HNS Newsletter Issue 250 - 31.01.2005. http://net-security.org This is a newsletter delivered to you by Help Net Security. It covers weekly roundups of security events that were in the news the past week. ---------------------------------------------------------------- REGISTER FOR INFOSECURITY EUROPE 2005 ---------------------------------------------------------------- Infosecurity Europe is Europe's number one, dedicated Information Security event. Now in its 10th anniversary year, Infosecurity Europe continues to provide an unrivalled education programme, new products & services, over 250 exhibitors and over 10,000 visitors from every segment of the industry. ---------------------------------------------------------------- Get all the information at: http://www.infosec.co.uk/hns ---------------------------------------------------------------- Table of contents: 1) Security news 2) Vulnerabilities 3) Advisories 4) Articles 5) Reviews 6) Software 7) Conferences 8) Security World 9) Virus News [ Security news ] ---------------------------------------------------------------- HARVARD FIXING DATA SECURITY BREACHES Loophole allowed viewing student prescription orders. http://www.net-security.org/news.php?id=6989 PROTECT YOURSELF AGAINST DOMAIN NAME THEFT The domain name hijacking of panix.com last week highlights a weaknesses in the Internet's registrar system and should serve as a warning to all companies. It could happen to anyone. http://www.net-security.org/news.php?id=6990 SYMANTEC SHOWS E-MAIL SECURITY APPLIANCE New products use the acquired Brightmail anti-spam technology. http://www.net-security.org/news.php?id=6991 SECURITY CONCERNS PROMPT INTERNET EXPLORER DEFECTIONS Worried about catching viruses, spyware, or other malicious software while surfing the Web? http://www.net-security.org/news.php?id=6992 HOTSPOT PARANOIA: TRY TO STAY CALM OK, the fact that Professor Brian Collins is prepared to talk about public Wi-Fi hotspots with evil twins does mean it's worth taking seriously. http://www.net-security.org/news.php?id=6993 VIRUSES FOR SYMBIAN OS - THE TRUTH Don't be panicked by media hype about viruses targetting Symbian OS smartphones! http://www.net-security.org/news.php?id=6994 HARDWARE AND SOFTWARE FOR SECURE ONLINE BANKING A heavy hand with consumer education can go a long way toward keeping customers safe. If they receive e-mails sporting a bank logo that requires a response, they'll know it's not a legitimate communication. http://www.net-security.org/news.php?id=6995 HACKERS EAVESDROP ON PHONE NETWORKS TO STEAL DATA Computer hackers have taken to stealing data the easy way - by eavesdropping on phone and e-mail conversations to find the keys to seemingly impregnable networks, security experts say. http://www.net-security.org/news.php?id=6996 PHISHING AGAINST BANKS HITS ALL TIME HIGH Anti-Phishing Working Group warns of 'relentless increase'. http://www.net-security.org/news.php?id=6997 TOP USERS' SECURITY MANIFESTO AIMS TO CLOSE GAPS IN SUPPLIER OFFERINGS User group the Jericho Forum, whose members include more than 50 global companies, is set to publish criteria on information security for suppliers to follow when developing products. http://www.net-security.org/news.php?id=6999 IRS NEEDS BETTER IT SECURITY PLAN The process for identifying weaknesses and reporting progress is flawed and ineffective, according to the report. http://www.net-security.org/news.php?id=7000 SSL VPNS MADE SIMPLE You can always tell when a particular technology begins to gain momentum by the availability of lower-cost alternatives to the bleeding-edge, high-end devices. http://www.net-security.org/news.php?id=7001 BANKS AND POLICE SET SECURITY STANDARDS Solutions to online fraud 'already exist', claim experts. http://www.net-security.org/news.php?id=7002 THE OPEN ROAD: SAMHAIN This article describes a Host-Based Intrusion Detection System (HIDS) with Samhain. http://www.net-security.org/news.php?id=7003 SAP LAUNCHES TWO SECURITY INITIATIVES Program certifies consultants' knowledge of security tools applicable to SAP technology. http://www.net-security.org/news.php?id=7004 HOW TO: MASTERING PORTQRY.EXE (PART 1) In this article the author will cover the fundamentals of using the PortQry command line