HNS Newsletter
Issue 248 - 17.01.2005.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It
covers weekly roundups of security events that were in the
news the past week.


----------------------------------------------------------------
INFOSEC WORLD 2005 IS WHERE CONNECTIONS ARE MADE!
----------------------------------------------------------------
Expand your knowledge with the hottest topics and get real-world 
strategies and tested techniques for meeting your toughest 
information security challenges.

http://www.misti.com/12/os05ba8.html
----------------------------------------------------------------


Table of contents:

1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Software
6) Webcasts
7) Conferences
8) Security World
9) Virus News


[ Security news ]


----------------------------------------------------------------

MAKING THE INTERNET SAFER FOR YOUR EMPLOYEES
There are numerous steps that you can use to make your corporate
network a safer place for those users who routinely use the Internet.
http://www.net-security.org/news.php?id=6870


SECURITY MARKET SET TO FLOURISH IN 2005
But vendors must consolidate products to combat customer confusion.
http://www.net-security.org/news.php?id=6871


SUN UNVEILS SMALLEST SECURE WEB SERVER
Researchers from the Next Generation Crypto team at Sun Microsystems
Laboratories have created the world's smallest secure web server.
http://www.net-security.org/news.php?id=6872


DON'T TALK TO STRANGERS
Agencies can reduce spam by setting up e-mail registration databases.
http://www.net-security.org/news.php?id=6873


PASSWORD MANAGEMENT WITH PASSWORDSAFE
PasswordSafe is intended to be a secure solution for maintaining a
list of passwords. It uses a secure, encrypted database to store each
password and can only be accessed by providing the master password.
http://www.net-security.org/news.php?id=6874


HOW TO SIGN YOUR CUSTOM RPM PACKAGE WITH GPG KEY
GnuPG stands for GNU Privacy Guard and is GNU's tool for secure
communication and data storage.
http://www.net-security.org/news.php?id=6875


SHOWING THE GOVERNMENT HOW LINUX PROVIDES BETTER SECURITY
Showing government offices and agencies how Linux and open-source
software provide better security.
http://www.net-security.org/news.php?id=6876


SECURE A J2ME ENVIRONMENT WITH JCE
Securing pervasive content is no simple issue, and the Java
Cryptography Extension, while accepted as the standard here, brings
its own problems to development. Don't raise the white flag, though.
This article focuses on those problems and offers the solutions.
http://www.net-security.org/news.php?id=6877


FIREFOX'S GRASSROOTS CURE FOR INTERNET INSECURITY
There's a new challenger for the browser crown, offering security the
champ can't match.
http://www.net-security.org/news.php?id=6878


PANDA PITCHES AT CORPORATES
Vendor follows up on home-market success with relaunch of its partner
programme.
http://www.net-security.org/news.php?id=6879


CRITICAL FLAW PLAGUES MOZILLA
New flaw in old browsers.
http://www.net-security.org/news.php?id=6880


MCAFEE TOOL SPOTS SITE VULNERABILITIES
McAfee division Foundstone Professional Services is offering
SiteDigger 2.0, a security tool that searches enterprise Web sites to
spot confidential material that has been exposed to view accidentally
over the Internet.
http://www.net-security.org/news.php?id=6881


MORE WORMS TARGET MOBILE PHONES
Latest variants could be a sign of what's to come, security experts
warn.
http://www.net-security.org/news.php?id=6882


SECURITY LEADERS CREATE BLUEPRINT FOR PROFESSIONAL STANDARDS
Senior IT security professionals are pressing for new IT security
qualifications and the creation of a national accreditation body in a
bid to improve standards.
http://www.net-security.org/news.php?id=6883


FEDS CALLED IN OVER TROJAN TAX SCAM
E-mail scammers have shifted their sights from a staple diet of
banks, betting shops and auction sites to government agencies, with
the Australian Taxation Office (ATO) calling in Australian Federal
Police over a spam deluge that tries to send taxpayers to
Trojan-infected Web sites.
http://www.net-security.org/news.php?id=6884


MICROSOFT CAN SAVE ITS AILING AUTHENTICATION SERVICE
Microsoft can save its ailing authentication service, but only by
scaling back its expectations on what kind of accounts and services
it's fit to secure.
http://www.net-security.org/news.php?id=6885


LETTING THE TELECOMMUTERS INTO THE NETWORK
You worked hard to keep the space rabble out of your network. Now
make sure the good guys can get in.
http://www.net-security.org/news.php?id=6886


