HNS Newsletter Issue 252 - 14.02.2005. http://net-security.org This is a newsletter delivered to you by Help Net Security. It covers weekly roundups of security events that were in the news the past week. ---------------------------------------------------------------- INFOSEC WORLD 2005 IS WHERE CONNECTIONS ARE MADE! ---------------------------------------------------------------- Expand your knowledge with the hottest topics and get real-world strategies and tested techniques for meeting your toughest information security challenges. http://www.misti.com/12/os05ba8.html ---------------------------------------------------------------- Table of contents: 1) Security news 2) Vulnerabilities 3) Advisories 4) Articles 5) Software 6) Webcasts 7) Conferences 8) Security World 9) Virus News [ Security news ] ---------------------------------------------------------------- LINUX KERNEL SECURITY IS LACKING Recent events have shown that the way security in the Linux kernel is handled is broken, and it needs to be fixed right now. http://www.net-security.org/news.php?id=7082 COMBATING THE HIDDEN DANGERS OF ADWARE Adware may remain a threat to your Web users, but by adopting proactive filtering, you can ensure that the only unwanted advertisements they see are on TV. http://www.net-security.org/news.php?id=7083 COMPLAINT DROPPED AGAINST DDOS MAFIA Federal authorities in Los Angeles have dismissed a criminal complaint filed last August against four men accused of performing DDoS attacks for hire. http://www.net-security.org/news.php?id=7084 A .NET DEVELOPER'S GUIDE TO WINDOWS SECURITY Understanding just what user profiles are, and how they interact with the Windows registry system is key to keeping a secure system. Making sure that your programs store settings in the user-specific settings trees, rather than the program directory, will help keep passwords and other vital information secure. http://www.net-security.org/news.php?id=7085 RIAA SUES THE DEAD Death is no obstacle to feeling the long arm of the Recording Industry Ass. of America. http://www.net-security.org/news.php?id=7086 CLI MAGIC: OPENSSH Let's explore OpenSSH, which replaces telnet and does a whole lot more. http://www.net-security.org/news.php?id=7087 ONLINE BANKING VICTIM FILES SUIT A Miami businessman is suing Bank of America over $90,000 he says was stolen from his online banking account in a case that highlights the thorny question of who is responsible when a customer's computer is hacked into. http://www.net-security.org/news.php?id=7088 EX-AOL WORKER PLEADS GUILTY A former software engineer for America Online is charged with selling 92 million screen names and e-mail addresses to spammers. A judge finally lets the guy plead guilty to conspiracy. http://www.net-security.org/news.php?id=7089 SAFE FROM A CYBERATTACK? Nuclear regulatory officials formalize security standards for safety systems. http://www.net-security.org/news.php?id=7090 USERS WANT SECURITY RETHINK Jericho calls for new approach to enterprise security. http://www.net-security.org/news.php?id=7091 PHISHERS TARGET MICROSOFT SECURITY INITIATIVE Phishers are taking advantage of Microsoft’s new software anti-piracy initiative by launching a wave of phishing e-mails in an attempt to get credit card numbers from Microsoft customers. http://www.net-security.org/news.php?id=7092 13 EU COUNTRIES LINK UP TO FIGHT SPAM Anti-spam enforcement authorities in 13 European countries have agreed to work together when investigating complaints about cross-border spam from anywhere within the EU. http://www.net-security.org/news.php?id=7093 HOLD THE PHONE, VOIP ISN'T SAFE In recognition of the fact that new technologies are just as valuable to wrongdoers as to those in the right, a new industry group has formed to look at the security threats inherent in voice over internet protocol. http://www.net-security.org/news.php?id=7094 