HNS Newsletter Issue 257 - 21.03.2005. http://net-security.org This is a newsletter delivered to you by Help Net Security. It covers weekly roundups of security events that were in the news the past week. ---------------------------------------------------------------- Make plans now to attend Black Hat Briefings & Training Europe, March 29-April 1 in Amsterdam, the world's premier technical security event. Featuring 30 speakers in four tracks, 10 training sessions, with 250 delegates from 20 nations attending. Learn about the technical security market drivers in the European market. You can download an electronic brochure at our site, which will provide you with a 100 Euros discount. ---------------------------------------------------------------- Visit http://www.net-security.org/v/BH05.pdf ---------------------------------------------------------------- Table of contents: 1) Security news 2) Vulnerabilities 3) Advisories 4) Articles 5) Reviews 6) Software 7) Webcasts 8) Conferences 9) Security World 10) Virus News [ Security news ] ---------------------------------------------------------------- F-SECURE TAKES ON HIDDEN MALICIOUS CODE Finnish security firm F-Secure last week debuted a scanner for "rootkits", software used by some hackers to hide their malicious code, and posted a free beta of the tool to its website. http://www.net-security.org/news.php?id=7341 STUDY: CIOS TO TARGET NETWORK SECURITY What are local chief information officers putting at the top of their to-do lists in the next year? http://www.net-security.org/news.php?id=7342 MICROSOFT SECURITY PRACTICE RAISES FEARS Peiter "Mudge" Zatko, a security expert who has worked for both the Clinton and Bush administrations, said the risk from Microsoft's effort was "the worst possible thing for national security." http://www.net-security.org/news.php?id=7343 SCHNEIER: TOKENS WON'T COMPLETELY SECURE DATA Technology isn't going to protect e-commerce customers -- stronger government regulation is what will get the attention of online banks and merchants, forcing them to stop being casual about security, said Bruce Schneier, founder and chief technology officer of Counterpane Internet Security. http://www.net-security.org/news.php?id=7344 ALTERNATIVE BROWSER SPYWARE INFECTS IE Some useful citizen has created an installer that will nail IE with spyware, even if a surfer is using Firefox (or another alternative browser) or has blocked access to the malicious site in IE beforehand. http://www.net-security.org/news.php?id=7345 THE CISM PREP GUIDE: MASTERING THE FIVE DOMAINS OF INFORMATION SECURITY MANAGEMENT Certified Information Security Manager (CISM) is a certification developed by the Information Systems Audit and Control Association (ISACA). This book is a guide that is supposed to make your road to certification easier. Read on to get the details. http://www.net-security.org/news.php?id=7346 APPLICANTS FACE REJECTION FOR HACKING ATTEMPTS An applicant to the business school of Duke University who tried to hack into his admission file has been rejected, school officials said Friday. http://www.net-security.org/news.php?id=7347 AOL EXPLAINS ITS PRIVACY POLICY America Online spokesman Andrew Weinstein responded to a request for more information about AOL Instant Messenger's terms of service, which I wrote about Saturday after spotting it on Slashdot. http://www.net-security.org/news.php?id=7348 SUPERMARKETS NEXT IN LINE FOR PHISHING ATTACKS Online retailers are likely to become the next target of 'phishing' scams, UK police warned last weekend. http://www.net-security.org/news.php?id=7349 FTC BARS BOGUS ANTI-SPYWARE CLAIMS Free scans detected spyware that wasnÕt there. http://www.net-security.org/news.php?id=7350 DECEPTIVE DUO HACKER CHANGES PLEA Robert Lyttle, one of two hackers behind the Deceptive Duo team responsible for a number of network breaches in 2002, including a U.S. Navy database, has decided to plead guilty to the charges filed by the U.S. Attorneys' Office last year, according to documents filed in the case. http://www.net-security.org/news.php?id=7351 FIRMS OVERLOOK THREAT FROM THE ENEMY WITHIN Sites not fully protected, according to study. http://www.net-security.org/news.php?id=7352 REVISITING NLB BIDIRECTIONAL AFFINITY ON ISA SERVER 2004 SE Given that NLB is a popular feature, I think its important to provide