HNS Newsletter
Issue 255 - 07.03.2005.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It
covers weekly roundups of security events that were in the
news the past week.


----------------------------------------------------------------
INFOSEC WORLD 2005 IS WHERE CONNECTIONS ARE MADE!
----------------------------------------------------------------
Expand your knowledge with the hottest topics and get real-world 
strategies and tested techniques for meeting your toughest 
information security challenges.

http://www.misti.com/12/os05ba8.html
----------------------------------------------------------------


Table of contents:

1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Software
6) Webcasts
7) Conferences
8) Security World
9) Virus News


[ Security news ]


----------------------------------------------------------------

UNDERSTANDING THE ISA 2004 ACCESS RULE PROCESSING
This article explores how ISA Server 2004 process the different rule
lists and how a particular rule is chosen to validate a particular
outgoing request.
http://www.net-security.org/news.php?id=7244


LOKI PUTS DONATIONS TOWARD $1M MPAA PAYOFF
Give the MPAA credit for a huge win against P2P file-trading
technology. A recent settlement has exposed the scaly underbelly of
some P2P site operators. In particular, the MPAA has outed Edward
Webber - the owner of BitTorrent hub LokiTorrent.
http://www.net-security.org/news.php?id=7245


MOZILLA WARNS OF SECURITY HOLES, PATCHES FIREFOX
Several security vulnerabilities in Firefox and the Mozilla Suite of
Internet software put users of the open-source products at risk of
hacker attacks, the Mozilla Foundation warned Thursday.
http://www.net-security.org/news.php?id=7246


THE COST OF ANTI-PIRACY
Mobile makers will have to pay a pretty penny for open-standard,
anti-piracy technology.
http://www.net-security.org/news.php?id=7247


STRONG AUTHENTICATION
In this video Mr. Andrew Nash, Director of Technology, Office of the
CTO, RSA Security, talks about strong authentication and how identity
has become an increasing concern.
http://www.net-security.org/news.php?id=7248


EBAY PROVIDES A BACKDOOR FOR PHISHERS
Phishers are exploiting a redirection script on eBay's site to make
fraudulent emails look more convincing.
http://www.net-security.org/news.php?id=7249


MCAFEE WORKS WIFI SECURITY
Security software vendor McAfee has unveiled a free online tool for
scanning wireless networks.
http://www.net-security.org/news.php?id=7250


DO WE NEED A NEW SPIM LAW?
Existing statutes may not be enough to crack down on Instant
Messaging spammers.
http://www.net-security.org/news.php?id=7251


CAUGHT A VIRUS?
It can be hard to tell if your PC is infected. Here's what to do if
you suspect the worst.
http://www.net-security.org/news.php?id=7252


SECURITY+ ADDED AS MCSA/MCSE EXAM OPTIONS
David Lowe, product manager for security with Microsoft's Training
and Certification group, confirmed in a phone conversation that
CompTIA's Security+ exam can now be used to satisfy the elective
portion of the MCSA and MCSE on Windows 2000 tracks.
http://www.net-security.org/news.php?id=7253


PHISHERS CHIP AWAY AT WEB SECURITY
13,000 new scam emails reported in January alone.
http://www.net-security.org/news.php?id=7254


HOW SECURE IS YOUR COMPUTER?
Honeypot experiment shows unprotected Windows SP 1 at risk.
http://www.net-security.org/news.php?id=7255


BIOMETRIC SECURITY IN THE PALM OF YOUR HAND
Fujitsu is launching what it claims will be the world's first
biometric palm scanner, checking veins in the human hand to verify
someone's identity.
http://www.net-security.org/news.php?id=7256


MS SECURITY IS A CONFLICT OF INTEREST, SAYS GARTNER
Gartner has criticised Microsoft's plans to develop anti-virus and
anti-spam add-ons for its software products.
http://www.net-security.org/news.php?id=7257


FIREWALLS' FALSE SENSE OF SECURITY
The Internet front door to almost every bank and financial services
company in the world is guarded by two sets of firewalls defining a
DMZ.
http://www.net-security.org/news.php?id=7258