EXPERTS PREDICT FIREFOX SPYWARE WILL SHOW UP THIS YEAR Spyware experts indicate that with its increased popularity, Firefox itself will become a target for spyware creators, who are already poking at the open source browser alternative. http://www.net-security.org/news.php?id=7095 SECURITY'S INSEPARABLE COUPLE The most familiar names in network security are neither vendors nor geeks: Try Alice and Bob. http://www.net-security.org/news.php?id=7096 FBI TURNS OFF UNCLASSIFIED E-MAIL SYSTEM "We use these accounts to communicate with you folks, view Internet sites, and conduct other non-sensitive bureau business, such as sending out press releases," Special Agent Steve Lazarus, the FBI's media coordinator in Atlanta, says in an e-mail describing the problem. http://www.net-security.org/news.php?id=7097 BT DEVELOPS FORMAL CAREER PLAN FOR SECURITY STAFF BT is creating formal career development programmes for more than 400 full-time IT security professionals as it gears up to create an integrated cross-company security practice. http://www.net-security.org/news.php?id=7098 BUSH BACKS BOOST FOR CYBERSECURITY President Bush's proposed budget for fiscal 2006 would spend 7 percent more on information technology security year-over-year and add cybersecurity to the stable of cross-agency lines of business. http://www.net-security.org/news.php?id=7099 IT SECURITY PUSHES FOR PROFESSIONAL STATUS (ISC)2, the global organisation dedicated to training and accrediting IT security staff, has launched an international drive to highlight the professionalism of information security. http://www.net-security.org/news.php?id=7100 SUMMIT TO TACKLE INTERNET CRIME Police and computer experts in Wales will join force for an event aimed at finding ways of tackling the growing problem of internet crime. http://www.net-security.org/news.php?id=7101 EMBEDDED PLATFORM TAKES VIRUS CONTROL ONBOARD The Advantech XP Embedded Ready Platform is a ready-to-run ePlatform preloaded with Windows XP Embedded. http://www.net-security.org/news.php?id=7102 HASHING OUT ENCRYPTION Federal agencies have been put on notice that National Institute of Standards and Technology officials plan to phase out a widely used cryptographic hash function known as SHA-1 in favor of larger and stronger hash functions such as SHA-256 and SHA-512. http://www.net-security.org/news.php?id=7103 MICROSOFT TO BUY SYBARI SOFTWARE Microsoft said Tuesday that it plans to buy Sybari Software, a New York company that makes products to protect business computer systems from Internet threats, including viruses and spam. http://www.net-security.org/news.php?id=7104 SPOOFING FLAW HITS WEB BROWSERS Security firm warns of phishing risk with Firefox, Opera and others. http://www.net-security.org/news.php?id=7105 KEEPING WIRELESS ROGUES IN CHECK After months of testing and taking budget constraints into consideration, our security manager comes up with a wireless policy. http://www.net-security.org/news.php?id=7106 USERS WANT SECURITY RETHINK Jericho calls for new approach to enterprise security. http://www.net-security.org/news.php?id=7107 MICROSOFT ANNOUNCES CRITICAL SECURITY BUGS Microsoft Corp. released eight security fixes Tuesday that carry its highest threat rating and urged computer users to install them quickly because all the vulnerabilities they address could let attackers take complete control of systems. http://www.net-security.org/news.php?id=7108 ARE YOUR SERVERS SECURE? In a word, No. No machine connected to the internet is 100% secure. http://www.net-security.org/news.php?id=7109 FEDS LOOK TO FINALIZE IT SECURITY CONTROLS NIST has issued the last draft of the new requirements. http://www.net-security.org/news.php?id=7110 NESSUS ASSESSES SYSTEM VULNERABILITIES Keeping a server or workstation updated with the latest security patches can be a daunting task. http://www.net-security.org/news.php?id=7111 