you more information on this subject. http://www.net-security.org/news.php?id=7353 IT SEC COMMUNITY HAS FALSE SENSE OF SECURITY A false sense of security could lead IT managers to getting the sack, a new survey has revealed. http://www.net-security.org/news.php?id=7354 STRESS AFFLICTS SECURITY BOSSES Keeping computer viruses at bay is more stressful than divorce, warns a survey. http://www.net-security.org/news.php?id=7355 AWARD RECOGNISES US PROFESSOR'S CONTRIBUTION TO CYBER SECURITY The International Information Systems Security Certification Consortium, (ISC)2, has presented Dorothy Denning, one of the world's leading information security experts, with an award for her contribution to cyber security and encryption. http://www.net-security.org/news.php?id=7356 SECURE YOUR SERVER WITH LIDS The Linux Intrusion Detection System (LIDS) is a kernel patch for both 2.4 and 2.6 kernels that adds Mandatory Access Control (MAC) and other security enhancements to the Linux kernel. http://www.net-security.org/news.php?id=7357 CONTROVERSIAL REPORT FINDS WINDOWS MORE SECURE THAN LINUX Contrary to popular wisdom, Windows appears to be more secure than a popular version of Linux, according to an upcoming report from two security researchers. http://www.net-security.org/news.php?id=7358 PERSONAL INFORMATION TAKEN IN NEVADA DMV OFFICE BREAK-IN Personal information from more than 8,900 people was stolen when thieves broke into a Nevada Department of Motor Vehicles office, officials said Friday. http://www.net-security.org/news.php?id=7359 GOVERNMENT AND INDUSTRY BACK IT SECURITY PROFESSIONALISM PLANS Proposals to create a professional institution that would set minimum standards of professionalism for IT security specialists have won backing from the government and leading businesses. http://www.net-security.org/news.php?id=7360 MICROSOFT TO DITCH PASSWORDS "We are at a confidence crisis. For the first time we run the risk of taking a step backwards and the reason is the threat of identity theft," said RSA Security chief executive Art Coviello. http://www.net-security.org/news.php?id=7361 GET SMART ABOUT AV GOOD BUYS AND BAD BUYS While security purchases are likely to be the most crucial decisions an organisation will make, anti-virus (AV) software remains AV software whichever way you choose to look at it. http://www.net-security.org/news.php?id=7362 NEW WORM THROWS 'SMACHDOWN' ON USERS Elitper-D, a worm new to the Wild, is conning users by disguising itself as a screensaver. http://www.net-security.org/news.php?id=7363 EUROPEAN IT HEADS HAVE FALSE SENSE OF SECURITY 70 percent of companies are open to internet attack. http://www.net-security.org/news.php?id=7364 HACKERS CAN BEAT SECURITY TOKENS Two-factor authentication 'doesn't solve anything', claims security expert. http://www.net-security.org/news.php?id=7365 UK FIRMS FACE 'SPIRALLING THREAT' FROM EMAIL MISUSE Clear and present danger as 'banter culture' prevails. http://www.net-security.org/news.php?id=7366 NETWORKING TITANS BUILD OUT SAN, MAN WARES Network vendors are pushing the envelope with hardware tuned for backup, larger networks, and wireless security, as evidenced by new wares from Cisco, Foundry, and Juniper. http://www.net-security.org/news.php?id=7368 WINDOWS FIREWALLS LACKING For something as simple as a firewall for Windows servers, a good solution just doesn't exist. http://www.net-security.org/news.php?id=7367 CHOICEPOINT SAYS IT'S SORRY ChoicePoint's chief executive apologized Tuesday to 145,000 customers exposed to identity theft but he had difficulty convincing some lawmakers the company was doing enough to resolve the problem. http://www.net-security.org/news.php?id=7369 MICROSOFT SECURITY PRACTICE RAISES CONCERNS Microsoft Corp. is giving early versions of its software security patches to the U.S. Air Force and other organizations, a practice some experts fear could give rogue hackers important details about how to break into unprotected computers on a massive scale. http://www.net-security.org/news.php?id=7370 IT MANAGER SENTENCED TO PRISON IN HACKING CASE An Orange, Calif., IT manager who earlier pled guilty to hacking into his previous employer's computer network was sentenced Monday to five months in prison, the U.S. Attorney's Office said Tuesday. http://www.net-security.org/news.php?id=7371 BOTNETS MULTIPLYING OVER IRC