploitable buffer overflow (200411-05) http://www.net-security.org/advisory.php?id=3972 Debian Security Advisory - libxml, libxml2 (DSA 582-1) http://www.net-security.org/advisory.php?id=3971 Debian Security Advisory - xpdf (DSA 581-1) http://www.net-security.org/advisory.php?id=3970 Cisco Security Advisory - Vulnerability in Cisco Secure Access Control Server EAP-TLS Authentication (Revision 1.0) http://www.net-security.org/advisory.php?id=3969 Gentoo Linux Security Advisory - Speedtouch USB driver: Privilege escalation vulnerability (GLSA 200411-04) http://www.net-security.org/advisory.php?id=3968 Gentoo Linux Security Advisory - Apache 1.3: Buffer overflow vulnerability in mod_include (GLSA 200411-03) http://www.net-security.org/advisory.php?id=3967 Mandrakelinux Security Update Advisory - perl-MIME-tools (MDKSA-2004:123) http://www.net-security.org/advisory.php?id=3966 Mandrakelinux Security Update Advisory - mod_ssl/apache2-mod_ssl (MDKSA-2004:122) http://www.net-security.org/advisory.php?id=3965 Mandrakelinux Security Update Advisory - netatalk (MDKSA-2004:121) http://www.net-security.org/advisory.php?id=3964 Mandrakelinux Security Update Advisory - mpg123 (MDKSA-2004:120) http://www.net-security.org/advisory.php?id=3963 Mandrakelinux Security Update Advisory - MySQL (MDKSA-2004:119) http://www.net-security.org/advisory.php?id=3962 Mandrakelinux Security Update Advisory - perl-Archive-Zip (MDKSA-2004:118) http://www.net-security.org/advisory.php?id=3961 Mandrakelinux Security Update Advisory - gaim (MDKSA-2004:117) http://www.net-security.org/advisory.php?id=3960 Ubuntu Security Notice - lvm10 vulnerability (USN-15-1) http://www.net-security.org/advisory.php?id=3959 Gentoo Linux Security Advisory - Cherokee: Format string vulnerability (GLSA 200411-02) http://www.net-security.org/advisory.php?id=3958 Ubuntu Security Notice - xpdf vulnerabilities (USN-14-1) http://www.net-security.org/advisory.php?id=3957 Ubuntu Security Notice - groff utility vulnerability (USN-13-1) http://www.net-security.org/advisory.php?id=3956 Gentoo Linux Security Advisory - ppp: Remote denial of service vulnerability (GLSA 200411-01) http://www.net-security.org/advisory.php?id=3955 Debian Security Advisory - iptables (DSA 580-1) http://www.net-security.org/advisory.php?id=3954 Trustix Secure Linux Security Advisory - libxml2, postgresql (2004-0055) http://www.net-security.org/advisory.php?id=3953 Conectiva Linux Security Announcement - rsync (CLA-2004:881) http://www.net-security.org/advisory.php?id=3952 Debian Security Advisory - abiword (DSA 579-1) http://www.net-security.org/advisory.php?id=3951 Debian Security Advisory - mpg123 (DSA 578-1) http://www.net-security.org/advisory.php?id=3950 Slackware Security Advisory - libtiff (SSA:2004-305-02) http://www.net-security.org/advisory.php?id=3949 Slackware Security Advisory - apache+mod_ssl (SSA:2004-305-0) http://www.net-security.org/advisory.php?id=3948 OpenPKG Security Advisory - libxml (OpenPKG-SA-2004.050) http://www.net-security.org/advisory.php?id=3947 OpenPKG Security Advisory - gd (OpenPKG-SA-2004.049) http://www.net-security.org/advisory.php?id=3946 OpenPKG Security Advisory - mysql (OpenPKG-SA-2004.045) http://www.net-security.org/advisory.php?id=3945 ---------------------------------------------------------------- [ Articles ] All articles are located at: http://www.net-security.org/articles_main.php Articles can be contributed to articles@net-security.org ---------------------------------------------------------------- RSA CONFERENCE EUROPE 2004 SHOWCASE VIDEO Here's a showcase of the RSA Conference Europe 2004 in Barcelona. The video is 3:44 minutes in length, available in Windows Media 9 256K (6.9 MB) and 64K (1.7 MB). http://www.net-security.org/article.php?id=741 THE RISE OF SECURITY THREATS The current security threats to business IT infrastructures have increased dramatically. Most notable are the rising number of viruses and similar malicious programs that threaten serious financial loss. http://www.net-security.org/article.php?id=740 ---------------------------------------------------------------- [ Reviews ] All reviews are located at: http://www.net-security.org/reviews.php ---------------------------------------------------------------- KNOW YOUR ENEMY: LEARNING ABOUT SECURITY THREATS 2/E We all know that attackers are becoming more sophisticated and many times the security community has a hard time catching up. Honeynets are making the knowledge gap smaller and this book is what you need if you're deploying a honeynet, this is essential reading. http://www.net-security.org/review.php?id=145 ---------------------------------------------------------------- [ Software ] Windows software is located at: http://net-security.org/software_main.php?cat=1 Linux software is located at: http://net-security.org/software_main.php?cat=2 Pocket PC software is located at: http://net-security.org/software_main.php?cat=3 ---------------------------------------------------------------- BASTILLE LINUX 2.1.5 (Linux) The Bastille Hardening System attempts to "harden" or "tighten" the Linux operating system. http://www.net-security.org/software.php?id=217 BOTAN 1.4.2 (Linux) Botan aims to be a portable, easy to use, and efficient C++ crypto library. http://www.net-security.org/software.php?id=94 CRIPPIN 2.3 (Pocket PC) Crippin was designed to protect confidential files in case a Pocket PC is lost or stolen. http://www.net-security.org/software.php?id=544 DAZUKO 2.0.4 (Linux) A common interface across all platforms is needed for 3rd party file access control. With such an interface, focus could be redirected from OS hacking to solving real problems. The interface is here. http://www.net-security.org/software.php?id=434 FIREHOL R5 1.214 (Linux) FireHOL is a Linux iptables firewall generator. http://www.net-security.org/software.php?id=307 JSCH 0.1.18 (Windows) JSch is a pure Java implementation of SSH2. http://www.net-security.org/software.php?id=417 MAILSCANNER 4.35.9 (Linux) MailScanner is a virus scanner for e-mail designed for use on e-mail gateways. http://www.net-security.org/software.php?id=144 MIMEDEFANG 2.48 (Linux) MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. http://www.net-security.org/software.php?id=214 NESSUS 2.2.0 (Linux) Nessus is a free, powerful, up-to-date and easy to use remote security scanner. http://www.net-security.org/software.php?id=19 SAMHAIN 2.0.1 (Linux) Samhain is an open source file integrity and host-based intrusion detection system. http://www.net-security.org/software.php?id=125 SSL-EXPLORER 0.1.4 (Windows) The 3SP SSL-Explorer is the world's first open-source SSL-based VPN solution of its kind. http://www.net-security.org/software.php?id=579 THE SLEUTH KIT 1.73 (Linux) The Sleuth Kit is a collection of UNIX-based command line file system forensic tools. http://www.net-security.org/software.php?id=215 WINSCP 3.7.1 (Windows) WinSCP is an open source SSH file transfer protocol and secure copy client for Windows using SSH. http://www.net-security.org/software.php?id=6 ---------------------------------------------------------------- [ Webcasts ] All webcasts are located at: http://net-security.org/webcasts.php ---------------------------------------------------------------- Architecting Your 802.1x-Based WLAN Deployment Organized by Funk Software on 9 November 2004, 1:00 PM http://www.net-security.org/webcast.php?id=297 Penetration Testing with CORE IMPACT Organized by Core Security Technologies on 9 November 2004, 1:00 PM http://www.net-security.org/webcast.php?id=304 Consolidated email protection: An introduction to PureMessage Organized by Sophos on 10 November 2004, 10:00 AM http://www.net-security.org/webcast.php?id=303 Next Generation Wireless LAN Risks & Defenses Organized by AirDefense on 16 November 2004, 2:00 PM http://www.net-security.org/webcast.php?id=341 All anti-virus software is not created equal Organized by Sophos on 17 November 2004, 10:00 AM http://www.net-security.org/webcast.php?id=286 Trust, but Verify: How to Manage Risk in Outsourced Applications Organized by Foundstone on 18 November 2004, 4:00 PM http://www.net-security.org/webcast.php?id=334 Consolidated email protection: An introduction to PureMessage Organized by Sophos on 8 December 2004, 10:00 AM http://www.net-security.org/webcast.php?id=282 All anti-virus software is not created equal Organized by Sophos on 15 December 2004, 10:00 AM http://www.net-security.org/webcast.php?id=285 ---------------------------------------------------------------- [ Conferences ] All conferences are located at: http://net-security.org/conferences.php ---------------------------------------------------------------- e-Nordic: Business & Technology Integration Summit Organized by Marcus Evans - 8 November-10 November 2004 http://www.net-security.org/conference.php?id=99 IBM SecureWorld Conference EMEA 2004 Organized by IBM - 23 November-26 November 2004 http://www.net-security.org/conference.php?id=91 The European Cyber Security in the Financial Services Sector Executive Summit 2004 Organized by Information Management Network - 30 November-1 December 2004 http://www.net-security.org/conference.php?id=100 Middle East IT Security Conference 2004 Organized by MEITSEC - 12 December-14 December 2004 http://www.net-security.org/conference.php?id=97 ECCE E-crime and Computer Evidence 2005 Organized by n-gate ltd. - 29 March-30 March 2005 http://www.net-security.org/conference.php?id=94 ---------------------------------------------------------------- [ Security World ] All press releases are located at: http://www.net-security.org/press_main.php Send your press releases to press@net-security.org ---------------------------------------------------------------- Panda Software Launches Its New Security Solutions For Home Users, Small Businesses And Professionals http://www.net-security.org/press.php?id=2631 