SECURING THUNDERBIRD EMAIL WITH OPENPGP
Email is commonly used in business today, yet only a small percentage
of users take the time to guarantee their email is sent in a secure
and confidential manner. If you're not part of that elite group, read
on to learn how to setup OpenPGP with the Mozilla Thunderbird mail
component.
http://www.net-security.org/news.php?id=6887


HIGH-TECH ANSWERS TO ID THEFT
Brace yourself for retina scans, chip implants and other gizmos that
are already replacing plastic but are much more secure... if a little
creepy.
http://www.net-security.org/news.php?id=6888


ATTACKERS CAPTURE INFO FROM GEORGE MASON UNIVERSITY
Computer attackers captured the names, Social Security numbers and
other information of more than 30,000 students and staff at George
Mason University.
http://www.net-security.org/news.php?id=6889


DOES YOUR PRIVACY POLICY MEAN ANYTHING?
These days, your company's privacy policy is a handy tool. It can
placate worried consumers. A privacy policy assures them their
personal data won't ever be used, shared, or abused.
http://www.net-security.org/news.php?id=6890


AMD PROMOTES NEW AMD HOLOGRAPHIC LABEL, SECURITY FEATURES
MD today announced an educational campaign focused on the security
features of AMD boxed processors.
http://www.net-security.org/news.php?id=6891


UNISYS IT SECURITY PREDICTIONS
Unisys IT security experts predict that 2005 will bring greater
liability, growing mobile and cyber threats and increased identity
management.
http://www.net-security.org/news.php?id=6892


THE PERILS OF DEEP PACKET INSPECTION
This paper looks at the evolution of firewall technology towards Deep
Packet Inspection, and then discusses some of the security issues with
this evolving technology.
http://www.net-security.org/news.php?id=6897


MICROSOFT VIRUS CLEAN-UP TOOL SPARKS CONTROVERSY
Microsoft debuts a malicious software removal tool today. It
represents the first tangible fruits of Microsoft's June 2003
acquisition of Romanian anti-virus firm GeCAD Software.
http://www.net-security.org/news.php?id=6898


SIMPLE SNOOP-PROOF EMAIL LAUNCHED
Software that aims to make encrypted email communications simple
enough for even computer novices to use was released on Tuesday.
http://www.net-security.org/news.php?id=6899


ELIMINATE PASSWORDS WITH OATH
Someday soon, you'll be able to forget your passwords and still
access all the secure servers you use now. In fact, no one will have
to remember any passwords at all.
http://www.net-security.org/news.php?id=6900


NOKIA UNVEILS IP VPN SUITE FOR MOBILE SECURITY
Nokia announced a suite of IP security virtual private network-based
solutions that offer secure remote access to corporate networks from
mobile devices and remote locations.
http://www.net-security.org/news.php?id=6901


SHAPE UP YOUR WAN TRAFFIC
Packeteer and 8e6 traffic managers offer choice between luxury and
thrift.
http://www.net-security.org/news.php?id=6902


TROJAN EXPLOITS WINDOWS DRM
Anti-Virus and security vendor Panda Labs is reporting the discovery
of a threat that takes advantage of Windows Digital Rights Management
(DRM).
http://www.net-security.org/news.php?id=6903


MICROSOFT RELEASES TWO CRITICAL SECURITY FIXES FOR WINDOWS
Microsoft Corp. released two security fixes Tuesday that carry its
most severe threat rating.
http://www.net-security.org/news.php?id=6904


COMPARING THE ISA FIREWALL TO NON-ISA FIREWALL SOLUTIONS
This article kicks off a series that compares the ISA firewall to the
other major players in the firewall market.
http://www.net-security.org/news.php?id=6906


FULL DISCLOSURE PUT ON TRIAL IN FRANCE
The trial of a French security researcher last week has become a
cause celebre. Its outcome will decide if interested parties can
"peek under the bonnet" in testing the road-worthiness of security
products without falling foul of French law.
http://www.net-security.org/news.php?id=6907


HACKER PENETRATES T-MOBILE SYSTEMS
A sophisticated computer hacker had access to servers at wireless
giant T-Mobile for at least a year.
http://www.net-security.org/news.php?id=6908


ANOTHER COMPUTER SECURITY OFFICIAL QUITS
The Homeland Security Department official in charge of protecting the
nation's physical and computer infrastructure is stepping down at the
end of the month.
http://www.net-security.org/news.php?id=6909