tool. http://www.net-security.org/news.php?id=7005 HACKERS USE OLD-FASHIONED EAVESDROPPING TO STEAL DATA Computer hackers have taken to stealing data the easy way — by eavesdropping on phone and e-mail conversations to find the keys to seemingly impregnable networks, security experts say. http://www.net-security.org/news.php?id=7006 VENDORS NEED TO FOCUS ON MOBILE VIRUSES Viruses are becoming a more serious threat, but most hardware vendors and wireless operators have put the problem on a back burner, an industry analyst claims. http://www.net-security.org/news.php?id=7007 PROBE: POOR INFO SHARING HARMS SECURITY Poor information-sharing both inside and outside government is threatening homeland security, congressional investigators said Tuesday. http://www.net-security.org/news.php?id=7008 ARE WE IN A COMPUTER SECURITY RENAISSANCE? The widespread adoption of the Internet and e-commerce helped change the focus of security research. http://www.net-security.org/news.php?id=7009 FEDS AIM TO TIGHTEN NUCLEAR CYBER SECURITY Federal regulators are proposing to add computer security standards to their criteria for installing new computerized safety systems in nuclear power plants. http://www.net-security.org/news.php?id=7010 DOMAIN HIJACK: DOTSTER YET TO COMMENT Dotster, the domain registrar that manages the panix.com domain which was hijacked over the weekend of January 15-16, is yet to make a public comment about the affair. http://www.net-security.org/news.php?id=7011 INTRODUCTION TO TROUBLESHOOTING LINUX FIREWALLS The importance of a firewall to your security plan cannot be stressed enough, but what happens when your firewall fails? Find out in this introduction to firewall troubleshooting. http://www.net-security.org/news.php?id=7012 AN OVERVIEW OF GPG GPG stands for Gnu Privacy Guard. It is a program from the FSF which allows you to encrypt and verify signed files created by others all without a shared secret which would allow others to impersonate you or get access to your encrypted files. http://www.net-security.org/news.php?id=7013 PREPARING YOURSELF FOR INTRUSIONS This article explains the basic concepts of intrusion detection and response. http://www.net-security.org/news.php?id=7014 SELINUX: PLAYING WITH FIRE One of the much-talked-about features in Fedora Core 3 is Security-Enhanced Linux, which some people believe will make Linux a truly military-grade secure operating system. But SELinux is available to secure many other distributions as well. http://www.net-security.org/news.php?id=7015 CLAM ANTIVIRUS: OPEN SOURCE VS. THE BAD GUYS Open source software, in the form of Clam AntiVirus, can help you detect rogue programs before they hit your inbox, whether you run Linux or Windows. http://www.net-security.org/news.php?id=7016 FBI BACKS TRANSATLANTIC ANTI-SPAM SUMMIT A delegation of British MPs heads over to Washington next month to discuss information security with US politicians. http://www.net-security.org/news.php?id=7017 INTERNET SECURITY SUITES FACE OFF These products promise to protect you from more than just viruses. We see how they stack up. http://www.net-security.org/news.php?id=7018 WEB SECURITY GROUP READIES LAUNCH A volunteer group is launching this month to provide a forum for free, open source documentation, tools and standards for Web application security. http://www.net-security.org/news.php?id=7019 LENGTH OF HACKER'S PRISON TERM DEBATED Law enforcement recovered records of Jeffrey Lee Parson's online conversations with other hackers in which he said he was looking for a copy of the Blaster worm and that he was thinking about spreading a version of it. "Hehehe," he wrote, "and watch me get caught." http://www.net-security.org/news.php?id=7020 NIST REPORT URGES CAUTION WITH VOIP SECURITY A new report from the National Institute of Standards and Technology urges federal agencies and other organizations to take care in switching to voice-over-IP technology because of security concerns. http://www.net-security.org/news.php?id=7021 SECURITY FIRM SAYS SPAMMERS AHEAD OF THE GAME The threat of e-mail viruses, Internet scams and other attacks by spammers grew worse last year, despite stepped-up defense efforts by technology firms and government, an e-mail security firm reported Wednesday. http://www.net-security.org/news.php?id=7022 