Honeynet Project reports hundreds of attacks a month. http://www.net-security.org/news.php?id=7372 WRITING AN INCIDENT HANDLING AND RECOVERY PLAN The following is an outline of a typical generalized incident handling and response plan for a small to mid-sized organization that doesn't have a dedicated incident response staff. http://www.net-security.org/news.php?id=7373 FIMA CONFERENCE FOCUSES ON IM SECURITY Instant messaging has revolutionized the way colleagues communicate, but increasing regulations and a growing number of security breaches in the medium have businesses concerned about how much sensitive information might be getting into the wrong hands. http://www.net-security.org/news.php?id=7374 US CYBER-SECURITY 'NEARLY FAILING' Government agencies scrape through with a 'D+' rating. http://www.net-security.org/news.php?id=7375 LIMEWIRE PATCHES SERIOUS SNOOPING BUGS Limewire users need to update their software following the discovery of a brace of vulnerabilities. http://www.net-security.org/news.php?id=7376 HACKERS CONTROL MORE THAN A MILLION PCS German study finds botnet attacks worse than expected. http://www.net-security.org/news.php?id=7377 MAKE SECURITY BUSINESS-ORIENTATED, SAYS EXPERT Information security today is not about tackling the hacker question but using security models to create business value, according to KPMG risk advisory associate director Rob Goldberg. http://www.net-security.org/news.php?id=7378 AUDITORS FIND IRS WORKERS PRONE TO HACKERS More than one-third of Internal Revenue Service employees and managers who were contacted by Treasury Department inspectors posing as computer technicians provided their computer login and changed their password. http://www.net-security.org/news.php?id=7379 "HOLY FATHER" ON ROOTKIT WRITING FOR FUN AND PROFIT Rootkit author discusses efforts to highlight weaknesses in software security. http://www.net-security.org/news.php?id=7380 A METHOD FOR FORENSIC PREVIEWS This article explains the forensic preview process, whereby a production machine is left as undisturbed as possible while it is evaluated for potential intrusion and compromise. http://www.net-security.org/news.php?id=7381 SECURE BATCH EMAIL WITH UUCP AND SSH The POP protocol is no solution for people (like me) who want to fetch their email in a practical and efficient manner from multiple locations, be it from a dial-up account or a fixed Internet link. Thus, it seemed to me that UUCP over SSH provides great benefits for those people. http://www.net-security.org/news.php?id=7382 ALLIANCE TO SECURE WIRED AND WIRELESS NETWORKS Performance Technologies has teamed up with Open System Consultants (OSC) to provide GSM operators secure authentication, authorisation and accounting for wired or wireless networks. http://www.net-security.org/news.php?id=7383 INTERNATIONAL HACKERS ATTEMPT MASSIVE HEIST High Tech Crime Unit smashes £220m hacking ring. http://www.net-security.org/news.php?id=7384 ANTI-VIRUS VULNERABILITIES STRIKE AGAIN Users of McAfeeÕs anti-virus products were warned this week of a potentially serious security vulnerability. http://www.net-security.org/news.php?id=7385 NETWORKS UNDER THREAT FROM RFID ROLLOUTS IDC's report, commissioned by Cisco, predicts that RFID will have a significant impact on enterprise networks not just because of the number of tags involved, but because of the amount of data each tag could hold and the number of times it is scanned during transit or processing. http://www.net-security.org/news.php?id=7386 ROOTKITS LEAVE ANTIVIRUS SYSTEMS POWERLESS No defence in standard antivirus code. http://www.net-security.org/news.php?id=7387 WILL BIOMETRIC SECURITY HARM USERS? Microsoft has launched a keyboard that uses biometric data for authentication, the nattily named Optical Desktop Elite with Fingerprint Reader for Bluetooth. http://www.net-security.org/news.php?id=7388 AUTOMATED PATCHING, EASY APPROACH TO SECURITY Patch management is an essential administration task within today's busy IT networks with the constant threat of new security bugs. http://www.net-security.org/news.php?id=7389 IM VIRUSES INCREASE BY 50 PER CENT A MONTH F-Secure detects more than 200 instant messaging worms. http://www.net-security.org/news.php?id=7390 LINUX KERNEL SECURITY, AGAIN It's a sad day when an ancient fork bomb attack can still take down most of the latest