WAR ON TERRORISM TURNS TO INFORMATION NETWORK
Hundreds of cyber crime experts gather to compare notes at the Westin
Innisbrook Resort.
http://www.net-security.org/news.php?id=6910


WILL LONGHORN BOOST COMPUTER SECURITY?
Truly trustworthy computing is still a few years off, HP exec says.
http://www.net-security.org/news.php?id=6911


BLACK HATS GAINING GROUND ON MICROSOFT
The latest batch of security bulletins from Microsoft Corp contain
notable omissions - the names of people who practiced responsible
disclosure by telling Microsoft about the bugs before anyone else.
http://www.net-security.org/news.php?id=6912


DEVELOPER RAPS LINUX SECURITY
Brad Spengler of grsecurity characterized the Linux Security Model,
or LSM, as merely a way to allow the National Security Agency's
SELinux to be used as a module. "The framework is unfit for any
security system that does anything remotely innovative, such as
grsecurity and RSBAC [Rule Set-Based Access Control]," he declared.
http://www.net-security.org/news.php?id=6913


XML - THE END OF SECURITY THROUGH OBSCURITY?
New Web services protocols make data easy to read-and almost as easy
to hide.
http://www.net-security.org/news.php?id=6914


BATTERY MANAGEMENT IC TAKES SECURITY ONBOARD
A novel intelligent battery management IC easily identifies
potentially unsafe batteries not approved by consumer electronics
manufacturers for use in their devices.
http://www.net-security.org/news.php?id=6915


A NEW TOOL IN THE SPAM WAR
Arbitration is part of the next wave of security measures, and can be
effective against spammers who illegally harvest email addresses from
a honeypot on your website.
http://www.net-security.org/news.php?id=6916


SECURING LINUX PRODUCTION SYSTEMS
This article is a practical step-by-step guide for securing Linux
production systems.
http://www.net-security.org/news.php?id=6917


US SLAPS ON THE WARDRIVER-BUSTING PAINT
Security-minded US decorators' supply outfit Force Field Wireless
claims to have developed a DIY solution to the international menace
of marauding geek wardrivers.
http://www.net-security.org/news.php?id=6918


GOOGLE PATCHES GMAIL SECURITY HOLE
Google has fixed a bug in its Web-based e-mail service, Gmail, that
allowed users to read the contents of other people's messages.
http://www.net-security.org/news.php?id=6919


A PERSONAL DESKTOP BACK-UP SOLUTION
A hard drive crash over the holidays left me scrambling to get back
to a productive desktop as quickly as possible.
http://www.net-security.org/news.php?id=6920


TORVALDS CRITICIZES SECURITY APPROACHES
Linux creator Linus Torvalds had a few things to say this week about
the way potential security issues are disclosed to fellow open
sourcers. And it wasn't all good.
http://www.net-security.org/news.php?id=6921


DHS, DOJ PLAN CYBERCRIME SURVEY
In what they hope will become the premier measure of national
cybercrime statistics, officials at the Homeland Security and Justice
departments plan to survey 36,000 businesses this spring to examine
the type and frequency of computer security incidents.
http://www.net-security.org/news.php?id=6922


MALWARE, SPAM PROMPTS MASS NET TURN OFF
Both beginners and veterans are finding the Interweb experience so
repellent that they're disconnecting in droves, blaming malware and
spam.
http://www.net-security.org/news.php?id=6923


A LOOK AT MICROSOFT ANTISPYWARE
It's a little Microsoft-centric, but we generally like the software
giant's full-featured beta antispyware program.
http://www.net-security.org/news.php?id=6924


RINGS OF STEEL COMBAT NET ATTACKS
Gambling is hugely popular, especially with tech-savvy criminals.
http://www.net-security.org/news.php?id=6925


WINDOWS TROJANS HIT P2P
Madrid-based anti-virus firm Panda Software reports the circulation
on peer-to-peer (P2P) networks of Trojans that are spread by
exploiting digital rights management features in Windows media
player, reports The Register.
http://www.net-security.org/news.php?id=6926


ITUNES USERS AT RISK FROM HACKERS
Subscribers urged to upgrade software immediately.
http://www.net-security.org/news.php?id=6927

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

Apple iTunes Playlist Parsing Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=3976


