HNS Newsletter Issue 256 - 14.03.2005. http://net-security.org This is a newsletter delivered to you by Help Net Security. It covers weekly roundups of security events that were in the news the past week. ---------------------------------------------------------------- Make plans now to attend Black Hat Briefings & Training Europe, March 29-April 1 in Amsterdam, the world's premier technical security event. Featuring 30 speakers in four tracks, 10 training sessions, with 250 delegates from 20 nations attending. Learn about the technical security market drivers in the European market. You can download an electronic brochure at our site, which will provide you with a 100 Euros discount. ---------------------------------------------------------------- Visit http://www.net-security.org/v/BH05.pdf ---------------------------------------------------------------- Table of contents: 1) Security news 2) Vulnerabilities 3) Advisories 4) Articles 5) Software 6) Webcasts 7) Conferences 8) Security World 9) Virus News [ Security news ] ---------------------------------------------------------------- HACKER HELPS B-SCHOOL APPLICANTS A computer hacker gained access to internal admissions records at Harvard, Stanford and other top business schools, then helped applicants log on and learn their fate weeks ahead of schedule, officials said Thursday. http://www.net-security.org/news.php?id=7290 RFID INVADES THE CAPITAL In May, Homeland Security employees will begin using an RFID-equipped ID card. Some say the device will create thousands of new opportunities for hackers and snoops. http://www.net-security.org/news.php?id=7291 DAMPIG TROJAN MENACES SYMBIAN MOBILES Virus writers have created a new Trojan capable of infecting Symbian Series 60 smartphones. http://www.net-security.org/news.php?id=7292 POLICING THE VIRUS WRITERS: GOOD NEWS? More suspects are being caught, but that doesn't mean you can expect to see fewer viruses. http://www.net-security.org/news.php?id=7293 MORE SECURE LINUX STILL NEEDS TO WIN USERS NSA put its efforts into SELinux, but complexity is likely to hold back adoption. http://www.net-security.org/news.php?id=7294 THE RISE OF THE CUSTOMISED SECURITY ATTACK As criminals operating online have begun to realise the potential commercial value of Internet-related crimes, so they have started to investigate other ways of using malware to line their pockets. http://www.net-security.org/news.php?id=7295 SINGLE SIGN ON 'IN-A-BOX' LANDS IN EUROPE Single sign on appliance firm Imprivata launched in the Europe on Monday (7 March) with a promise to reduce corporate password management pains. http://www.net-security.org/news.php?id=7296 UNIFIED MANAGEMENT IS NEXT FOR SECURITY How well does unified threat management fit the requirements of an effective information security program? http://www.net-security.org/news.php?id=7297 NEW IM WORMS HIT MSN MESSENGER New worms spreading through MSN Messenger -- and its bundled-with-Windows Windows Messenger version -- via links to a malicious site are infecting users and leaving their PCs open to hacker hijack, security vendors reported Monday. http://www.net-security.org/news.php?id=7298 ID CARDS ARE A WASTE, SAYS SECURITY GURU Bruce Schneier tells Computer Weekly why ID cards could exacerbate crime and why the only way to beat ID theft is to make banks responsible for its prevention. http://www.net-security.org/news.php?id=7299 CA, SYMANTEC BOLSTER RECOVERY, ID MANAGEMENT Vendors create building blocks for next-generation security. http://www.net-security.org/news.php?id=7300 VIRUS WRITERS LAUGH AT LAWS Virus writers have little to fear, a security firm said Monday, and know they can practice their craft with near impunity. http://www.net-security.org/news.php?id=7301 PRIMARY RESPONSE UPDATE TARGETS TROJANS, ROOTKITS Sana Security said on Monday that a new version of its Primary Response product can help customers detect a new generation of complex online threats, including Trojan horse programs and malicious remote monitoring software known as "rootkits." http://www.net-security.org/news.php?id=7302 CRYPTO SUITE SUPPORTS LINUX-BASED DEVICES Cryptography specialist Certicom has launched a security software suite aimed at helping device makers create secure, Web-based user interfaces based on elliptic curve cryptography. http://www.net-security.org/news.php?id=7303 GATES MISSES THE MARK, AND THE POINT, ON SECURITY Bill Gates wants us to believe security is Microsoft's new Number One priority. He wants us to believe they have the users' best interests at heart. http://www.net-security.org/news.php?id=7304 SCAMMERS USE SYMANTEC, DNS HOLES TO PUSH ADWARE Users being tricked into installing programs onto their computers. http://www.net-security.org/news.php?id=7305 SENSIBLE IT SECURITY FOR SMALL BUSINESSES "Do I need a new firewall?" This is a frequent question asked by owners of small businesses concerned about growing security threats infesting the Internet. http://www.net-security.org/news.php?id=7306 HOME USERS WILL BODGE DIY SECURITY Web site that advises home users on security could do more harm than good. http://www.net-security.org/news.php?id=7307 NUCLEAR CYBER SECURITY DEBATE HOTS UP Two companies that make digital systems for nuclear power plants have come out against a government proposal that would attach cyber security standards to plant safety systems. http://www.net-security.org/news.php?id=7308 HIGH PROFILE, LOW SECURITY Big companies stumble with high profile security breaches that make your local WiFi coffee shop look secure. http://www.net-security.org/news.php?id=7309 SERVICE MANAGEMENT FUNCTIONS: SECURITY MANAGEMENT Failure to secure information can have a severe impact on business credibility. http://www.net-security.org/news.php?id=7310 GROUP STUDIES INFRASTRUCTURE SECURITY The Institute for Information Infrastructure Protection, a consortium of two dozen cybersecurity organizations charged with coordinating a national research and development program, last week began a $8.5 million, two-year research program for securing computer-based systems that control critical infrastructures, such as dams. http://www.net-security.org/news.php?id=7311 YET ANOTHER WORLDWIDE VIRUS SCARE THAT WASN'T Yet another mobile virus is making the news, but the press still hasn't recognized that most of these stories are hyped up well beyond the actual threat level. http://www.net-security.org/news.php?id=7312 HACKERS 'POISON' SEARCH ENGINE RESULTS Users being directed to webpages containing malware. http://www.net-security.org/news.php?id=7313 I.T. FRAMEWORKS DEMYSTIFIED: AVOIDING OVERLOAD "Companies need to have a focus, set goals for implementing frameworks and devote adequate project management resources," David Pultorak, president of Fox IT, a consulting firm specializing in I.T. service management. "If you overdo these frameworks and misapply them or are not sure what the implementation is, the result can be less than satisfactory." http://www.net-security.org/news.php?id=7314 MICROSOFT UPDATES CODE REMOVAL TOOL, PASSES ON PATCHES Tool adds features to detect malicious code. http://www.net-security.org/news.php?id=7315 E-MAIL FIREWALLS: A VITAL DEFENSE LAYER The exponential rise in spam and e-mail-borne viruses has pushed must-have network security layers beyond traditional firewalls and intrusion-detection appliances. http://www.net-security.org/news.php?id=7316 ASTARO ROLLS OUT NEW SPYWARE Astaro released an improved version of its Linux-based security package that now includes gateway-based spyware protection against malware and the ability to block and removed infected software already on a system. http://www.net-security.org/news.php?id=7317 MAIL SERVERS: RESOLVING THE IDENTITY CRISIS Dspam filters spam with the best. In my installation, it stops over 98% of all spam: IÕve only had one false positive in the last year, and that was a message to the Dspam list that contained a real spam! http://www.net-security.org/news.php?id=7318 UK CARD FRAUD HITS £505M The banking industry hopes that losses in future will be