MYDOOM ONE YEAR LATER: MORE ZOMBIES, MORE SPAM Virus now considered the beginning of sophisticated virus writers with illegal profit in mind. http://www.net-security.org/news.php?id=7023 APPLE ISSUES OS X SECURITY PATCH Apple Computer has issued a security patch to correct seven vulnerabilities in the OS X operating system, including flaws in the Safari browser, the Mac Mail e-mail program, the ColorSync system, and other parts of the OS. http://www.net-security.org/news.php?id=7024 LATEST BAGLE MUTANT ON THE RAMPAGE Worm contains backdoor for hacker to execute arbitrary programs. http://www.net-security.org/news.php?id=7025 MS MULLS CHARGING FOR ANTI-SPYWARE APP Microsoft is leaving its options open on charging for full versions of anti-spyware and virus disinfection tools. http://www.net-security.org/news.php?id=7026 MICROSOFT ENHANCES SQL 2005 SECURITY Forthcoming release more secure by default, claims Redmond. http://www.net-security.org/news.php?id=7027 THE ROLE OF EMAIL SECURITY IN MEETING REGULATORY REQUIREMENTS Due to the nature of the potential content of email, ranging from a simple customer query to financial projections, the use of this application demands particular attention to ensure that its management helps to secure regulatory compliance. http://www.net-security.org/news.php?id=7028 BLIND BUFFER OVERFLOWS IN ISAPI EXTENSIONS This paper will outline the risks ISAPI Extensions pose and how they can be exploited by third parties without any binary exposure or knowledge using blind stack overflows. This method can enable remote code execution in proprietary and third party applications. http://www.net-security.org/news.php?id=7029 HOW TO AVOID PHISHING SCAMS In this article, I will explain exactly how this type of scam works and how to avoid being a victim. http://www.net-security.org/news.php?id=7030 MALICIOUS BOT TARGETS MYSQL DATABASES WITH WEAK PASSWORDS A malicious bot program is breaking into poorly-secured MySQL databases running on Windows web servers. http://www.net-security.org/news.php?id=7031 CLEAR SKIES FOR AREA 51 HACKER Federal prosecutors formally dropped charges this month against an amateur astronomer who exposed a buried surveillance network surrounding the Air Force's mysterious "Area 51" air base in Nevada. http://www.net-security.org/news.php?id=7032 BIG NET ATTACK TIPPED IN NEXT 10 YEARS Don't say we didn't warn you: At some point in the next decade, there will be a "devastating attack" on the internet or power grid. http://www.net-security.org/news.php?id=7033 THE ENCRYPTION FACTOR Quantum computing is set to revolutionise the way we work. Trouble is, it could crack any of today's security codes in a fraction of a second. http://www.net-security.org/news.php?id=7034 ---------------------------------------------------------------- [ Vulnerabilities ] All vulnerabilities are located here: http://www.net-security.org/archive_vuln.php ---------------------------------------------------------------- Ingate Firewall: Removed PPTP Tunnels Not Deactivated Vulnerability http://www.net-security.org/vuln.php?id=4005 WinAMP in_cdda.dll CDA Device Name Buffer Overflow Vulnerability http://www.net-security.org/vuln.php?id=4004 Pocket IE Multiple Vulnerabilities http://www.net-security.org/vuln.php?id=4003 Openswan XAUTH/PAM Buffer Overflow Vulnerability http://www.net-security.org/vuln.php?id=4002 phpEventCalendar HTML Injection Vulnerability http://www.net-security.org/vuln.php?id=4001 eXponent 0.95 Multiple Vulnerabilities http://www.net-security.org/vuln.php?id=4000 Microsoft NetDDE Service Unauthenticated Remote Buffer Overflow Vulnerability http://www.net-security.org/vuln.php?id=3999 Siteman 1.1.10 User Database Line Insertion Vulnerability http://www.net-security.org/vuln.php?id=3998 ---------------------------------------------------------------- [ Advisories ] All advisories are located at: http://www.net-security.org/archive_advi.php ---------------------------------------------------------------- Gentoo Linux Security Advisory - Gallery: Cross-site scripting vulnerability (GLSA 200501-45) http://www.net-security.org/advisory.php?id=4411 Gentoo Linux Security Advisory - ncpfs: Multiple vulnerabilities (GLSA 200501-44) http://www.net-security.org/advisory.php?id=4410 