Linux distributions. http://www.net-security.org/news.php?id=7391 HOW TO JUSTIFY INFORMATION SECURITY SPENDING At a recent seminar on information security management, I heard that FUD (fear, uncertainty and doubt) is dead, that ROI is dead and that the insurance model is dead. http://www.net-security.org/news.php?id=7392 ARE YOU SAFER WITH FIREFOX? Is Firefox a more secure web browser than Microsoft's Internet Explorer? http://www.net-security.org/news.php?id=7393 PLANNED BANK HEIST RAISES TROJAN WARNINGS A recently foiled bank heist in London has some security experts issuing heightened warnings about key-logging Trojans. http://www.net-security.org/news.php?id=7394 EXPERTS SUSPECT INSIDER IN HACKERS BID TO STEAL £220M Detectives are investigating the possibility of insider involvement in a daring electronic bid to steal £220m from the London headquarters of a Japanese corporate bank. http://www.net-security.org/news.php?id=7395 ---------------------------------------------------------------- [ Vulnerabilities ] All vulnerabilities are located here: http://www.net-security.org/archive_vuln.php ---------------------------------------------------------------- KDE Desktop Communication Protocol dcopserver Local DoS http://www.net-security.org/vulnerability.php?id=14813 Linux Kernel Malformed PPP Packet Remote DoS http://www.net-security.org/vulnerability.php?id=14810 OpenSLP Multiple Nondescript Overflows http://www.net-security.org/vulnerability.php?id=14766 TriBBS Default SYSOP Password http://www.net-security.org/vulnerability.php?id=14736 TriBBS Daily Byte Limit File Download Bypass http://www.net-security.org/vulnerability.php?id=14737 ViSiON-X Default SYSOP Password http://www.net-security.org/vulnerability.php?id=14738 ViSiON-X Matrix Upload Privilege Escalation http://www.net-security.org/vulnerability.php?id=14739 Waffle BBS LIST Command Arbitrary File Disclosure http://www.net-security.org/vulnerability.php?id=14740 KBBS Padded Name SYSOP Spoofing http://www.net-security.org/vulnerability.php?id=14727 Oblivion/2 BBS Default SYSOP Password http://www.net-security.org/vulnerability.php?id=14728 PCBoard BBS OP Command Privilege Escalation http://www.net-security.org/vulnerability.php?id=14729 PCBoard BBS Default SYSOP Password http://www.net-security.org/vulnerability.php?id=14730 Remote Access BBS Default SYSOP Password http://www.net-security.org/vulnerability.php?id=14731 Renegade BBS Default SYSOP Password http://www.net-security.org/vulnerability.php?id=14732 Renegade BBS Email Arbitrary File Access http://www.net-security.org/vulnerability.php?id=14733 Renegade BBS Archive Menu Arbitrary File Access http://www.net-security.org/vulnerability.php?id=14734 Renegade BBS SYSOP Chat Arbitrary File Disclosure http://www.net-security.org/vulnerability.php?id=14735 ---------------------------------------------------------------- [ Advisories ] All advisories are located at: http://www.net-security.org/archive_advi.php ---------------------------------------------------------------- Ubuntu Security Notice - php4 vulnerabilities (USN-99-1) http://www.net-security.org/advisory.php?id=4640 Ubuntu Security Notice - openslp vulnerabilities (USN-98-1) http://www.net-security.org/advisory.php?id=4639 Conectiva Linux Security Announcement - cyrus-imapd (CLA-2005:937) http://www.net-security.org/advisory.php?id=4638 Turbolinux Security Announcement - imap, nfs-utils, krb5 (17/Mar/2005) http://www.net-security.org/advisory.php?id=4637 Mandrakelinux Security Update Advisory - evolution (MDKSA-2005:059) http://www.net-security.org/advisory.php?id=4636 Mandrakelinux Security Update Advisory - kdelibs (MDKSA-2005:058) http://www.net-security.org/advisory.php?id=4635 Conectiva Linux Security Announcement - kdenetwork (CLA-2005:934) http://www.net-security.org/advisory.php?id=4634 Ubuntu Security Notice - xfree86 vulnerability (USN-97-1) http://www.net-security.org/advisory.php?id=4633 SUSE Security Announcement - Mozilla Firefox (SUSE-SA:2005:016) http://www.net-security.org/advisory.php?id=4632 Ubuntu Security Notice - mysql-dfsg vulnerabilities (USN-96-1) http://www.net-security.org/advisory.php?id=4631 Mandrakelinux Security Update Advisory - gnupg (MDKSA-2005:057) http://www.net-security.org/advisory.php?id=4630 Mandrakelinux Security Update Advisory - openslp (MDKSA-2005:055) http://www.net-security.org/advisory.php?id=4629 Mandrakelinux Security Update Advisory - cyrus-sasl (MDKSA-2005:054) http://www.net-security.org/advisory.php?id=4628 Mandrakelinux Security Update Advisory - ethereal (MDKSA-2005:053) http://www.net-security.org/advisory.php?id=4627 Gentoo Linux Security Advisory - Perl: rmtree and DBI tmpfile vulnerabilities (GLSA 200501-38:03) http://www.net-security.org/advisory.php?id=4626 Gentoo Linux Security Advisory - Ringtone Tools: Buffer overflow vulnerability (GLSA 200503-18) http://www.net-security.org/advisory.php?id=4625 Ubuntu Security Notice - linux-source-2.6.8.1 vulnerabilities (USN-95-1) http://www.net-security.org/advisory.php?id=4624 Conectiva Linux Security Announcement - gaim (CLA-2005:933) http://www.net-security.org/advisory.php?id=4623 Debian Security Advisory - luxman (DSA 693-1) http://www.net-security.org/advisory.php?id=4622 SUSE Security Announcement - openslp (SUSE-SA:2005:015) http://www.net-security.org/advisory.php?id=4621 Debian Security Advisory - squirrelmail (DSA 662-2) http://www.net-security.org/advisory.php?id=4620 Gentoo Linux Security Advisory - libexif: Buffer overflow vulnerability (GLSA 200503-17) http://www.net-security.org/advisory.php?id=4619 Gentoo Linux Security Advisory - Ethereal: Multiple vulnerabilities (GLSA 200503-16) http://www.net-security.org/advisory.php?id=4618 Gentoo Linux Security Advisory - X.org: libXpm vulnerability (GLSA 200503-15) http://www.net-security.org/advisory.php?id=4617 ---------------------------------------------------------------- [ Articles ] All articles are located at: http://www.net-security.org/articles_main.php Articles can be contributed to articles@net-security.org ---------------------------------------------------------------- WRITING AN INCIDENT HANDLING AND RECOVERY PLAN The following is an outline of a typical generalized incident handling and response plan for a small to mid-sized organization that doesn't have a dedicated incident response staff. http://www.net-security.org/article.php?id=775 ---------------------------------------------------------------- [ Reviews ] All reviews are located at: http://www.net-security.org/reviews.php ---------------------------------------------------------------- THE CISM PREP GUIDE: MASTERING THE FIVE DOMAINS OF INFORMATION SECURITY MANAGEMENT Certified Information Security Manager (CISM) is a certification developed by the Information Systems Audit and Control Association (ISACA). This book is a guide that is supposed to make your road to certification easier. Read on to get the details. http://www.net-security.org/review.php?id=149 ---------------------------------------------------------------- [ Software ] Windows software is located at: http://net-security.org/software_main.php?cat=1 Linux software is located at: http://net-security.org/software_main.php?cat=2 Pocket PC software is located at: http://net-security.org/software_main.php?cat=3 ---------------------------------------------------------------- AIRSCANNER MOBILE ENCRYPTER 2.1b (Pocket PC) This tool secures data residing on your PDA and lets you lock your device to keep others from using it. http://www.net-security.org/software.php?id=547 AUTOPSY FORENSIC BROWSER 2.04 (Linux) The Autopsy Forensic Browser is a graphical interface to the command line digital forensic analysis tools in The Sleuth Kit. http://www.net-security.org/software.php?id=216 BASTILLE LINUX 2.2.5 (Linux) The Bastille Hardening System attempts to "harden" or "tighten" the Linux operating system. http://www.net-security.org/software.php?id=217 BOTAN 1.4.6 (Linux) Botan aims to be a portable, easy to use, and efficient C++ crypto library. http://www.net-security.org/software.php?id=94 DAZUKO 2.0.6 (Linux) A common interface across all platforms is needed for 3rd party file access control. With such an interface, focus could be redirected from OS hacking to solving real problems. The interface is here. http://www.net-security.org/software.php?id=434 ID_BANK 1.23 (Windows) ID_Bank is a secure identity and password protection system. http://www.net-security.org/software.php?id=91 IPCOP 1.4.4 (Linux) IPCop Firewall is a Linux firewall distribution geared towards home and SOHO (Small Office/Home Office) users. http://www.net-security.org/software.php?id=147 LUTELWALL 0.96 (Linux) Lutel's Firewall Script is a