ACCESS CONTROL LISTS If you've used Linux for a long time, you're probably quite familiar with file permissions. Indeed, managing permissions is a critical part of managing a Linux system. http://www.net-security.org/news.php?id=7112 WINDOWS SERVER 2003 SP1 RC2 HAS BEEN RELEASED Install Microsoft Windows Server 2003 Service Pack 1 (SP1) Release Candidate 2 (RC2) to help secure your server. http://www.net-security.org/news.php?id=7113 BIOMETRICS: THE LEGAL CHALLENGE One of the key drivers behind the push to take up biometric technologies is that governments are beginning to mandate that biometric identifiers such as facial images and fingerprints be used in official documents, including passports. http://www.net-security.org/news.php?id=7114 NICTA BEGINS WEB SERVICES SECURITY PROJECT National ICT Australia (Nicta) has announced a three-year, $2 million agreement with Microsoft for A collaborative research project into the development of technologies to improve Web security. http://www.net-security.org/news.php?id=7115 HACKERS SUED FOR TINKERING WITH XBOX GAMES In the first case of its kind, a California video game maker is suing an entire community of software tinkerers for reverse engineering and modifying Xbox games that they legally purchased. http://www.net-security.org/news.php?id=7116 THE ROOT OF MYSQL'S SECURITY EVIL? The recent worm attack that hit thousands of MySQL installations reflects a growing trend in the malware world. http://www.net-security.org/news.php?id=7117 TASK FORCE TO FOCUS ON COMMON SECURITY Officials from the Homeland Security Department and the Office of Management and Budget will lead an intra-agency task force on developing common solutions for cybersecurity. http://www.net-security.org/news.php?id=7118 IIS 6.0 SSL CERTIFICATE EXPORT AND ISA SERVER 2004 IMPORT Sometimes you want to take an SSL certificate that you already own that is installed on your web server and import it into the ISA firewall’s machine certificate store. http://www.net-security.org/news.php?id=7119 PENETRATION TESTING IPSEC VPNS This article discusses a methodology to assess the security posture of an organization's IPsec based VPN architecture. http://www.net-security.org/news.php?id=7120 SYMANTEC HIT BY LARGE-SCALE FLAW Security hole affects nearly every product Symantec sells. http://www.net-security.org/news.php?id=7121 SECURITY MANAGEMENT FOR THE LITTLER GUY Security information management (SIM) systems aren't cheap; prices generally start in the tens of thousands of dollars. http://www.net-security.org/news.php?id=7122 UNEXPECTED ATTACK VECTORS A new round of attacks and phishing attempts use some unexpected attack vectors that we should have been paying attention to, but weren't. http://www.net-security.org/news.php?id=7123 MY CAR HAS A VIRUS (AND OTHER SECURITY THREATS) IBM has identified viruses on mobile devices and IP telephony security threats as looming network security risks for 2005. Last year viruses spam and phishing attacks posed the greatest problems. http://www.net-security.org/news.php?id=7124 WHY DO PC USERS PUT UP WITH SO MANY VIRUSES? Why isn't everyone on a Mac? http://www.net-security.org/news.php?id=7126 GATEWAY TO SECURITY A VPN gateway provides three essentials for your data: authentication, confidentiality and integrity. We show you what to look for in an enterprise-class device. http://www.net-security.org/news.php?id=7127 RSA SECURITY TO OFFER BIG-COMPANY SECURITY TO SMBS RSA Security is preparing to deliver a powerful authentication solution for the long-neglected small to medium-sized business (SMB) market. http://www.net-security.org/news.php?id=7128 HP OFFERS DETECT AND CONTAIN SECURITY SOFTWARE HP has started shipping software designed to limit the spread of viruses across corporate networks and reduce the damage they cause during an attack. http://www.net-security.org/news.php?id=7129 