Gentoo Linux Security Advisory - f2c: Insecure temporary file creation (GLSA 200501-43) http://www.net-security.org/advisory.php?id=4409 Gentoo Linux Security Advisory - VDR: Arbitrary file overwriting issue (GLSA 200501-42) http://www.net-security.org/advisory.php?id=4408 Gentoo Linux Security Advisory - TikiWiki: Arbitrary command execution (GLSA 200501-41) http://www.net-security.org/advisory.php?id=4407 Gentoo Linux Security Advisory - ngIRCd: Buffer overflow (GLSA 200501-40) http://www.net-security.org/advisory.php?id=4406 Gentoo Linux Security Advisory - SquirrelMail: Multiple vulnerabilities (GLSA 200501-39) http://www.net-security.org/advisory.php?id=4405 OpenPKG Security Advisory - sasl (OpenPKG-SA-2005.004) http://www.net-security.org/advisory.php?id=4404 Debian Security Advisory - New f2c packages fix insecure temporary files (DSA 661-1) http://www.net-security.org/advisory.php?id=4403 Mandrakelinux Security Update Advisory - Updated bind packages fix vulnerability (MDKSA-2005:023) http://www.net-security.org/advisory.php?id=4402 US-CERT Technical Cyber Security Alert - Multiple Denial-of-Service Vulnerabilities in Cisco IOS (TA05-026A) http://www.net-security.org/advisory.php?id=4401 Gentoo Linux Security Advisory - Perl: rmtree and DBI tmpfile vulnerabilities (GLSA 200501-38) http://www.net-security.org/advisory.php?id=4400 Gentoo Linux Security Advisory - GraphicsMagick: PSD decoding heap overflow (GLSA 200501-37) http://www.net-security.org/advisory.php?id=4399 SCO Security Advisory - UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1: x.org possible local socket hijacking (SCOSA-2005.8) http://www.net-security.org/advisory.php?id=4398 Debian Security Advisory - New kdebase packages fix authentication bypass (DSA 660-1) http://www.net-security.org/advisory.php?id=4397 Cisco Security Advisory - Crafted Packet Causes Reload on Cisco Routers (1.0) http://www.net-security.org/advisory.php?id=4396 Cisco Security Advisory - Multiple Crafted IPv6 Packets Cause Reload (1.0) http://www.net-security.org/advisory.php?id=4395 Debian Security Advisory - New libpam-radius-auth packages fix several vulnerabilities (DSA 659-1) http://www.net-security.org/advisory.php?id=4394 Mandrakelinux Security Update Advisory - Updated cups packages fix multiple vulnerabilities (MDKSA-2005:022) http://www.net-security.org/advisory.php?id=4393 Mandrakelinux Security Update Advisory - Updated tetex packages fix buffer overflow vulnerability (MDKSA-2005:021) http://www.net-security.org/advisory.php?id=4392 Mandrakelinux Security Update Advisory - Updated kdegraphics packages fix buffer overflow vulnerability (MDKSA-2005:020) http://www.net-security.org/advisory.php?id=4391 Mandrakelinux Security Update Advisory - Updated koffice packages fix buffer overflow vulnerability (MDKSA-2005:019) http://www.net-security.org/advisory.php?id=4390 Mandrakelinux Security Update Advisory - Updated cups packages fix buffer overflow vulnerability (MDKSA-2005:018) http://www.net-security.org/advisory.php?id=4389 Mandrakelinux Security Update Advisory - Updated xpdf packages fix buffer overflow vulnerability (MDKSA-2005:017) http://www.net-security.org/advisory.php?id=4388 Mandrakelinux Security Update Advisory - Updated gpdf packages fix buffer overflow vulnerability (MDKSA-2005:016) http://www.net-security.org/advisory.php?id=4387 Turbolinux Security Announcement - ImageMagick, a2ps, gzip, iptables, libxml, libxml2 (26/Jan/2005) http://www.net-security.org/advisory.php?id=4386 SCO Security Advisory - OpenServer 5.0.6 OpenServer 5.0.7: wu-ftp local users can bypass access restrictions (SCOSA-2005.6) http://www.net-security.org/advisory.php?id=4385 SCO Security Advisory - OpenServer 5.0.6 OpenServer 5.0.7: scosessoin local privilege elevation (SCOSA-2005.5) http://www.net-security.org/advisory.php?id=4384 Gentoo Linux Security Advisory - AWStats: Remote code execution (GLSA 200501-36) http://www.net-security.org/advisory.php?id=4383 Ubuntu Security Notice - Perl DBI module vulnerability (USN-70-1) http://www.net-security.org/advisory.php?id=4382 Conectiva Linux Security Announcement - CLA-2005:921 (xpdf) http://www.net-security.org/advisory.php?id=4381 Debian Security Advisory - New libdbi-perl packages fix insecure temporary