NeoScale Announces First Storage VPN Appliance http://www.net-security.org/press.php?id=2630 Symantec Client Security for Nokia 9500 Communicator and Nokia 9300 Smartphone Keeps These Devices Safe http://www.net-security.org/press.php?id=2629 Apani 's In-depth Network Security System Protects Data-in-Motion http://www.net-security.org/press.php?id=2628 Senforce and Fortress Announce Wireless Security Alliance http://www.net-security.org/press.php?id=2627 New Phishing Emails Automatically Steal Bank Log In Details http://www.net-security.org/press.php?id=2626 Entrepose Echafaudages Maintains A Secure Network With GFI LANguard N.S.S http://www.net-security.org/press.php?id=2625 Spammers Offer Training Course Designed To Lose You Money, Sophos Reports On Latest Financial Email Scam http://www.net-security.org/press.php?id=2624 Juniper Networks’ Remote Access 500 Is First SSL VPN Appliance For SME Market To Earn Certification From ICSA Labs http://www.net-security.org/press.php?id=2623 Phishers Recruit UK Computer Users Into Money Laundering Operations, Don't Be A Mule http://www.net-security.org/press.php?id=2622 Panda Software Launches The Beta Version Of The New ISASecure Antivirus with Support for Microsoft ISA Server 2004 http://www.net-security.org/press.php?id=2621 Eracom Technologies Innovates the .pac File Format To Secure File Transfer And Storage On Unprotected Mediums http://www.net-security.org/press.php?id=2620 Understanding the Spam Market - Discover Vircom's Latest White Papers On The Spam Issue http://www.net-security.org/press.php?id=2619 F-Secure Protects Users Of The Nokia 7710 Widescreen Multimedia Smartphone Against Harmful Content http://www.net-security.org/press.php?id=2618 Introducing Cloudmark SafetyBar: The World's Most Celebrated Desktop Anti-Spam Solution Now Gives Phishing the Hook http://www.net-security.org/press.php?id=2617 Three Key Corporate Information Security Elements from Kaspersky Labs http://www.net-security.org/press.php?id=2616 TippingPoint Releases Open Source Code for First Intrusion Prevention Test Tool, Tomahawk http://www.net-security.org/press.php?id=2615 Astaro and Sensory Networks Partner to Deliver Solution for Accelerated Content Scanning for Network Security http://www.net-security.org/press.php?id=2614 CipherTrust Raises the Performance Bar with Connection Control, Dramatically Increasing Return on Investment for IronMail Customers http://www.net-security.org/press.php?id=2613 New Wireless Security Boot Camp Coming to Dallas http://www.net-security.org/press.php?id=2612 Yahoo! Scam Tricks Users Into Setting Up Email Accounts For Spammers http://www.net-security.org/press.php?id=2611 Medical Related Spam Up 90% in October Says Email Systems http://www.net-security.org/press.php?id=2610 Touchless Sensor Technology now in Saudi Arabia http://www.net-security.org/press.php?id=2609 MasterCard Chip Authentication Programme Now Supported by Eracom Technologies Extended Hardware Security Module (HSM) Product Line http://www.net-security.org/press.php?id=2608 Top-10 Cable Operator Offers Customers Add-On PC Protection Based on F-Secure's Hosted Security Software http://www.net-security.org/press.php?id=2607 Robust, High Performance Anti-Virus Solution For Email Gateways And Email Servers http://www.net-security.org/press.php?id=2606 ---------------------------------------------------------------- [ Virus News ] All virus news are located at: http://www.net-security.org/viruses.php ---------------------------------------------------------------- Kaspersky Labs Top 20 Malware October 2004 http://www.net-security.org/virus_news.php?id=478 Top 10 Viruses And Hoaxes Reported To Sophos In October 2004 http://www.net-security.org/virus_news.php?id=477 ---------------------------------------------------------------- Questions, contributions, comments or ideas go to: Help Net Security staff staff@net-security.org http://net-security.org ---------------------- Unsubscribe from this weekly digest on: http://www.net-security.org/subscribe.php The archive of the newsletter in TXT and PDF format is available http://www.net-security.org/newsletter_archive.php ---------------------------------------------------------------- Information Management Network Presents The European Cyber Security in the Financial Services Sector Executive Summit & The European Summit on Wireless Technology for Financial Institutions November 30 - December 1, 2004 * London ---------------------------------------------------------------- Sessions target systems technology professionals, lawyers, business continuity professionals, compliance officers and auditors at banks, brokerages, funds, asset managers, building societies and insurance companies, as well as their cyber security advisors and vendors. For additional information, please go to http://www.imn.org/a684/nse ----------------------------------------------------------------