VIRUS WARNING HITS WINDOWS MEDIA PLAYER Users urged to be careful when viewing PNG images. http://www.net-security.org/news.php?id=7130 SECURITY BEST PRACTICES FOR RED HAT AND FEDORA CORE The Center for Internet Security (CIS) is a non-profit association for the promotion of computer security. http://www.net-security.org/news.php?id=7131 LINUX DISASTER RECOVERY APP BRINGS LIGHT TO DARKENED N.Y. FIRM In an instant, all the screens went black and the steady hum from the servers' cooling fans ceased, and with each passing second their precious data was unaccounted for, Peter Dominguez faced the potential loss of money and clientele. http://www.net-security.org/news.php?id=7132 MICROSOFT'S ANTISPYWARE HIT BY A SPYWARE A Trojan has hit Microsoft's AntiSpyware (Beta), which disables it, and steals banking details login Ids and passwords. http://www.net-security.org/news.php?id=7133 SNIFFER DOG THREATENS ONLINE PRIVACY Last month the US Supreme Court effectively trashed this principle in a case that could have a profound impact on privacy rights online. http://www.net-security.org/news.php?id=7134 ---------------------------------------------------------------- [ Vulnerabilities ] All vulnerabilities are located here: http://www.net-security.org/archive_vuln.php ---------------------------------------------------------------- IBM AIX lspath Local File Access Vulnerability http://www.net-security.org/vuln.php?id=4028 Mercuryboard 1.1.1 Working SQL Injection Vulnerability http://www.net-security.org/vuln.php?id=4027 Microsoft Windows SMB Client Transaction Response Handling Vulnerability http://www.net-security.org/vuln.php?id=4026 Microsoft Office XP Remote Buffer Overflow Vulnerability http://www.net-security.org/vuln.php?id=4025 MSN Messenger PNG Image Parsing Vulnerability http://www.net-security.org/vuln.php?id=4024 IBM AIX auditselect Local Format String Vulnerability http://www.net-security.org/vuln.php?id=4023 IBM AIX chdev Local Format String Vulnerability http://www.net-security.org/vuln.php?id=4022 SafeNet SoftRemote VPN Client Clear Text Passwords Vulnerability http://www.net-security.org/vuln.php?id=4021 602LAN SUITE Web Mail Arbitrary File Upload Vulnerability http://www.net-security.org/vuln.php?id=4020 SquirrelMail S/MIME Plugin Command Injection Vulnerability http://www.net-security.org/vuln.php?id=4019 Mozilla Firefox 1.0 Multiple Vulnerabilities http://www.net-security.org/vuln.php?id=4018 Apple Safari version 1.2.4 v125.12 Input Validation Vulnerability http://www.net-security.org/vuln.php?id=4017 RaidenHTTPD 1.1.27 Directory Traversal Vulnerability http://www.net-security.org/vuln.php?id=4016 Foxmail Server Remote Buffer Overflow Vulnerability http://www.net-security.org/vuln.php?id=4015 LANChat Pro Revival 1.666c Denial of Service Vulnerability http://www.net-security.org/vuln.php?id=4014 ngIRCd v0.8.2 Format String Vulnerability http://www.net-security.org/vuln.php?id=4013 ---------------------------------------------------------------- [ Advisories ] All advisories are located at: http://www.net-security.org/archive_advi.php ---------------------------------------------------------------- SUSE Security Announcement - SUSE Security Summary Report (SUSE-SR:2005:004) http://www.net-security.org/advisory.php?id=4486 Debian Security Advisory - sympa (DSA 677-1) http://www.net-security.org/advisory.php?id=4485 Ubuntu Security Notice - iptables vulnerability (USN-81-1) http://www.net-security.org/advisory.php?id=4484 Debian Security Advisory - xpcd (DSA 676-1) http://www.net-security.org/advisory.php?id=4483 Ubuntu Security Notice - USN-80-1 (CAN-2005-0088) http://www.net-security.org/advisory.php?id=4482 Debian Security Advisory - mailman (DSA 674-2) http://www.net-security.org/advisory.php?id=4481 Mandrakelinux Security Update Advisory - MySQL (MDKSA-2005:036) http://www.net-security.org/advisory.php?id=4480 