file (DSA 658-1) http://www.net-security.org/advisory.php?id=4380 Debian Security Advisory - New xine-lib packages fix arbitrary code execution (DSA 657-1) http://www.net-security.org/advisory.php?id=4379 Debian Security Advisory - New vdr packages fix insecure file access (DSA 656-1) http://www.net-security.org/advisory.php?id=4378 Debian Security Advisory - New zhcon packages fix unauthorised file access (DSA 655-1) http://www.net-security.org/advisory.php?id=4377 Gentoo Linux Security Advisory - Evolution: Integer overflow in camel-lock-helper (GLSA 200501-35) http://www.net-security.org/advisory.php?id=4376 Mandrakelinux Security Update Advisory - Updated mailman packages fix vulnerabilities (MDKSA-2005:015) http://www.net-security.org/advisory.php?id=4375 Mandrakelinux Security Update Advisory - Updated squid packages fix multiple vulnerabilities (MDKSA-2005:014) http://www.net-security.org/advisory.php?id=4374 Mandrakelinux Security Update Advisory - Updated ethereal packages fix multiple vulnerabilities (MDKSA-2005:013) http://www.net-security.org/advisory.php?id=4373 Mandrakelinux Security Update Advisory - Updated zhcon packages fix vulnerability (MDKSA-2005:012) http://www.net-security.org/advisory.php?id=4372 KDE Security Advisory - kpdf Buffer Overflow Vulnerability (2005-01-19) http://www.net-security.org/advisory.php?id=4371 KDE Security Advisory - Multiple vulnerabilities in Konversation (20050121) http://www.net-security.org/advisory.php?id=4370 KDE Security Advisory - KOffice PDF Import Filter Vulnerability (2005-01-20) http://www.net-security.org/advisory.php?id=4369 SUSE Security Announcement - realplayer 8 (SUSE-SA:2005:004) http://www.net-security.org/advisory.php?id=4368 Gentoo Linux Security Advisory - Konversation: Various vulnerabilities (GLSA 200501-34) http://www.net-security.org/advisory.php?id=4367 Ubuntu Security Notice - evolution vulnerability (USN-69-1) http://www.net-security.org/advisory.php?id=4366 Ubuntu Security Notice - enscript vulnerabilities (USN-68-1) http://www.net-security.org/advisory.php?id=4365 Gentoo Linux Security Advisory - MySQL: Insecure temporary file creation ( GLSA 200501-33) http://www.net-security.org/advisory.php?id=4364 Gentoo Linux Security Advisory - KPdf, KOffice: Stack overflow in included Xpdf code (GLSA 200501-32) http://www.net-security.org/advisory.php?id=4363 Gentoo Linux Security Advisory - teTeX, pTeX, CSTeX: Multiple vulnerabilities (GLSA 200501-31) http://www.net-security.org/advisory.php?id=4362 ---------------------------------------------------------------- [ Articles ] All articles are located at: http://www.net-security.org/articles_main.php Articles can be contributed to articles@net-security.org ---------------------------------------------------------------- THE ROLE OF EMAIL SECURITY IN MEETING REGULATORY REQUIREMENTS Due to the nature of the potential content of email, ranging from a simple customer query to financial projections, the use of this application demands particular attention to ensure that its management helps to secure regulatory compliance. http://www.net-security.org/article.php?id=762 ---------------------------------------------------------------- [ Reviews ] All reviews are located at: http://www.net-security.org/reviews.php ---------------------------------------------------------------- TREND MICRO INTERSCAN WEB SECURITY SUITE (IWSS) IWSS is a comprehensive solution tailored for large corporate deployment. It successfully addresses the main concerns of most corporate users: increased network latency associated with HTTP gateway scanning; and reluctance to modify the network configuration and topology. http://www.net-security.org/review.php?id=148 ---------------------------------------------------------------- [ Software ] Windows software is located at: http://net-security.org/software_main.php?cat=1 Linux software is located at: http://net-security.org/software_main.php?cat=2 Pocket PC software is located at: http://net-security.org/software_main.php?cat=3 ---------------------------------------------------------------- EMAILTRACKERPRO 4 (Windows) eMailTrackerPro is the e-mail analysis tool that enables you to track Internet e-mails back to the sender. http://www.net-security.org/software.php?id=294 ETHEREAL 