TWO SIDES OF VULNERABILITY SCANNING
There are two approaches to network vulnerability scanning, active
and passive.
http://www.net-security.org/news.php?id=7259


INTERVIEW: GOOGLE HACK HONEYPOT PROJECT
Orange Crate is pleased to announce an interview with Greg Smith and
Ryan McGeehan, project leaders for the Google Hack Honeypot Project,
an interesting project aimed at indentifying the attack vectors used
through search engine hacking.
http://www.net-security.org/news.php?id=7260


OPERA BEEFS UP BROWSER TO THWART PHISHERS
Opera is trying to close the net on phishers with the release last
Friday (February 25) of a second beta of its forthcoming Opera 8
browser.
http://www.net-security.org/news.php?id=7261


SEND-SAFE SPAM TOOL GANG EVICTED BY MCI
US telco MCI Worldcom has caved in to mounting pressure and booted a
site that sells spamming software off its network.
http://www.net-security.org/news.php?id=7262


THE NETWORK POLTERGEIST
The IT industry isnŐt as boring and technically obsessed as many
outsiders believe. Viruses and malicious hacker threats in particular
have been increasingly sensationalised in the popular press, squeezing
the issues gradually into the public consciousness.
http://www.net-security.org/news.php?id=7263


SECURITY THROUGH LAYERS
Wireless networks are inherently insecure, but the more layers of
security they have, the less likely they are to be attacked, said
Mischel Kwon, wireless security officer for the Justice Department's
Management Division.
http://www.net-security.org/news.php?id=7264


MOBILE SPAM VOLUME DOUBLES
"In addition to being irked by charges for incoming unsolicited text
messages, consumers will protest at any perceived invasion of their
privacy and will assume that their carrier allowed their personal
information to get to spammers," said Rich Begert, president and
chief executive at Wireless Services Corporation.
http://www.net-security.org/news.php?id=7265


INSECURE INDEXING RISK DISSECTED
It's embarrassing when future PR items, upcoming security advisories
or boilerplates for obituaries that are not meant to be visible to
external users drift into the public domain.
http://www.net-security.org/news.php?id=7266


REALISTIC SELINUX
SElinux is an impressively designed but notoriously hard-to-configure
set of kernel hooks that enforce Orange Book-style security on Linux.
http://www.net-security.org/news.php?id=7267


FIREWALL WARNS DEALERS OF PHYSICAL SECURITY THREAT
Specialist distributor, Firewall Systems, is warning resellers to
start thinking of security as a managed service or risk losing market
share to physical security providers.
http://www.net-security.org/news.php?id=7268


WIRELESS STRUGGLES WITH SECURITY
Agency officials in charge of setting policies for wireless use and
related technologies such as radio frequency identification (RFID)
still have a difficult job.
http://www.net-security.org/news.php?id=7269


ISA SERVER 2004 SERVICE PACK 1 RELEASED
Service Pack 1 for the new ISA firewall was released this week. Check
out this article for some details on what its got and my installation
experience.
http://www.net-security.org/news.php?id=7270


SYMANTEC GRANTED PATENT FOR SECURITY TECH
By establishing a mechanism that enables researchers to write simple
detection scripts to allow for complex scanning and emulation of
executable files, complex threats -- such as self-mutating viruses,
worms and spyware -- can be detected more easily.
http://www.net-security.org/news.php?id=7271


BIOMETRIC PEN PROTECTS AGAINST LAPTOP FRAUD
Secure Signature Systems' Biometric Pen is a pen-based biometric
system designed to provide a secure method of access to a computer
through signature recognition and verification.
http://www.net-security.org/news.php?id=7272


WIRELESS FIRMS JUMP ON SENATE WI-FI
Commercial cellular carriers activated service this week for the U.S.
Senate across a secure wireless network that has been months in
planning.
http://www.net-security.org/news.php?id=7273