contained by schemes such as Chip and PIN. http://www.net-security.org/news.php?id=7319 COMBATING "CARDHOLDER NOT PRESENT" FRAUD Of the security issues facing banks everywhere, prevention of card fraud has always been a high priority, and is set to grow even further in importance. The level of card fraud has risen significantly over recent years, caused in the main, by the explosion in the number and usage of payment cards and the associated high level of organised card crime activity. http://www.net-security.org/news.php?id=7320 VIRUS AUTHORS SWITCH FROM HAVOC TO PROFIT The last quarter of 2004 was categorised by a distinct trend of virus writers moving away from merely trying to create disruptions to developing malicious code that could potentially generate revenue. http://www.net-security.org/news.php?id=7321 HUNGARIAN CHARGED WITH HACKING SONY ERICSSON NETWORK Swedish authorities formally charged a 26-year-old Hungarian man with industrial espionage yesterday, after he allegeldy hacked into the Sony Ericsson AB and Ericsson AB intranets. http://www.net-security.org/news.php?id=7322 ENABLING AECURE SSL OWA ACCESS THROUGH THE ISA FIREWALL To get you up and running with your secure OWA and Web site publishing through the ISA firewall, weÕll present a two part series on how the ISA firewall handles remote access to Web sites using Web Publishing Rules. http://www.net-security.org/news.php?id=7323 WIRELESS SECURITY STILL LAX Report finds 36 per cent of the City's wireless networks left open to attack. http://www.net-security.org/news.php?id=7324 WINDOWS NT4 HOLDOUTS OPEN TO SECURITY HOLE Hundreds of thousands of web sites that continue to run the Windows NT4 face a security dilemma, with no public patch available for a vulnerability in a key Windows networking protocol. http://www.net-security.org/news.php?id=7325 COMMWARRIOR MOBILE VIRUS COULD GO GLOBAL Although viruses spread via mobile phones are sure to become more of a problem in the future, their novelty and the amount of press they are being given may be diverting attention from more pressing security concerns, Graham Cluley of security firm Sophos told NewsFactor. http://www.net-security.org/news.php?id=7326 HACKERS BREACH LEXISNEXIS, GRAB INFO ON 32,000 PEOPLE Hackers have compromised databases belonging to LexisNexis and stolen information on at least 32,000 people, according to a statement today from LexisNexis' parent company, Reed Elsevier PLC. http://www.net-security.org/news.php?id=7327 JUNIPER SCORES WITH WLAN PROTECTOR With the announcement of its NetScreen-5GT Wireless firewall this week, Juniper has firmly (and finally) jumped on the wireless bandwagon. http://www.net-security.org/news.php?id=7328 EXPLOIT RELEASED FOR CA PRODUCT VULNERABILITY Malicious hackers have released code that exploits a widespread vulnerability in software from Computer Associates International (CA), setting off a round of Internet scanning for vulnerable CA systems. http://www.net-security.org/news.php?id=7329 UNSECURED WI-FI IN ONE THIRD OF ALL WIRELESS NETWORKS The explosion of wireless networks is leaving global businesses wide open to 'drive-by hacking' and other security risks, experts have warned. http://www.net-security.org/news.php?id=7330 A LOOK AT MICROSOFT'S ANTI SPYWARE BETA Over the last couple of years, spyware has grown from being a nuisance into being an epidemic. http://www.net-security.org/news.php?id=7331 CREDIT CARD FLAWS FUEL ONLINE FRAUD BONANZA Ivan Remsik, senior analyst for financial services at Forrester, warned that, as long as multiple technologies use or reside on the same physical plastic entity, fraud is set to rise. http://www.net-security.org/news.php?id=7332 TIME-DRIFT TECHNIQUE FINGERS PCS Security researchers have developed a technique for remotely fingerprinting an electronic device using clock skews - small, microscopic deviations in device hardware. http://www.net-security.org/news.php?id=7333 MANY WI-FI NETS OPEN TO SECURITY BREACHES The explosion of Wi-Fi networks both in businesses and in public