ForumKIT XSS Vulnerability
http://www.net-security.org/vuln.php?id=3975


Horde 3.0 Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=3974


BiTBOARD XSS Vulnerability
http://www.net-security.org/vuln.php?id=3973


Arkeia Possible Remote Root And Information Leakage Vulnerability
http://www.net-security.org/vuln.php?id=3972


Linux Kernel i386 SMP Page Fault Handler Privilege Escalation
Vulnerability
http://www.net-security.org/vuln.php?id=3971


IlohaMail Insecure Configuration Files Vulnerability
http://www.net-security.org/vuln.php?id=3970


Windows ANI File Parsing Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=3969


HylaFAX hfaxd Unauthorized Login Vulnerability
http://www.net-security.org/vuln.php?id=3968


Multi-vendor AV Gateway Image Inspection Bypass Vulnerability
http://www.net-security.org/vuln.php?id=3967


Microsoft Word and Excel RC4 Misuse Vulnerability
http://www.net-security.org/vuln.php?id=3966

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Ubuntu Security Notice - Linux kernel vulnerabilities (USN-60-0)
http://www.net-security.org/advisory.php?id=4314


Conectiva Linux Security Announcement - twiki (CLA-2005:918)
http://www.net-security.org/advisory.php?id=4313


Debian Security Advisory - New mc packages fix several
vulnerabilities (DSA 639-1)
http://www.net-security.org/advisory.php?id=4312


Gentoo Linux Security Advisory - tnftp: Arbitrary file overwriting
(GLSA 200501-24)
http://www.net-security.org/advisory.php?id=4311


Trustix Secure Linux Security Advisory - glibc iproute setup
tsl-utils (2005-0002)
http://www.net-security.org/advisory.php?id=4310


Trustix Secure Linux Security Advisory - fcron, kernel (2005-0001)
http://www.net-security.org/advisory.php?id=4309


Debian Security Advisory - New gopher packages fix several
vulnerabilities (DSA 638-1)
http://www.net-security.org/advisory.php?id=4308


Conectiva Linux Security Announcement - krb5 (CLA-2005:917)
http://www.net-security.org/advisory.php?id=4307


Conectiva Linux Security Announcement - ethereal (CLA-2005:916)
http://www.net-security.org/advisory.php?id=4306


Conectiva Linux Security Announcement - php4 (CLA-2005:915)
http://www.net-security.org/advisory.php?id=4305


Turbolinux Security Announcement - php/httpd (13/Jan/2005)
http://www.net-security.org/advisory.php?id=4304


Mandrakelinux Security Update Advisory - Updated imlib packages fix
vulnerability (MDKSA-2005:007)
http://www.net-security.org/advisory.php?id=4303


Mandrakelinux Security Update Advisory - Updated hylafax packages fix
vulnerability (MDKSA-2005:006)
http://www.net-security.org/advisory.php?id=4302


Debian Security Advisory - New exim-tls packages fix arbitrary code
execution (DSA 637-1)
http://www.net-security.org/advisory.php?id=4301


US-CERT Technical Cyber Security Alert - Microsoft Windows HTML Help
ActiveX Contol Cross-Domain Vulnerability (TA05-012B)
http://www.net-security.org/advisory.php?id=4300


Gentoo Linux Security Advisory - Exim: Two buffer overflows (GLSA
200501-23)
http://www.net-security.org/advisory.php?id=4299


US-CERT Technical Cyber Security Alert - Multiple Vulnerabilities in
Microsoft Windows Icon and Cursor Processing (TA05-012A)
http://www.net-security.org/advisory.php?id=4298


SUSE Security Announcement - SUSE Security Summary Report
(SUSE-SR:2005:01)
http://www.net-security.org/advisory.php?id=4297


Debian Security Advisory - New libc6 packages fix insecure temporary
files (DSA 636-1)
http://www.net-security.org/advisory.php?id=4296


Gentoo Linux Security Advisory - CUPS: Multiple vulnerabilities (GLSA
200412-25)
http://www.net-security.org/advisory.php?id=4295


Debian Security Advisory - New exim packages fix arbitrary code
execution (DSA 635-1)
http://www.net-security.org/advisory.php?id=4294


Microsoft Security Update Alert - January 11, 2005
http://www.net-security.org/advisory.php?id=4293


Mandrakelinux Security Update Advisory - Updated nfs-utils packages
fix 64bit vulnerability (MDKSA-2005:005)
http://www.net-security.org/advisory.php?id=4292


Gentoo Linux Security Advisory - poppassd_pam: Unauthorized password
changing (GLSA 200501-22)
http://www.net-security.org/advisory.php?id=4291