CALIFORNIA'S PIONEERING IDENTITY THEFT LAWS AREN'T ENOUGH
Law enforcement officials attending the state's first summit on
identity theft asked Monday for more money to combat the crime in
California, the only state believed to have more than 1 million
victims last year.
http://www.net-security.org/news.php?id=7274


BITDEFENDER BUG BITES GFI
GFI's Mail Security anti-virus product threw a wobbler Wednesday
afternoon (2 March) when an update to BitDefender Engine Module
caused it to delete the body content of every incoming and outgoing
message.
http://www.net-security.org/news.php?id=7275


REALPLAYER USERS ADVISED TO PATCH SECURITY BUGS
Vulnerabilities involving .wav and .smil file formats allow buffer
overflow exploits.
http://www.net-security.org/news.php?id=7276


THE (PRACTICALLY) ULTIMATE OPENSSH/KEYCHAIN HOWTO
All right, so maybe this isn't quite the ultimate. But this howto
will show you the fundamental ways to use OpenSSH.
http://www.net-security.org/news.php?id=7277


SECURITY THROUGH THE DEVELOPMENT CYCLE
Information security is an ever-evolving process.
http://www.net-security.org/news.php?id=7278


DOES THE PRESS MAKE TOO MUCH OF SECURITY WARNINGS?
What sometimes seems like an avalanche of new threats may be more
useful to security software vendors than it is to their customers.
http://www.net-security.org/news.php?id=7279


CORE FREEZES RUNTIME AT LOCK DOWN TO SECURE DEVICES
Solidcore Embedded Solution is software that controls runtime by
freezing the open source code on devices, enabling manufacturers to
stop the code from being tampered with during production or in the
field by unauthorized users.
http://www.net-security.org/news.php?id=7280


LINUX SECURITY ROUGH AROUND THE EDGES, BUT IMPROVING
SELinux from the NSA offers more security tools but also more
complexity, which will likely slow its adoption.
http://www.net-security.org/news.php?id=7281


CISSP AMONG HIGHEST PAYING CERTIFICATIONS
Security skills rose 1.1% between 2003 and 2004.
http://www.net-security.org/news.php?id=7282


FEARS GROW FOR MOBILE SECURITY
Mobile devices are the 'new frontier' for viruses, warns report.
http://www.net-security.org/news.php?id=7283


MICROSOFT RESEARCHERS TARGET WORMS, BUFFER OVERRUNS
Researchers at Microsoft showed off some forward-looking technologies
on Wednesday, including new ways to protect systems against Internet
worms, prevent hacker attacks and measure available bandwidth on home
networks.
http://www.net-security.org/news.php?id=7284


NO MICROSOFT SECURITY BULLETINS PLANNED FOR MARCH?
After releasing 12 security bulletins in February, Microsoft has zero
new security bulletins on tap for March.
http://www.net-security.org/news.php?id=7285


ANTI-VIRUS EXPERT CLAIMS SPYWARE DOES NOT EXIST
Reports of spyware's life have been greatly exaggerated, according to
anti-virus expert Eugene Kaspersky.
http://www.net-security.org/news.php?id=7286


DOMAIN OWNERS LOSE PRIVACY
The U.S. Commerce Department has ordered companies that administer
internet addresses to stop allowing customers to register .us domain
names anonymously using proxy services.
http://www.net-security.org/news.php?id=7287


SECURITY FEARS FAIL TO HOLD BACK WI-FI
Wireless Lans to triple in five years, reports analyst.
http://www.net-security.org/news.php?id=7288


SPAMMERS ADOPT SLIPPERY TACTICS TO BYPASS ISP DEFENCES
Spam levels are rising even though the percentage of junk mail spewed
out from compromised PCs directly is on the slide.
http://www.net-security.org/news.php?id=7289

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

GFI L.N.S.S 5.0 Insecure Credential Storage Vulnerability
http://www.net-security.org/vuln.php?id=4052


UNIX unzip Malicious ZIP File Creation Vulnerability
http://www.net-security.org/vuln.php?id=4051


PostNuke 0.760-RC2 search() SQL Injection Vulnerability
http://www.net-security.org/vuln.php?id=4050