Mandrakelinux Security Update Advisory - python (MDKSA-2005:035) http://www.net-security.org/advisory.php?id=4479 Mandrakelinux Security Update Advisory - squid (MDKSA-2005:034) http://www.net-security.org/advisory.php?id=4478 Mandrakelinux Security Update Advisory - enscript (MDKSA-2005:033) http://www.net-security.org/advisory.php?id=4477 Mandrakelinux Security Update Advisory - cpio (MDKSA-2005:032) http://www.net-security.org/advisory.php?id=4476 Gentoo Linux Security Advisory - Gallery: Cross-site scripting vulnerability (GLSA 200501-45:03) http://www.net-security.org/advisory.php?id=4475 Fedora Legacy Update Advisory - Updated abiword resolves security vulnerabilities (FLSA:1906) http://www.net-security.org/advisory.php?id=4474 Fedora Legacy Update Advisory - Updated libpng resolves security vulnerabilities (FLSA:1943) http://www.net-security.org/advisory.php?id=4473 Debian Security Advisory - hztty (DSA 675-1) http://www.net-security.org/advisory.php?id=4472 HP Security Bulletin - HP-UX BIND 9.2.0 remote Denial of Service (DoS) (SSRT4861 rev.0) http://www.net-security.org/advisory.php?id=4471 Ubuntu Security Notice - postgresql vulnerabilities (USN-79-1) http://www.net-security.org/advisory.php?id=4470 SUSE Security Announcement - squid (SUSE-SA:2005:006) http://www.net-security.org/advisory.php?id=4469 Debian Security Advisory - mailman (DSA 674-1) http://www.net-security.org/advisory.php?id=4468 Debian Security Advisory - evolution (DSA 673-1) http://www.net-security.org/advisory.php?id=4467 Ubuntu Security Notice - mailman vulnerabilities (USN-78-1) http://www.net-security.org/advisory.php?id=4466 Debian Security Advisory - xview (DSA 672-1) http://www.net-security.org/advisory.php?id=4465 Gentoo Linux Security Advisory - pdftohtml: Vulnerabilities in included Xpdf (GLSA 200502-10) http://www.net-security.org/advisory.php?id=4464 US-CERT Technical Cyber Security Alert - Multiple Vulnerabilities in Microsoft Windows Components (TA05-039A) http://www.net-security.org/advisory.php?id=4463 Mandrakelinux Security Update Advisory - perl (MDKSA-2005:031) http://www.net-security.org/advisory.php?id=4462 Mandrakelinux Security Update Advisory - perl-DBI (MDKSA-2005:030) http://www.net-security.org/advisory.php?id=4461 Microsoft Security Bulletin - Re-Releases, February 2005 http://www.net-security.org/advisory.php?id=4460 Microsoft Security Bulletin - Summary for February 2005 http://www.net-security.org/advisory.php?id=4459 Gentoo Linux Security Advisory - Python: Arbitrary code execution through SimpleXMLRPCServer (GLSA 200502-09) http://www.net-security.org/advisory.php?id=4458 Debian Security Advisory - xemacs21 (DSA 671-1) http://www.net-security.org/advisory.php?id=4457 Debian Security Advisory - emacs20 (DSA 670-1) http://www.net-security.org/advisory.php?id=4456 SCO Security Advisory - UnixWare 7.1.4 : vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands (SCOSA-2005.12) http://www.net-security.org/advisory.php?id=4455 SCO Security Advisory - OpenServer 5.0.6 OpenServer 5.0.7 : enable command line buffer overflows (SCOSA-2005.13) http://www.net-security.org/advisory.php?id=4454 SCO Security Advisory - UnixWare 7.1.4 : racoon multilple security issues (SCOSA-2005.10) http://www.net-security.org/advisory.php?id=4453 SCO Security Advisory - UnixWare 7.1.3 UnixWare 7.1.1 : Vulnerabilities in long-lived TCP connections / Rose attack (SCOSA-2005.14) http://www.net-security.org/advisory.php?id=4452 SCO Security Advisory - OpenServer 5.0.6 OpenServer 5.0.7 : Vulnerabilities in long-lived TCP connections / Rose attack (SCOSA-2005.9) http://www.net-security.org/advisory.php?id=4451 Gentoo Linux Security Advisory - PostgreSQL: Local privilege escalation (GLSA 200502-08) http://www.net-security.org/advisory.php?id=4450 Ubuntu Security Notice - squid vulnerabilities (USN-77-1) http://www.net-security.org/advisory.php?id=4449 Gentoo Linux Security Advisory - OpenMotif: Multiple vulnerabilities in libXpm (GLSA 200502-07) http://www.net-security.org/advisory.php?id=4448 Debian Security Advisory - php3 (DSA 669-1) http://www.net-security.org/advisory.php?id=4447 Ubuntu Security Notice - emacs21 vulnerability (USN-76-1) http://www.net-security.org/advisory.php?id=4446 Turbolinux Security Announcement - netpbm, webmin, samba (31/Jan/2005) http://www.net-security.org/advisory.php?id=4445 Gentoo Linux Security Advisory - LessTif: Multiple vulnerabilities in libXpm (GLSA 200502-06) http://www.net-security.org/advisory.php?id=4444 ---------------------------------------------------------------- [ Articles ] All articles are located at: http://www.net-security.org/articles_main.php Articles can be contributed to articles@net-security.org ---------------------------------------------------------------- INFOSECURITY 2005 - INNOVATIVE METHOD FUELS BUSINESS OPPORTUNITIES Two weeks ago, Reed Exhibitions held the annual Infosecurity Europe press conference. During the event, hosted in the classy London Millenium Knightsbrdige Hotel, selected journalists from all over the Europe including myself, were introduced to presentations held by 20 of the leading information security companies. In the next couple of weeks, HNS will publish a couple of audio sessions based on the selected presentations. http://www.net-security.org/article.php?id=766 COMBATING THE HIDDEN DANGERS OF ADWARE Adware may remain a threat to your Web users, but by adopting proactive filtering, you can ensure that the only unwanted advertisements they see are on TV. http://www.net-security.org/article.php?id=765 ---------------------------------------------------------------- [ Software ] Windows software is located at: http://net-security.org/software_main.php?cat=1 Linux software is located at: http://net-security.org/software_main.php?cat=2 Pocket PC software is located at: http://net-security.org/software_main.php?cat=3 ---------------------------------------------------------------- CRIPPIN 2.4 (Pocket PC) Crippin was designed to protect confidential files in case a Pocket PC is lost or stolen. http://www.net-security.org/software.php?id=544 FLOPPYFW 2.0.11 (Linux) floppyfw is a router with the advanced firewall-capabilities in Linux that fits on one single floppy disc. http://www.net-security.org/software.php?id=211 KSES 0.2.2 (Linux) kses is an HTML/XHTML filter written in PHP. http://www.net-security.org/software.php?id=496 MIMEDEFANG 2.51 (Linux) MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. http://www.net-security.org/software.php?id=214 NMAP 3.81 (Linux) Nmap ("Network Mapper") is an open source utility for network exploration or security auditing. http://www.net-security.org/software.php?id=1 REVELATION 0.4.0 (Linux) Revelation is a password manager for the GNOME 2 desktop. http://www.net-security.org/software.php?id=293 SAMHAIN 2.0.4 (Linux) Samhain is an open source file integrity and host-based intrusion detection system. http://www.net-security.org/software.php?id=125 SNORT ALERT MONITOR 20050206 (Linux) SAM is a real-time Snort alert monitor. http://www.net-security.org/software.php?id=248 VUURMUUR 0.5.61 (Linux) Vuurmuur is a middle-end/front-end for netfilter/iptables. http://www.net-security.org/software.php?id=591 WINSCP 3.7.3 (Windows) WinSCP is an open source SSH file transfer protocol and secure copy client for Windows using SSH. http://www.net-security.org/software.php?id=6 YASSL 0.9.5 (Linux) yaSSL is an SSL Library for programmers building security functionality into their applications and devices. http://www.net-security.org/software.php?id=521 ---------------------------------------------------------------- [ Webcasts ] All webcasts are located at: http://net-security.org/webcasts.php ---------------------------------------------------------------- The