Linux IPtables shell script written in bash for use as a firewall and NAT/masquerade router. http://www.net-security.org/software.php?id=379 MARADNS 1.0.25 (Linux) MaraDNS is a DNS server that strives to be secure and fully open-sourced. http://www.net-security.org/software.php?id=84 NUFW 1.0.1 (Linux) NuFW is an "authenticating gateway". This means it requires authentication for any connections to be forwarded through the gateway. http://www.net-security.org/software.php?id=526 OS-SIM 0.9.8rc2 (Linux) OSSIM is a distribution of open source products that are integrated to provide an infrastructure for security monitoring. http://www.net-security.org/software.php?id=304 ROOTKIT HUNTER 1.2.2 (Linux) This scanning tool ensures you're clean of nasty tools. http://www.net-security.org/software.php?id=531 SAMHAIN 2.0.5a (Linux) Samhain is an open source file integrity and host-based intrusion detection system. http://www.net-security.org/software.php?id=125 SSL-EXPLORER 0.1.8 (Windows) The 3SP SSL-Explorer is the world's first open-source SSL-based VPN solution of its kind. http://www.net-security.org/software.php?id=579 THE SLEUTH KIT 2.00 (Linux) The Sleuth Kit is a collection of UNIX-based command line file system forensic tools. http://www.net-security.org/software.php?id=215 ---------------------------------------------------------------- [ Webcasts ] All webcasts are located at: http://net-security.org/webcasts.php ---------------------------------------------------------------- Symantec Internet Security Threat Report Volume VII Organized by Symantec on 23 March 2005, 1:09 PM http://www.net-security.org/webcast.php?id=366 Blink Product Overview & Demonstration Organized by eEye on 24 March 2005, 2:30 PM http://www.net-security.org/webcast.php?id=367 Vulnerability Expert Forum US Organized by eEye on 13 April 2005, 1:00 PM http://www.net-security.org/webcast.php?id=277 Vulnerability Expert Forum Europe Organized by eEye on 14 April 2005, 3:30 PM http://www.net-security.org/webcast.php?id=258 ---------------------------------------------------------------- [ Conferences ] All conferences are located at: http://net-security.org/conferences.php ---------------------------------------------------------------- Third IEEE International Information Assurance Workshop (IWIA'05) Organized by IEEE Computer Society Task Force on Information Assurance - 24 March-25 March 2005 http://www.net-security.org/conference.php?id=112 Black Hat Briefings & Training Europe 2005 Organized by Black Hat Briefings - 26 March-1 April 2005 http://www.net-security.org/conference.php?id=130 ECCE E-crime and Computer Evidence 2005 Organized by n-gate ltd. - 29 March-30 March 2005 http://www.net-security.org/conference.php?id=94 Indonesia Cryptology and Information Security Conference 2005 Organized by Lembaga Sandi Negara RI - 30 March-31 March 2005 http://www.net-security.org/conference.php?id=113 The 1st International Workshop on Systems and Network Security (SNS2005) Organized by University of Colorado at Colorado Springs - 4 April-8 April 2005 http://www.net-security.org/conference.php?id=114 Infosec World 2005 Organized by MIS Training Institute - 4 April-6 April 2005 http://www.net-security.org/conference.php?id=128 Black Hat Briefings & Training Asia 2005 Organized by Black Hat Briefings - 5 April-8 April 2005 http://www.net-security.org/conference.php?id=131 OWASP AppSec Europe 2005 Conference Organized by OWASP - 9 April-10 August 2005 http://www.net-security.org/conference.php?id=132 4th Annual PKI R&D Workshop (PKI'05) Organized by National Institute of Standards and Technology - 19 April-21 April 2005 http://www.net-security.org/conference.php?id=115 Infosecurity Europe 2005 Organized by Reed Exhibitions - 26 April-28 April 2005 http://www.net-security.org/conference.php?id=126 DallasCon 2005 Professional Cyber Defense Conference Organized by DallasCon - 2 May-5 May 2005 http://www.net-security.org/conference.php?id=127 The International Conference on Computational Science & Its Applications (ICCSA 05) Organized by Institute of High Performance Computing - 9 May-12 May 2005 http://www.net-security.org/conference.php?id=116 The 18th International FLAIRS Conference Organized by The American Association of Artificial Intelligence - 16 May-18 May 2005 http://www.net-security.org/conference.php?id=117 Second