PostNuke 0.760-RC2 getArticles() SQL Injection Vulnerability
http://www.net-security.org/vuln.php?id=4049


PostNuke 0.760-RC2 Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=4048


Mozilla Firefox and Mozilla Browser Out Of Memory Heap Corruption
Design
http://www.net-security.org/vuln.php?id=4047


KPPP Privileged File Descriptor Leak Vulnerability
http://www.net-security.org/vuln.php?id=4046

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

SUSE Security Announcement - SUSE Security Summary Report
(SUSE-SR:2005:007)
http://www.net-security.org/advisory.php?id=4588


Gentoo Linux Security Advisory - OpenMotif, LessTif: New libXpm
buffer overflows (GLSA 200503-08)
http://www.net-security.org/advisory.php?id=4587


Gentoo Linux Security Advisory - phpMyAdmin: Multiple vulnerabilities
(GLSA 200503-07)
http://www.net-security.org/advisory.php?id=4586


Gentoo Linux Security Advisory - BidWatcher: Format string
vulnerability (GLSA 200503-06)
http://www.net-security.org/advisory.php?id=4585


Conectiva Linux Security Announcement - Fix for denial of service in
clamav (clamav)
http://www.net-security.org/advisory.php?id=4584


SUSE Security Announcement - cyrus-sasl,cyrus-sasl2
(cyrus-sasl,cyrus-sasl2)
http://www.net-security.org/advisory.php?id=4583


Ubuntu Security Notice - imagemagick vulnerability (USN-90-1	)
http://www.net-security.org/advisory.php?id=4582


Gentoo Linux Security Advisory - xli, xloadimage: Multiple
vulnerabilities (GLSA 200503-05)
http://www.net-security.org/advisory.php?id=4581


Conectiva Linux Security Announcement - mod_python (CLA-2005:926)
http://www.net-security.org/advisory.php?id=4580


Fedora Legacy Update Advisory - Updated CUPS packages fix security
vulnerabilities (FLSA:2127)
http://www.net-security.org/advisory.php?id=4579


Fedora Legacy Update Advisory - Updated XFree86 resolves security
vulnerabilities (FLSA:2314)
http://www.net-security.org/advisory.php?id=4578


Gentoo Linux Security Advisory - phpWebSite: Arbitrary PHP execution
and path disclosure (GLSA 200503-04)
http://www.net-security.org/advisory.php?id=4577


Gentoo Linux Security Advisory - Gaim: Multiple Denial of Service
issues (GLSA 200503-03)
http://www.net-security.org/advisory.php?id=4576


Gentoo Linux Security Advisory - phpBB: Multiple vulnerabilities
(GLSA 200503-02)
http://www.net-security.org/advisory.php?id=4575


Gentoo Linux Security Advisory - Qt: Untrusted library search path
(GLSA 200503-01)
http://www.net-security.org/advisory.php?id=4574


SCO Security Advisory - OpenServer 5.0.6 OpenServer 5.0.7 : A
vulnerability in TCP (SCOSA-2005.3)
http://www.net-security.org/advisory.php?id=4573


SUSE Security Announcement - imap (SUSE-SA:2005:012)
http://www.net-security.org/advisory.php?id=4572


Gentoo Linux Security Advisory - MediaWiki: Multiple vulnerabilities
(GLSA 200502-33)
http://www.net-security.org/advisory.php?id=4571


Gentoo Linux Security Advisory - UnAce: Buffer overflow and directory
traversal vulnerabilities (GLSA 200502-32)
http://www.net-security.org/advisory.php?id=4570


Gentoo Linux Security Advisory - uim: Privilege escalation
vulnerability (GLSA 200502-31)
http://www.net-security.org/advisory.php?id=4569


Ubuntu Security Notice - libxml vulnerabilities (USN-89-1)
http://www.net-security.org/advisory.php?id=4568


SUSE Security Announcement - curl (SUSE-SA:2005:011)
http://www.net-security.org/advisory.php?id=4567