Basics of WLAN Security Organized by Funk Software on 15 February 2005, 1:00 PM http://www.net-security.org/webcast.php?id=275 Eliminating Overlooked System and Storage Management Vulnerabilities Organized by Symantec on 17 February 2005, 9:00 AM http://www.net-security.org/webcast.php?id=356 Where Privacy Policies Fail: Addressing HIPAA Compliance with Secure Messaging Technology Organized by ZixCorp on 23 February 2005, 10:00 AM http://www.net-security.org/webcast.php?id=354 Make Regulatory Compliance Pay with Enterprise Provisioning - 7 steps to reducing the costs of ongoing compliance Organized by RSA Security on 24 February 2005, 11:00 AM http://www.net-security.org/webcast.php?id=358 ---------------------------------------------------------------- [ Conferences ] All conferences are located at: http://net-security.org/conferences.php ---------------------------------------------------------------- Winter 2005 Biometrics Summit Organized by Advanced Learning Institute - 23 February-25 February 2005 http://www.net-security.org/conference.php?id=129 Fast Software Encryption 2005 Organized by European Network of Excellence - 24 February-25 February 2005 http://www.net-security.org/conference.php?id=109 Financial Cryptography and Security (FC 05) Ninth International Conference Organized by RSA Security - 28 February-3 March 2005 http://www.net-security.org/conference.php?id=110 International Workshop on Coding and Cryptography (WCC 2005) Organized by Selmersenteret, INRIA - 14 March-18 March 2005 http://www.net-security.org/conference.php?id=111 Third IEEE International Information Assurance Workshop (IWIA'05) Organized by IEEE Computer Society Task Force on Information Assurance - 24 March-25 March 2005 http://www.net-security.org/conference.php?id=112 ECCE E-crime and Computer Evidence 2005 Organized by n-gate ltd. - 29 March-30 March 2005 http://www.net-security.org/conference.php?id=94 Indonesia Cryptology and Information Security Conference 2005 Organized by Lembaga Sandi Negara RI - 30 March-31 March 2005 http://www.net-security.org/conference.php?id=113 The 1st International Workshop on Systems and Network Security (SNS2005) Organized by University of Colorado at Colorado Springs - 4 April-8 April 2005 http://www.net-security.org/conference.php?id=114 Infosec World 2005 Organized by MIS Training Institute - 4 April-6 April 2005 http://www.net-security.org/conference.php?id=128 4th Annual PKI R&D Workshop (PKI'05) Organized by National Institute of Standards and Technology - 19 April-21 April 2005 http://www.net-security.org/conference.php?id=115 Infosecurity Europe 2005 Organized by Reed Exhibitions - 26 April-28 April 2005 http://www.net-security.org/conference.php?id=126 DallasCon 2005 Professional Cyber Defense Conference Organized by DallasCon - 2 May-5 May 2005 http://www.net-security.org/conference.php?id=127 The International Conference on Computational Science & Its Applications (ICCSA 05) Organized by Institute of High Performance Computing - 9 May-12 May 2005 http://www.net-security.org/conference.php?id=116 The 18th International FLAIRS Conference Organized by The American Association of Artificial Intelligence - 16 May-18 May 2005 http://www.net-security.org/conference.php?id=117 Second European PKI Workshop Organized by University of Salford - 30 June-1 July 2005 http://www.net-security.org/conference.php?id=118 ---------------------------------------------------------------- [ Security World ] All press releases are located at: http://www.net-security.org/press_main.php Send your press releases to press@net-security.org ---------------------------------------------------------------- ING Group in Milan, Italy Selects MDI for Integrated Security Management Software and Hardware Solution http://www.net-security.org/press.php?id=2918 Datamation Recognizes NFR Security’s