0.10.9 (Linux) Ethereal is a free network protocol analyzer. http://www.net-security.org/software.php?id=99 FIREHOL R5 1.224 (Linux) FireHOL is a Linux iptables firewall generator. http://www.net-security.org/software.php?id=307 GRSECURITY 2.1.1 (Linux) grsecurity is a complete security system for Linux 2.4 that implements a detection/prevention/containment strategy. http://www.net-security.org/software.php?id=208 JSCH 0.1.20 (Windows) JSch is a pure Java implementation of SSH2. http://www.net-security.org/software.php?id=417 PAM_PASSWDQC 0.7.6 (Linux) pam_passwdqc is a simple password strength checking module for PAM-aware password changing programs, such as passwd. http://www.net-security.org/software.php?id=228 PASSWD_EXP 1.2.2 (Linux) Passwd_exp notifies users via email of password or account expiration. http://www.net-security.org/software.php?id=221 SNORT 2.3.0 (Linux) Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. http://www.net-security.org/software.php?id=112 YASSL 0.9.2 (Linux) yaSSL is an SSL Library for programmers building security functionality into their applications and devices. http://www.net-security.org/software.php?id=521 ---------------------------------------------------------------- [ Conferences ] All conferences are located at: http://net-security.org/conferences.php ---------------------------------------------------------------- Australasian Information Security Workshop 2005 Organized by Australian Computer Society and The University of Newcastle - 31 January-3 February 2005 http://www.net-security.org/conference.php?id=107 Airscanner Wireless Security Bootcamp Organized by Airscanner - 3 February-4 February 2005 http://www.net-security.org/conference.php?id=103 The 12th Annual Network and Distributed System Security Smposium 2005 Organized by The Internet Society Organization Commitee - 3 February-4 February 2005 http://www.net-security.org/conference.php?id=108 Winter 2005 Biometrics Summit Organized by Advanced Learning Institute - 23 February-25 February 2005 http://www.net-security.org/conference.php?id=129 Fast Software Encryption 2005 Organized by European Network of Excellence - 24 February-25 February 2005 http://www.net-security.org/conference.php?id=109 Financial Cryptography and Security (FC 05) Ninth International Conference Organized by RSA Security - 28 February-3 March 2005 http://www.net-security.org/conference.php?id=110 International Workshop on Coding and Cryptography (WCC 2005) Organized by Selmersenteret, INRIA - 14 March-18 March 2005 http://www.net-security.org/conference.php?id=111 Third IEEE International Information Assurance Workshop (IWIA'05) Organized by IEEE Computer Society Task Force on Information Assurance - 24 March-25 March 2005 http://www.net-security.org/conference.php?id=112 ECCE E-crime and Computer Evidence 2005 Organized by n-gate ltd. - 29 March-30 March 2005 http://www.net-security.org/conference.php?id=94 Indonesia Cryptology and Information Security Conference 2005 Organized by Lembaga Sandi Negara RI - 30 March-31 March 2005 http://www.net-security.org/conference.php?id=113 The 1st International Workshop on Systems and Network Security (SNS2005) Organized by University of Colorado at Colorado Springs - 4 April-8 April 2005 http://www.net-security.org/conference.php?id=114 Infosec World 2005 Organized by MIS Training Institute - 4 April-6 April 2005 http://www.net-security.org/conference.php?id=128 4th Annual PKI R&D Workshop (PKI'05) Organized by National Institute of Standards and Technology - 19 April-21 April 2005 http://www.net-security.org/conference.php?id=115 Infosecurity Europe 2005 Organized by Reed Exhibitions - 26 April-28 April 2005 http://www.net-security.org/conference.php?id=126 DallasCon 2005 Professional Cyber Defense Conference Organized by DallasCon - 2 May-5 May 2005 http://www.net-security.org/conference.php?id=127 ---------------------------------------------------------------- [ Security World ] All press releases are located at: http://www.net-security.org/press_main.php Send your press releases to press@net-security.org ---------------------------------------------------------------- Z1 SecureMail Gateway Stops E-Mail Espionage and Address Falsification http://www.net-security.org/press.php?id=2882 