Ubuntu Security Notice - reportbug information disclosure (USN-88-1)
http://www.net-security.org/advisory.php?id=4566


Ubuntu Security Notice - cyrus21-imapd vulnerability (USN-87-1)
http://www.net-security.org/advisory.php?id=4565


Ubuntu Security Notice - curl vulnerability (USN-86-1)
http://www.net-security.org/advisory.php?id=4564


Turbolinux Security Announcement - kernel (28/Feb/2005)
http://www.net-security.org/advisory.php?id=4563

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org


----------------------------------------------------------------

THE NETWORK POLTERGEIST
The IT industry isnŐt as boring and technically obsessed as many
outsiders believe. Viruses and malicious hacker threats in particular
have been increasingly sensationalised in the popular press, squeezing
the issues gradually into the public consciousness.
http://www.net-security.org/article.php?id=772


STRONG AUTHENTICATION
In this video Mr. Andrew Nash, Director of Technology, Office of the
CTO, RSA Security, talks about strong authentication and how identity
has become an increasing concern.
http://www.net-security.org/article.php?id=771

----------------------------------------------------------------




[ Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2

Pocket PC software is located at:
http://net-security.org/software_main.php?cat=3


----------------------------------------------------------------

BOTAN 1.4.5 (Linux)
Botan aims to be a portable, easy to use, and efficient C++ crypto
library.
http://www.net-security.org/software.php?id=94


CRYPTOCRAT 2005 4.52 (Windows)
This is a program for encrypting files with using strong Blowfish
algorithm.
http://www.net-security.org/software.php?id=28


CRYPTOUP 2.4.1.1 (Windows)
CryptoUP is a encryption/decryption tool with several features in
encryption methods.
http://www.net-security.org/software.php?id=27


DESKTOP LOCK 6.1 (Windows)
This program can lock you system (desktop, keyboard, mouse, etc.) to
prevent others from accessing your system.
http://www.net-security.org/software.php?id=49


GFI NETWORK SERVER MONITOR 6 (Windows)
Monitors your network & servers for failures and fixes them
automatically.
http://www.net-security.org/software.php?id=555


INFO KEEP 1.6 (Windows)
Info Keep is a password management utility designed with security and
ease of use in mind.
http://www.net-security.org/software.php?id=45


JPCAP 0.01.16 (Linux)
jpcap is a network packet capture library for applications written in
Java.
http://www.net-security.org/software.php?id=33


LIDS 1.2.2-2.4.28 (Linux)
LIDS is a kernel patch and admin tool to enhance the linux kernel
security.
http://www.net-security.org/software.php?id=34


MAILSCANNER 4.39.5 (Linux)
MailScanner is a virus scanner for e-mail designed for use on e-mail
gateways.
http://www.net-security.org/software.php?id=144


METALOG 0.8 RC1 (Linux)
Metalog is a modern replacement for syslogd and klogd.
http://www.net-security.org/software.php?id=54


NMAP PARSER 0.79 (Linux)
An nmap parser for xml scan data using PERL.
http://www.net-security.org/software.php?id=532


NUFW 1.0 RC2 (Linux)
NuFW is an "authenticating gateway". This means it requires
authentication for any connections to be forwarded through the
gateway.
http://www.net-security.org/software.php?id=526


PASSWORD DOOR 7.0 (Windows)
Use this program to add password protection to any existing software.
http://www.net-security.org/software.php?id=50


SAMHAIN 2.0.5 (Linux)
Samhain is an open source file integrity and host-based intrusion
detection system.
http://www.net-security.org/software.php?id=125


SCANLOGD 2.2.5 (Linux)
Scanlogd is a TCP port scan detection tool, originally designed to
illustrate various attacks an IDS developer has to deal with.
http://www.net-security.org/software.php?id=3


SECURESERV 1.3 (Linux)
SecureServ is a advanced IRC trojan detector, much like a virus
scanner, but aimed for IRC networks.
http://www.net-security.org/software.php?id=492