Sentivist Intrusion Prevention Solution as its Enterprise Security “Product of the Year” http://www.net-security.org/press.php?id=2917 Email Systems Appoints Neil Burgess As CTO http://www.net-security.org/press.php?id=2916 Sophos Joins Cisco Network Admission Control (NAC) Program http://www.net-security.org/press.php?id=2915 CipherTrust Appoints New EMEA Management To Extend Messaging Security Leadership Across Europe http://www.net-security.org/press.php?id=2914 Taxis Hailed A Black Hole as Confidential Data Gets Taken For a Ride http://www.net-security.org/press.php?id=2913 Fortinet Unveils New Secure Messaging Platform and Antispam Service http://www.net-security.org/press.php?id=2912 Skybox Security Announces David F. Batista as President and Chief Executive Officer (CEO) http://www.net-security.org/press.php?id=2911 Tablus Acquires Indigo Security http://www.net-security.org/press.php?id=2910 O'Reilly Releases "Linux Server Security" http://www.net-security.org/press.php?id=2909 Living Byte Introduces New Security Software Splitsafe at RSA Conference in San Francisco http://www.net-security.org/press.php?id=2908 Pointsec Partners With i-mate to Offer Secure Mobile Devices http://www.net-security.org/press.php?id=2907 Core Security Technologies Announces Vulnerability in Microsoft’s MSN Messenger http://www.net-security.org/press.php?id=2906 VoIP Leaders Form Alliance for VoIP Security Research and Testing, TippingPoint Facilitates Formation http://www.net-security.org/press.php?id=2905 Stalker Software and Kaspersky Lab Partner to Provide CommuniGate Pro Users a Sophisticated Comprehensive Anti-Virus Solution http://www.net-security.org/press.php?id=2904 Eracom Technologies' ProtectDrive Delivers Full Disk Encryption Tailored for use with Axalto Cyberflex Smart Cards http://www.net-security.org/press.php?id=2903 Innovative Business and Technology Advisors Robert Frances Group Announces The Second Annual Thought Leadership Summit Series, "Reducing Risk, Restoring Trust: A Leadership Role for IT" http://www.net-security.org/press.php?id=2902 Webmail.us Experiences Significant Growth in the Fourth Quarter Of 2004 http://www.net-security.org/press.php?id=2901 FrontBridge Defines Vision for Messaging Services with Total Message Management http://www.net-security.org/press.php?id=2900 NFR Security Launches VoIP Protection Package for Sentivist Intrusion Prevention Solution http://www.net-security.org/press.php?id=2899 Sophos Grows At More Than Twice Market Rate With 36% Increase In Turnover http://www.net-security.org/press.php?id=2898 ---------------------------------------------------------------- [ Virus News ] All virus news are located at: http://www.net-security.org/viruses.php ---------------------------------------------------------------- Weekly Report on Viruses and Intruders - Four vulnerabilities and Mydoom.AK http://www.net-security.org/virus_news.php?id=526 Sophos Detects First Trojan Attacking Microsoft Anti-Spyware Product http://www.net-security.org/virus_news.php?id=525 ---------------------------------------------------------------- Questions, contributions, comments or ideas go to: Help Net Security staff staff@net-security.org http://net-security.org ---------------------- Unsubscribe from this weekly digest on: http://www.net-security.org/subscribe.php The archive of the newsletter in TXT and PDF format is available http://www.net-security.org/newsletter_archive.php ---------------------------------------------------------------- INFOSEC WORLD 2005 IS WHERE CONNECTIONS ARE MADE! ---------------------------------------------------------------- Expand your knowledge with the hottest topics and get real-world strategies and tested techniques for meeting your toughest information security challenges. http://www.misti.com/12/os05ba8.html ----------------------------------------------------------------