Debian Security Advisory - New hylafax packages fix unauthorised
access (DSA 634-1)
http://www.net-security.org/advisory.php?id=4290


OpenPKG Security Advisory - perl (OpenPKG-SA-2005.001)
http://www.net-security.org/advisory.php?id=4289


Gentoo Linux Security Advisory - HylaFAX: hfaxd unauthorized login
vulnerability (GLSA 200501-21)
http://www.net-security.org/advisory.php?id=4288


Gentoo Linux Security Advisory - o3read: Buffer overflow during file
conversion (GLSA 200501-20)
http://www.net-security.org/advisory.php?id=4287


Gentoo Linux Security Advisory - imlib2: Buffer overflows in image
decoding (GLSA 200501-19)
http://www.net-security.org/advisory.php?id=4286


Gentoo Linux Security Advisory - KDE FTP KIOslave: Command injection
(GLSA 200501-18)
http://www.net-security.org/advisory.php?id=4285


Gentoo Linux Security Advisory - KPdf, KOffice: More vulnerabilities
in included Xpdf (GLSA 200501-17)
http://www.net-security.org/advisory.php?id=4284


Gentoo Linux Security Advisory - Konqueror: Java sandbox
vulnerabilities (GLSA 200501-16)
http://www.net-security.org/advisory.php?id=4283


Debian Security Advisory - New bmv package fixes insecure temporary
file creation (DSA 633-1)
http://www.net-security.org/advisory.php?id=4282


SCO Security Advisory - UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1: 
mountd remote denial of service (SCOSA-2005.1)
http://www.net-security.org/advisory.php?id=4281


Gentoo Linux Security Advisory - UnRTF: Buffer overflow (GLSA
200501-15)
http://www.net-security.org/advisory.php?id=4280


Gentoo Linux Security Advisory - mpg123: Buffer overflow (GLSA
200501-14)
http://www.net-security.org/advisory.php?id=4279


Ubuntu Security Notice - mailman vulnerabilities (USN-59-1)
http://www.net-security.org/advisory.php?id=4278


Ubuntu Security Notice - MIT Kerberos server vulnerability (USN-58-1)
http://www.net-security.org/advisory.php?id=4277


Debian Security Advisory - New linpopup packages fix arbitrary code
execution (DSA 632-1)
http://www.net-security.org/advisory.php?id=4276


Debian Security Advisory - New kdlibs packages fix arbitrary FTP
command execution (DSA 631-1)
http://www.net-security.org/advisory.php?id=4275


SUSE Security Announcement - libtiff/tiff (SUSE-SA:2005:001)
http://www.net-security.org/advisory.php?id=4274


Debian Security Advisory - New lintian packages fix insecure
temporary directory (DSA 630-1)
http://www.net-security.org/advisory.php?id=4273


Gentoo Linux Security Advisory - pdftohtml: Vulnerabilities in
included Xpdf (GLSA 200501-13)
http://www.net-security.org/advisory.php?id=4272


Gentoo Linux Security Advisory - TikiWiki: Arbitrary command
execution (GLSA 200501-12)
http://www.net-security.org/advisory.php?id=4271


Gentoo Linux Security Advisory - Dillo: Format string vulnerability
(GLSA 200501-11)
http://www.net-security.org/advisory.php?id=4270


Ubuntu Security Notice - Linux kernel vulnerabilities (USN-57-1)
http://www.net-security.org/advisory.php?id=4269


Debian Security Advisory - New kerberos packages fix arbitrary code
execution (DSA 629-1)
http://www.net-security.org/advisory.php?id=4268


Ubuntu Security Notice - exim4 vulnerabilities (USN-56-1)
http://www.net-security.org/advisory.php?id=4267

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org


----------------------------------------------------------------

INTERVIEW WITH KEN CUTLER, VICE PRESIDENT, INFORMATION SECURITY, MIS
TRAINING INSTITUTE
Mr. Cutler discusses: today's biggest online threats, closed source
vs. open source security, the full disclosure of vulnerabilities, the
challenge of protecting sensitive information at the enterprise leve,
and more.
http://www.net-security.org/article.php?id=759


PASSWORD MANAGEMENT WITH PASSWORDSAFE
PasswordSafe is intended to be a secure solution for maintaining a
list of passwords. It uses a secure, encrypted database to store each
password and can only be accessed by providing the master password.
http://www.net-security.org/article.php?id=758