SPYLOCK 4.00 (Windows)
SpyLock Professional is a secure desktop lockdown system that allows
you to quickly and securely lock your PC down while you are away.
http://www.net-security.org/software.php?id=30


STUNNEL 4.08 (Linux)
Stunnel is a program that allows you to encrypt arbitrary TCP
connections inside SSL (Secure Sockets Layer).
http://www.net-security.org/software.php?id=271


TRACEPROTO 1.1.1 (Linux)
Traceproto is a traceroute replacement written in c that allows the
user to specify the protocol and port to trace to.
http://www.net-security.org/software.php?id=196


VISUALROUTE 2005 9.2 (Windows)
VisualRoute delivers the functionality of key Internet "ping,"
"whois," and "traceroute" tools, in a high-speed visually integrated
package.
http://www.net-security.org/software.php?id=2


VUURMUUR 0.5.62 (Linux)
Vuurmuur is a middle-end/front-end for netfilter/iptables.
http://www.net-security.org/software.php?id=591


WIFISCANNER 0.9.6 (Linux)
WifiScanner is an analyzer and detector of 802.11b stations and
access points.
http://www.net-security.org/software.php?id=381


YASSL 0.9.6 (Linux)
yaSSL is an SSL Library for programmers building security
functionality into their applications and devices.
http://www.net-security.org/software.php?id=521

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at:
http://net-security.org/webcasts.php


----------------------------------------------------------------

Vulnerability Expert Forum US
Organized by eEye on 9 March 2005, 1:00 PM
http://www.net-security.org/webcast.php?id=277


Building security into software -- pragmatic principles for secure
application development
Organized by Symantec on 10 March 2005, 9:00 AM
http://www.net-security.org/webcast.php?id=363


What Managers Should Know About Web Application Security
Organized by Kavado on 10 March 2005, 1:00 PM
http://www.net-security.org/webcast.php?id=364


Vulnerability Expert Forum Europe
Organized by eEye on 10 March 2005, 3:30 PM
http://www.net-security.org/webcast.php?id=258


Live Product Demonstration: SecureIIS Web Server Protection
Organized by eEye on 11 March 2005, 2:00 PM
http://www.net-security.org/webcast.php?id=362

----------------------------------------------------------------




[ Conferences ]


All conferences are located at:
http://net-security.org/conferences.php


----------------------------------------------------------------

International Workshop on Coding and Cryptography (WCC 2005)
Organized by Selmersenteret, INRIA - 14 March-18 March 2005
http://www.net-security.org/conference.php?id=111


Third IEEE International Information Assurance Workshop (IWIA'05)
Organized by IEEE Computer Society Task Force on Information
Assurance - 24 March-25 March 2005
http://www.net-security.org/conference.php?id=112


Black Hat Briefings & Training Europe 2005
Organized by Black Hat Briefings - 26 March-1 April 2005
http://www.net-security.org/conference.php?id=130


ECCE E-crime and Computer Evidence 2005
Organized by n-gate ltd. - 29 March-30 March 2005
http://www.net-security.org/conference.php?id=94


Indonesia Cryptology and Information Security Conference 2005
Organized by Lembaga Sandi Negara RI - 30 March-31 March 2005
http://www.net-security.org/conference.php?id=113


The 1st International Workshop on Systems and Network Security
(SNS2005)
Organized by University of Colorado at Colorado Springs - 4 April-8
April 2005
http://www.net-security.org/conference.php?id=114


Infosec World 2005
Organized by MIS Training Institute - 4 April-6 April 2005
http://www.net-security.org/conference.php?id=128


Black Hat Briefings & Training Asia 2005
Organized by Black Hat Briefings - 5 April-8 April 2005
http://www.net-security.org/conference.php?id=131


OWASP AppSec Europe 2005 Conference
Organized by OWASP - 9 April-10 August 2005
http://www.net-security.org/conference.php?id=132


4th Annual PKI R&D Workshop (PKI'05)
Organized by National Institute of Standards and Technology - 19
April-21 April 2005
http://www.net-security.org/conference.php?id=115