hotspots is needlessly exposing businesses and individual users to security risks because proper precautions aren't taken, according to research released Thursday by RSA Security. http://www.net-security.org/news.php?id=7334 COMPANIES TURN TO SECURE IM TO MEET PRIVACY CONCERNS With the use of instant messaging on an upswing, companies concerned about security, regulatory and privacy issues are sometimes turning to secure IM solutions that allow only authorised users access to IM -- while stopping others from sending instant messages. http://www.net-security.org/news.php?id=7335 WINDOWS HONEYPOT FOILS WORMS A new Microsoft labs project could lead to better security for Windows servers. http://www.net-security.org/news.php?id=7336 ANTI-PHISHING LAWS ON THE CARDS The US is drawing up a law to outlaw phishing, and EU legislation is likely to follow. http://www.net-security.org/news.php?id=7337 OZ INVESTIGATORS BUST 'FILE-SHARING' ISP Australian anti-piracy operatives have raided an ISP suspected of using BitTorrent to "allow the pirating of hundreds of thousands of songs and video clips". http://www.net-security.org/news.php?id=7338 AN ILLUSTRATED GUIDE TO CRYPTOGRAPHIC HASHES With the recent news of weaknesses in some common security algorithms (MD4, MD5, SHA-0), many are wondering exactly what these things are... http://www.net-security.org/news.php?id=7339 HOSTING YOUR OWN WEB SERVER: THINGS TO CONSIDER Are you disgusted or disappointed with your current web host? Have you switched web hosting companies too many times? Have you thought of hosting your own website(s)? Do you have the ambition to control and manage your own web server? http://www.net-security.org/news.php?id=7340 ---------------------------------------------------------------- [ Vulnerabilities ] All vulnerabilities are located here: http://www.net-security.org/archive_vuln.php ---------------------------------------------------------------- ArGoSoft FTP Server 1.4.2.8 Buffer Overflow Vulnerability http://www.net-security.org/vuln.php?id=4062 PE Multiple Remote Access Validation Vulnerabilities http://www.net-security.org/vuln.php?id=4061 Xoops 2.0.9.2 File Extension Validation Vulnerability http://www.net-security.org/vuln.php?id=4060 eXPerience2 Multiples Vulnerabilities http://www.net-security.org/vuln.php?id=4059 Oracle Database Server Directory Traversal Vulnerability http://www.net-security.org/vuln.php?id=4058 PHP mcNews 1.3 Arbitrary File Inclusion Vulnerability http://www.net-security.org/vuln.php?id=4057 phpWebLog 0.5.3 Arbitrary File Inclusion Vulnerability http://www.net-security.org/vuln.php?id=4056 Lingo VoIP ATA / UTStarcom iAN-02EX Remote Access Vulnerability http://www.net-security.org/vuln.php?id=4055 Hosting Controller v.6.1 Multiple Information Disclosure Vulnerabilities http://www.net-security.org/vuln.php?id=4054 Computer Associates License Manager Remote Vulnerabilities http://www.net-security.org/vuln.php?id=4053 ---------------------------------------------------------------- [ Advisories ] All advisories are located at: http://www.net-security.org/archive_advi.php ---------------------------------------------------------------- HP Security Bulletin - HP Tru64 UNIX message queue, local Denial of Service (DoS) (SSRT4891 rev.0) http://www.net-security.org/advisory.php?id=4616 Conectiva Linux Security Announcement - squid (CLA-2005:932) http://www.net-security.org/advisory.php?id=4615 Fedora Legacy Update Advisory - Updated php packages fix security issues (FLSA:2344) http://www.net-security.org/advisory.php?id=4614 Sun Microsystems Security Bulletin - RealPlayer (SUSE-SA:2005:014) http://www.net-security.org/advisory.php?id=4613 Ubuntu Security Notice - perl vulnerability (USN-94-1) http://www.net-security.org/advisory.php?id=4612 Debian Security Advisory - kdenetwork (DSA 692-1) http://www.net-security.org/advisory.php?id=4611 Conectiva Linux Security Announcement - squid (CLA-2005:931) http://www.net-security.org/advisory.php?id=4610 Ubuntu Security Notice - squid vulnerability (USN-93-1) http://www.net-security.org/advisory.php?id=4609 SCO Security Advisory - UnixWare 7.1.4 : squid updated package fixes several security issues (SCOSA-2005.16) http://www.net-security.org/advisory.php?id=4608 SCO Security Advisory - UnixWare 7.1.4 : Samba multiple security issues (SCOSA-2005.17) http://www.net-security.org/advisory.php?id=4607 Gentoo Linux Security Advisory - KDE dcopidlng: Insecure temporary file creation (GLSA 200503-14) http://www.net-security.org/advisory.php?id=4606 Conectiva Linux Security Announcement - CLA-2005:930 (kernel) http://www.net-security.org/advisory.php?id=4605 Ubuntu Security Notice - lesstif1-1 vulnerabilities (USN-92-1) http://www.net-security.org/advisory.php?id=4604 Ubuntu Security Notice - libexif vulnerabilities (USN-91-1) http://www.net-security.org/advisory.php?id=4603 Gentoo Linux Security Advisory - mlterm: Integer overflow vulnerability (GLSA 200503-13) http://www.net-security.org/advisory.php?id=4602 Debian Security Advisory - abuse (DSA 691-1) http://www.net-security.org/advisory.php?id=4601 Fedora Legacy Update Advisory - Updated php packages fix security issues (FLSA:2344) http://www.net-security.org/advisory.php?id=4600 Fedora Legacy Update Advisory - Updated subversion packages fix security issues (FLSA:1748) http://www.net-security.org/advisory.php?id=4599 Gentoo Linux Security Advisory - Hashcash: Format string vulnerability (GLSA 200503-12) http://www.net-security.org/advisory.php?id=4598 Gentoo Linux Security Advisory - ImageMagick: Filename handling vulnerability (GLSA 200503-11) http://www.net-security.org/advisory.php?id=4597 Mandrakelinux Security Update Advisory - kdegraphics (MDKSA-2005:052) http://www.net-security.org/advisory.php?id=4596 Mandrakelinux Security Update Advisory - cyrus-imapd (MDKSA-2005:051) http://www.net-security.org/advisory.php?id=4595 Mandrakelinux Security Update Advisory - gftp (MDKSA-2005:050) http://www.net-security.org/advisory.php?id=4594 Mandrakelinux Security Update Advisory - gaim (MDKSA-2005:049) http://www.net-security.org/advisory.php?id=4593 Mandrakelinux Security Update Advisory - curl (MDKSA-2005:048) http://www.net-security.org/advisory.php?id=4592 SGI Security Advisory - SGI Advanced Linux Environment 3 Security Update #29 (20050301-01-U) http://www.net-security.org/advisory.php?id=4591 Gentoo Linux Security Advisory - Mozilla Firefox: Various vulnerabilities (GLSA 200503-10) http://www.net-security.org/advisory.php?id=4590 Gentoo Linux Security Advisory - xv: Filename handling vulnerability (GLSA 200503-09) http://www.net-security.org/advisory.php?id=4589 ---------------------------------------------------------------- [ Articles ] All articles are located at: http://www.net-security.org/articles_main.php Articles can be contributed to articles@net-security.org ---------------------------------------------------------------- COMBATING "CARDHOLDER NOT PRESENT" FRAUD Of the security issues facing banks everywhere, prevention of card fraud has always been a high priority, and is set to grow even further in importance. The level of card fraud has risen significantly over recent years, caused in the main, by the explosion in the number and usage of payment cards and the associated high level of organised card crime activity. http://www.net-security.org/article.php?id=774 THE RISE OF THE CUSTOMISED SECURITY ATTACK The shift to financially motivated email attacks means that individual organisations are being singled out as targets. Evidence of criminals using the Internet and email to carry out their crimes can be seen in many threats from phishing to online blackmail and extortion. Tackling more sinister customised plots requires a tailored approach, as blanket solutions are often only suitable for bulk attacks. http://www.net-security.org/article.php?id=773 ---------------------------------------------------------------- [ Software ] Windows software is located at: http://net-security.org/software_main.php?cat=1 Linux software is located at: http://net-security.org/software_main.php?cat=2 