European PKI Workshop Organized by University of Salford - 30 June-1 July 2005 http://www.net-security.org/conference.php?id=118 SIG SIDAR Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2005) Organized by German Informatics Society - 7 July-8 July 2005 http://www.net-security.org/conference.php?id=119 ---------------------------------------------------------------- [ Security World ] All press releases are located at: http://www.net-security.org/press_main.php Send your press releases to press@net-security.org ---------------------------------------------------------------- Utimaco Welcomes Export Initiative for German IT Security Industry from Federal Ministry of Economics and Labour http://www.net-security.org/press.php?id=3011 Kaspersky Anti-Virus 5.5 for Microsoft ISA Server 2000 Enterprise Edition Receives Miscrosoft ISA Server 2000 Test Certificate http://www.net-security.org/press.php?id=3010 Comodo - Establishing Trust Initiative for e-Business http://www.net-security.org/press.php?id=3009 Demystifying the Black Art of Security: Energis Gives Big Businesses a Helping Hand http://www.net-security.org/press.php?id=3008 CipherTrust Restructures Channel Programme To Increase European Revenue By 200 Per Cent http://www.net-security.org/press.php?id=3007 MessageLabs Group CEO Wins ÔTechnology Entrepreneur of the YearÕ at 2005 UK Technology Innovation & Growth Awards http://www.net-security.org/press.php?id=3006 Mobile Video Products, a Division of MDI, Launches New Mobile Digital Video Recording Surveillance System http://www.net-security.org/press.php?id=3005 European Demand for Web Services Security Solutions Drives Opening of New Sales Offices in France and the United Kingdom with the Appointment of Two International Security Experts http://www.net-security.org/press.php?id=3004 Open Minds And Steeleye Develop High Availability Edition Of Leading Intelligent Building Control Solution http://www.net-security.org/press.php?id=3003 Florida Association of Realtors Selects NFR SecurityÕs Sentivist Intrusion Prevention System for Real-Time Threat Protection http://www.net-security.org/press.php?id=3002 Bytemobile ÒPowers UpÓ with Acquisition of ProQuent http://www.net-security.org/press.php?id=3001 Kaspersky Lab Releases News Agent 1.0 http://www.net-security.org/press.php?id=3000 Top Layer Reports Record Growth with 134% Increase in IPS Revenue http://www.net-security.org/press.php?id=2999 CipherTrust Anti-Virus Powered by Authentium Bolsters IronMail's Best-Of-Breed Virus Protection http://www.net-security.org/press.php?id=2998 Remote and Home Working booms as AEP Helps Local Authorities Reach £6.45bn Cost Savings Target http://www.net-security.org/press.php?id=2997 F-Secure Mobile Anti-Virus now Available to Smartphone Users in Germany http://www.net-security.org/press.php?id=2996 ---------------------------------------------------------------- [ Virus News ] All virus news are located at: http://www.net-security.org/viruses.php ---------------------------------------------------------------- New Email Scam Promises Money From The Late Sir Denis Thatcher's Will http://www.net-security.org/virus_news.php?id=536 Man Jailed For Trojan Horse Which Made 911 Nuisance Calls Via WebTV http://www.net-security.org/virus_news.php?id=535 ---------------------------------------------------------------- Questions, contributions, comments or ideas go to: Help Net Security staff staff@net-security.org http://net-security.org ---------------------- Unsubscribe from this weekly digest on: http://www.net-security.org/subscribe.php The archive of the newsletter in TXT and PDF format is available http://www.net-security.org/newsletter_archive.php ---------------------------------------------------------------- Make plans now to attend Black Hat Briefings & Training Europe, March 29-April 1 in Amsterdam, the world's premier technical security event. Featuring 30 speakers in four tracks, 10 training sessions, with 250 delegates from 20 nations attending. Learn about the technical security market drivers in the European market. You can download an electronic brochure at our site, which will provide you with a 100 Euros discount. ---------------------------------------------------------------- Visit http://www.net-security.org/v/BH05.pdf ----------------------------------------------------------------