Infosecurity Europe 2005
Organized by Reed Exhibitions - 26 April-28 April 2005
http://www.net-security.org/conference.php?id=126


DallasCon 2005 Professional Cyber Defense Conference
Organized by DallasCon - 2 May-5 May 2005
http://www.net-security.org/conference.php?id=127


The International Conference on Computational Science & Its
Applications (ICCSA 05)
Organized by Institute of High Performance Computing - 9 May-12 May
2005
http://www.net-security.org/conference.php?id=116


The 18th International FLAIRS Conference
Organized by The American Association of Artificial Intelligence - 16
May-18 May 2005
http://www.net-security.org/conference.php?id=117


Second European PKI Workshop
Organized by University of Salford - 30 June-1 July 2005
http://www.net-security.org/conference.php?id=118

----------------------------------------------------------------




[ Security World ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org


----------------------------------------------------------------

VigilantMinds Chosen by K. Hovnanian for Managed Security Services
http://www.net-security.org/press.php?id=2988


Unified Threat Management with PacketAlarm UTM
http://www.net-security.org/press.php?id=2987


Why Network Security is Not Enough:   Kavado and Security Innovation
to Co-Host Free Webcast
http://www.net-security.org/press.php?id=2986


Panda Software reports the appearance of Searchmeup, the first
adware to exploit the Exploit/LoadImage vulnerability
http://www.net-security.org/press.php?id=2985


Panda Software reports the appearance of Searchmeup, the first
adware to exploit the Exploit/LoadImage vulnerability
http://www.net-security.org/press.php?id=2984


(ISC)2 Expands Annual Information Security Resource Guide To Include
The Americas
http://www.net-security.org/press.php?id=2983


Web Industry Recognizes The Need for Identity Assurance:    Opera's
latest Beta version Differentiates Between High and Low Assurance SSL
Providers
http://www.net-security.org/press.php?id=2982


New Traffic Shaping Technology Enhances MessageLabsŐ Anti-Spam
Infrastructure
http://www.net-security.org/press.php?id=2981


Blue Coat To Present At Upcoming Investor Conferences
http://www.net-security.org/press.php?id=2980


New Study By The Aberdeen Group Identifies The Missing Control Link
http://www.net-security.org/press.php?id=2979


Porn Plummets as Spammers Look To Dating Services & Financial Scams
in February
http://www.net-security.org/press.php?id=2978


Pekka Kuusela appointed as VP of Sales and Marketing at F-Secure
http://www.net-security.org/press.php?id=2977


Bizanga Utilizes Cloudmark Technology to Deliver the Most Scalable
and Top-Performing Email Security Appliance for the Global Market
http://www.net-security.org/press.php?id=2976


Trapeze Networks Reaches Market Milestones, Announces Further EMEA
Expansion
http://www.net-security.org/press.php?id=2975


FierceVoIP Winner Edgewater Set to Make Mark in Europe
http://www.net-security.org/press.php?id=2974

----------------------------------------------------------------




[ Virus News ]


All virus news are located at:
http://www.net-security.org/viruses.php


----------------------------------------------------------------

New Bagle Trojan Horse Widely Distributed
http://www.net-security.org/virus_news.php?id=533


Top 10 Viruses Most Frequently Detected by Panda ActiveScan in
February 2005
http://www.net-security.org/virus_news.php?id=532


Kaspersky Labs Top 20 Viruses for February 2005
http://www.net-security.org/virus_news.php?id=531


Top 10 Viruses And Hoaxes Reported To Sophos In February 2005
http://www.net-security.org/virus_news.php?id=530


Student Fined For Spying On Woman With Webcam Trojan
http://www.net-security.org/virus_news.php?id=529

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:

Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
INFOSEC WORLD 2005 IS WHERE CONNECTIONS ARE MADE!
----------------------------------------------------------------
Expand your knowledge with the hottest topics and get real-world 
strategies and tested techniques for meeting your toughest 
information security challenges.

http://www.misti.com/12/os05ba8.html
----------------------------------------------------------------