----------------------------------------------------------------




[ Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2

Pocket PC software is located at:
http://net-security.org/software_main.php?cat=3


----------------------------------------------------------------

FIREWALL BUILDER 2.0.5 (Linux)
Firewall Builder consists of an object-oriented GUI and a set of
policy compilers for various firewall platforms.
http://www.net-security.org/software.php?id=230


JPORTKNOCK 0.0.5 (Linux)
jPortKnock does port knocking, a method of establishing a connection
to a networked computer with no open port.
http://www.net-security.org/software.php?id=594


JSCH 0.1.19 (Windows)
JSch is a pure Java implementation of SSH2.
http://www.net-security.org/software.php?id=417


KISKIS 0.13.1 (Linux)
KisKis (KisKis � Keep It Secret! Keep It Safe!) is an easy-to-use
password manager.
http://www.net-security.org/software.php?id=578


PASSWORD SAFE 2.08 (Windows)
Password Safe is a password database utility.
http://www.net-security.org/software.php?id=172


SCRUTINIZER 1.03 (Linux)
Scrutinizer protects web applications from HTTP (D)DoS Attacks.
http://www.net-security.org/software.php?id=592


SHELL INTRUSION DETECTION 0.4.0 (Linux)
SID is a Shell Intrusion Detection system. The kernel part plugs into
a terminal-processing subsystem and logs hashed terminal lines.
http://www.net-security.org/software.php?id=473


TCPICK 0.2.0 (Linux)
Tcpick is a textmode sniffer that can track TCP streams and saves the
data captured in files or displays them in the terminal.
http://www.net-security.org/software.php?id=288


VUURMUUR 0.5.60 (Linux)
Vuurmuur is a middle-end/front-end for netfilter/iptables.
http://www.net-security.org/software.php?id=591


YASSL 0.9.0 (Linux)
yaSSL is an SSL Library for programmers building security
functionality into their applications and devices.
http://www.net-security.org/software.php?id=521

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at:
http://net-security.org/webcasts.php


----------------------------------------------------------------

Writing Secure Code (Part 2 of 3) - Threat Defense
Organized by Microsoft on 26 January 2005, 11:00 AM
http://www.net-security.org/webcast.php?id=351

----------------------------------------------------------------




[ Conferences ]


All conferences are located at:
http://net-security.org/conferences.php


----------------------------------------------------------------

8th International Workshop on Practice and Theory in Public Key
Cryptography (PKC 05)
Organized by Ecole Polytechnique Federale de Lausanne - 23 January-26
January 2005
http://www.net-security.org/conference.php?id=106


Australasian Information Security Workshop 2005
Organized by Australian Computer Society and The University of
Newcastle - 31 January-3 February 2005
http://www.net-security.org/conference.php?id=107


Airscanner Wireless Security Bootcamp
Organized by Airscanner - 3 February-4 February 2005
http://www.net-security.org/conference.php?id=103


The 12th Annual Network and Distributed System Security Smposium 
2005
Organized by The Internet Society Organization Commitee - 3
February-4 February 2005
http://www.net-security.org/conference.php?id=108


Winter 2005 Biometrics Summit
Organized by Advanced Learning Institute - 23 February-25 February
2005
http://www.net-security.org/conference.php?id=129


Fast Software Encryption 2005
Organized by European Network of Excellence - 24 February-25 February
2005
http://www.net-security.org/conference.php?id=109


Financial Cryptography and Security (FC 05) Ninth International
Conference
Organized by RSA Security - 28 February-3 March 2005
http://www.net-security.org/conference.php?id=110


International Workshop on Coding and Cryptography (WCC 2005)
Organized by Selmersenteret, INRIA - 14 March-18 March 2005
http://www.net-security.org/conference.php?id=111


Third IEEE International Information Assurance Workshop (IWIA'05)
Organized by IEEE Computer Society Task Force on Information
Assurance - 24 March-25 March 2005
http://www.net-security.org/conference.php?id=112


ECCE E-crime and Computer Evidence 2005
Organized by n-gate ltd. - 29 March-30 March 2005
http://www.net-security.org/conference.php?id=94


Indonesia Cryptology and Information Security Conference 2005
Organized by Lembaga Sandi Negara RI - 30 March-31 March 2005
http://www.net-security.org/conference.php?id=113