Pocket PC software is located at: http://net-security.org/software_main.php?cat=3 ---------------------------------------------------------------- DROPBEAR SSH SERVER 0.45 (Linux) Dropbear is an SSH 2 server, designed to be usable in small memory environments. http://www.net-security.org/software.php?id=490 ETHEREAL 0.10.10 (Linux) Ethereal is a free network protocol analyzer. http://www.net-security.org/software.php?id=99 FE3D 0.8-2 (Windows) fe3d is a 3D visualization tool for network (security) information, it currently supports insecure.org's nmap and languard XML log files. http://www.net-security.org/software.php?id=590 GRSECURITY 2.1.2 (Linux) grsecurity is a complete security system for Linux 2.4 that implements a detection/prevention/containment strategy. http://www.net-security.org/software.php?id=208 IPTABLES 1.3.1 (Linux) The netfilter/iptables project is the Linux 2.4.x / 2.5.x firewalling subsystem. http://www.net-security.org/software.php?id=4 NUFW 1.0.0 (Linux) NuFW is an "authenticating gateway". This means it requires authentication for any connections to be forwarded through the gateway. http://www.net-security.org/software.php?id=526 SHOREWALL 2.2.2 (Linux) Shorewall is an iptables based firewall that can be used on a dedicated firewall system, a multi-function masquerade gateway/server or on a standalone Linux system. http://www.net-security.org/software.php?id=40 SNORT 2.3.1 (Linux) Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. http://www.net-security.org/software.php?id=112 SSL-EXPLORER 0.1.8 RC3 (Windows) The 3SP SSL-Explorer is the world's first open-source SSL-based VPN solution of its kind. http://www.net-security.org/software.php?id=579 VISUALROUTE 2005 9.2d (Windows) VisualRoute delivers the functionality of key Internet "ping," "whois," and "traceroute" tools, in a high-speed visually integrated package. http://www.net-security.org/software.php?id=2 WEBSCARAB 20050311-1804 (Windows) WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols. http://www.net-security.org/software.php?id=504 WEPLAB 0.1.4 (Linux) Weplab is a tool to review the security of WEP encryption in wireless networks from an educational point of view. http://www.net-security.org/software.php?id=539 WINFINGERPRINT 0.6.1 (Windows) Winfingerprint is a Win32 MFC VC++ .NET based security tool that is able to Determine OS, enumerate users, groups, shares, and more. http://www.net-security.org/software.php?id=103 ---------------------------------------------------------------- [ Webcasts ] All webcasts are located at: http://net-security.org/webcasts.php ---------------------------------------------------------------- Take A Tour with Tripwire Enterprise Organized by Tripwire on 16 March 2005, 11:00 AM http://www.net-security.org/webcast.php?id=365 ---------------------------------------------------------------- [ Conferences ] All conferences are located at: http://net-security.org/conferences.php ---------------------------------------------------------------- International Workshop on Coding and Cryptography (WCC 2005) Organized by Selmersenteret, INRIA - 14 March-18 March 2005 http://www.net-security.org/conference.php?id=111 Third IEEE International Information Assurance Workshop (IWIA'05) Organized by IEEE Computer Society Task Force on Information Assurance - 24 March-25 March 2005 http://www.net-security.org/conference.php?id=112 Black Hat Briefings & Training Europe 2005 Organized by Black Hat Briefings - 26 March-1 April 2005 http://www.net-security.org/conference.php?id=130 ECCE E-crime and Computer Evidence 2005 Organized by n-gate ltd. - 29 March-30 March 2005 http://www.net-security.org/conference.php?id=94 Indonesia Cryptology and Information Security Conference 2005 Organized by Lembaga Sandi Negara RI - 30 March-31 March 2005 http://www.net-security.org/conference.php?id=113 The 1st International Workshop on Systems and Network Security (SNS2005) Organized by University of Colorado at Colorado Springs - 4 April-8 April 2005 http://www.net-security.org/conference.php?id=114 