LURHQ Selected as a Finalist for SC Magazine's Prestigious Global Awards 2005 for US Excellence Best Managed Security Solution http://www.net-security.org/press.php?id=2881 Who has the Ultimate Responsibility for Eliminating Modem Hijacking? http://www.net-security.org/press.php?id=2880 Deny All Introduces Server Load Balancing to Web Applications http://www.net-security.org/press.php?id=2879 SteelEye Technology launches LifeKeeper Protected Program http://www.net-security.org/press.php?id=2878 New Kerio ServerFirewall Defends Vulnerable Windows Servers against Security Threats http://www.net-security.org/press.php?id=2877 New Research Uncovers Security and Audit Risks Exposed in Business Documents http://www.net-security.org/press.php?id=2876 "AspectJ Cookbook": Even Lazy Developers Can Write and Design Better Software http://www.net-security.org/press.php?id=2875 FrontBridge Named Finalist for Best Enterprise Security Product By SIIA Codie Awards http://www.net-security.org/press.php?id=2874 Network Admission Management Solution Offered by Vernier Networks Reduces Intrusion Risks http://www.net-security.org/press.php?id=2873 New Wave of Internet Domain Name Theft Identified - Experts Explain How to Prevent Someone from Trying to Steal a Domain Name From You http://www.net-security.org/press.php?id=2872 Network Protocols Handbook For Cisco CCNA, CCIE, CCNP, and MCSE, Network+ and Security+ http://www.net-security.org/press.php?id=2871 Cloudmark to Help Tsunami Relief Donors 'Catch' Fraudulent Emails http://www.net-security.org/press.php?id=2870 Symantec Introduces Comprehensive Email Security Appliances Designed To Protect Customers From Unwanted Spam And Virus Threats http://www.net-security.org/press.php?id=2869 Symantec Introduces New Appliance Designed To Dramatically Reduce Volume Of Email And Malicious Threats Entering Corporate Networks http://www.net-security.org/press.php?id=2868 Kavado Launches Enterprise-Class Threat Management System Supporting Large-Scale, Distributed Deployment Of Web Application Security http://www.net-security.org/press.php?id=2867 Email Systems Adopts Commtouch’s Global Best of Breed Technologies, Offering Market Leading Up-To-The-Minute Virus Protection To Millions Across The UK http://www.net-security.org/press.php?id=2866 Blue Coat Gateway Spyware Prevention First To Include Inbound And Outbound Spyware URL Filtering Categories http://www.net-security.org/press.php?id=2865 SSH Announces SSH Tectia Solution For IBM Mainframes http://www.net-security.org/press.php?id=2864 ---------------------------------------------------------------- [ Virus News ] All virus news are located at: http://www.net-security.org/viruses.php ---------------------------------------------------------------- Blaster-B Worm Author Sentenced To 18 Months In Jail http://www.net-security.org/virus_news.php?id=519 Mass-Mailing Worm Suspect Arrested In Spain, Sophos Comments http://www.net-security.org/virus_news.php?id=518 If your computer insults you, it has been infected by the new Cisum.A worm http://www.net-security.org/virus_news.php?id=517 Trojan Steals Usernames And Passwords For Fantasy Role-Playing Game http://www.net-security.org/virus_news.php?id=516 ---------------------------------------------------------------- Questions, contributions, comments or ideas go to: Help Net Security staff staff@net-security.org http://net-security.org ---------------------- Unsubscribe from this weekly digest on: http://www.net-security.org/subscribe.php The archive of the newsletter in TXT and PDF format is available http://www.net-security.org/newsletter_archive.php ---------------------------------------------------------------- REGISTER FOR INFOSECURITY EUROPE 2005 ---------------------------------------------------------------- Infosecurity Europe is Europe's number one, dedicated Information Security event. Now in its 10th anniversary year, Infosecurity Europe continues to provide an unrivalled education programme, new products & services, over 250 exhibitors and over 10,000 visitors from every segment of the industry. ---------------------------------------------------------------- Get all the information at: http://www.infosec.co.uk/hns ----------------------------------------------------------------