The 1st International Workshop on Systems and Network Security
(SNS2005)
Organized by University of Colorado at Colorado Springs - 4 April-8
April 2005
http://www.net-security.org/conference.php?id=114


Infosec World 2005
Organized by MIS Training Institute - 4 April-6 April 2005
http://www.net-security.org/conference.php?id=128


4th Annual PKI R&D Workshop (PKI'05)
Organized by National Institute of Standards and Technology - 19
April-21 April 2005
http://www.net-security.org/conference.php?id=115


Infosecurity Europe 2005
Organized by Reed Exhibitions - 26 April-28 April 2005
http://www.net-security.org/conference.php?id=126

----------------------------------------------------------------




[ Security World ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org


----------------------------------------------------------------

iQuate joins BSA Ireland
http://www.net-security.org/press.php?id=2842


Atheros Communications Takes the Hassle Out of Security Setups with
JumpStart for Wireless Simple Software Solution Offers the Highest
WLAN Security Available Today
http://www.net-security.org/press.php?id=2841


Clickfraud.com Launches Click Fraud Awareness Campaign
http://www.net-security.org/press.php?id=2840


Frost & Sullivan Names TippingPoint 2005 Network Security
Infrastructure Protection Entrepreneurial Company of the Year
http://www.net-security.org/press.php?id=2839


Vircom Selected as a Finalist in the 2005 SC Magazine Global Awards
http://www.net-security.org/press.php?id=2838


FrontBridge Wins SC Magazine "Best Buy" Award for Email Managed
Services in Industry-Wide Group Test
http://www.net-security.org/press.php?id=2837


Vernier Broadens Network Admission Management Capabilities Through
Support of Network Access Protection Technology from Microsoft
http://www.net-security.org/press.php?id=2836


Lucid Security Expands Sales Force For Increased Market Penetration
http://www.net-security.org/press.php?id=2835


eIQnetworks Unveils Network Security Analyzer For Improved Security
Operations Management
http://www.net-security.org/press.php?id=2834


Cabot Square Capital Protects Critical Communications From Downtime
With SteelEye�s LifeKeeper for Exchange
http://www.net-security.org/press.php?id=2833


60% of Emails To UK Students in 2004 Were Viruses or Spam Says Email
Systems
http://www.net-security.org/press.php?id=2832


CXL Secures Your Mid-Range Systems Using Non-Intrusive PC Based
Review Software To Secure Your Unix, OS/400 And OpenVMS Computers
http://www.net-security.org/press.php?id=2831


Cloudmark Wins Over 200 New Customers with Trade-up Program
http://www.net-security.org/press.php?id=2830


TippingPoint�s UnityOne Wins Record Awards in 2004, Making it the
Most Decorated IPS
http://www.net-security.org/press.php?id=2829


BeCrypt Acquires Enhanced-Level Government Security Software In
Multi-Million Pound Deal
http://www.net-security.org/press.php?id=2828


Sp@mX Now Supports Powerful Anti-Phishing Capablility!
http://www.net-security.org/press.php?id=2827


Sygate Joins Network Admission Control (NAC) Program
http://www.net-security.org/press.php?id=2826


Trapeze Networks Strengthens Its Executive Team By Hiring New
Leadership In Engineering, Marketing And Technology
http://www.net-security.org/press.php?id=2825

----------------------------------------------------------------




[ Virus News ]


All virus news are located at:
http://www.net-security.org/viruses.php


----------------------------------------------------------------

Cabir on the loose in Russia - first documented case of an infection
in the wild
http://www.net-security.org/virus_news.php?id=513


Virus Top 20 December 2004
http://www.net-security.org/virus_news.php?id=512


New Cellery Worm Plays Tetris As It Spreads, Reports Sophos
http://www.net-security.org/virus_news.php?id=511


Computer Worm Spreads Happy Nude Year Greeting, Sophos Reports
http://www.net-security.org/virus_news.php?id=510


Video Files Appear That Download Malicious Application When They Are
Run
http://www.net-security.org/virus_news.php?id=509


Weekly report on viruses and intruders - Winxor.A, Breacuk.E and
Asan.A.
http://www.net-security.org/virus_news.php?id=508

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:

Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
INFOSEC WORLD 2005 IS WHERE CONNECTIONS ARE MADE!
----------------------------------------------------------------
Expand your knowledge with the hottest topics and get real-world 
strategies and tested techniques for meeting your toughest 
information security challenges.

http://www.misti.com/12/os05ba8.html
----------------------------------------------------------------