Infosec World 2005 Organized by MIS Training Institute - 4 April-6 April 2005 http://www.net-security.org/conference.php?id=128 Black Hat Briefings & Training Asia 2005 Organized by Black Hat Briefings - 5 April-8 April 2005 http://www.net-security.org/conference.php?id=131 OWASP AppSec Europe 2005 Conference Organized by OWASP - 9 April-10 August 2005 http://www.net-security.org/conference.php?id=132 4th Annual PKI R&D Workshop (PKI'05) Organized by National Institute of Standards and Technology - 19 April-21 April 2005 http://www.net-security.org/conference.php?id=115 Infosecurity Europe 2005 Organized by Reed Exhibitions - 26 April-28 April 2005 http://www.net-security.org/conference.php?id=126 DallasCon 2005 Professional Cyber Defense Conference Organized by DallasCon - 2 May-5 May 2005 http://www.net-security.org/conference.php?id=127 The International Conference on Computational Science & Its Applications (ICCSA 05) Organized by Institute of High Performance Computing - 9 May-12 May 2005 http://www.net-security.org/conference.php?id=116 The 18th International FLAIRS Conference Organized by The American Association of Artificial Intelligence - 16 May-18 May 2005 http://www.net-security.org/conference.php?id=117 Second European PKI Workshop Organized by University of Salford - 30 June-1 July 2005 http://www.net-security.org/conference.php?id=118 ---------------------------------------------------------------- [ Security World ] All press releases are located at: http://www.net-security.org/press_main.php Send your press releases to press@net-security.org ---------------------------------------------------------------- Utimaco Announces Breakthrough for Digital Signature Legally-compliant Mass Signatures Directly from SAP Applications http://www.net-security.org/press.php?id=2995 CipherTrust introduces IronMail 5.0 to Enhance Reputation System, Secure Delivery And Regulatory Compliance http://www.net-security.org/press.php?id=2994 MDI Receives Advanced Encryption Standard Certification for SAFEnet Enterprise Security Suite http://www.net-security.org/press.php?id=2993 Eicon Networks launches Shiva 4102 SSL VPN Gateway http://www.net-security.org/press.php?id=2992 Revolutionary F-Secure BlackLight Technology Fights The Next Generation Of Stealth Viruses, Spyware and Rootkits http://www.net-security.org/press.php?id=2991 Direct Debit Processor Voca Selects Cyber-Ark Vaulting Solution http://www.net-security.org/press.php?id=2990 F-Secure Corporation Joins the Network Admission Control (NAC) Program http://www.net-security.org/press.php?id=2989 ---------------------------------------------------------------- [ Virus News ] All virus news are located at: http://www.net-security.org/viruses.php ---------------------------------------------------------------- Three New Worms Threaten Instant Messaging Users, While The Cyber-War Between Virus Authors Continues http://www.net-security.org/virus_news.php?id=534 ---------------------------------------------------------------- Questions, contributions, comments or ideas go to: Help Net Security staff staff@net-security.org http://net-security.org ---------------------- Unsubscribe from this weekly digest on: http://www.net-security.org/subscribe.php The archive of the newsletter in TXT and PDF format is available http://www.net-security.org/newsletter_archive.php ---------------------------------------------------------------- Make plans now to attend Black Hat Briefings & Training Europe, March 29-April 1 in Amsterdam, the world's premier technical security event. Featuring 30 speakers in four tracks, 10 training sessions, with 250 delegates from 20 nations attending. Learn about the technical security market drivers in the European market. You can download an electronic brochure at our site, which will provide you with a 100 Euros discount. ---------------------------------------------------------------- Visit http://www.net-security.org/v/BH05.pdf ----------------------------------------------------------------