HNS NewsletterIssue 259 - 04.04.2005.http://net-security.orgThis is a newsletter delivered to you by Help Net Security. Itcovers weekly roundups of security events that were in thenews the past week.----------------------------------------------------------------REGISTER FOR INFOSECURITY EUROPE 2005----------------------------------------------------------------Infosecurity Europe is Europe's number one, dedicated InformationSecurity event. Now in its 10th anniversary year, InfosecurityEurope continues to provide an unrivalled education programme,new products & services, over 250 exhibitors and over 10,000visitors from every segment of the industry.----------------------------------------------------------------Get all the information at: http://www.infosec.co.uk/hns----------------------------------------------------------------


Table of contents:1) Security news2) Vulnerabilities3) Advisories4) Articles5) Software6) Webcasts7) Conferences8) Security World9) Virus News[ Security news ]----------------------------------------------------------------SEC FAULTED FOR LAX DATA SECURITY IN GAO REPORTPersonal data held in a government database is at increased risk ofunauthorized disclosure, modification, or loss--possibly withoutanyone knowing, government auditors reported Thursday.http://www.net-security.org/news.php?id=7430TODAY'S "HACKER" MOST INTERESTED IN MONEYMore malicious code out to get secret information.http://www.net-security.org/news.php?id=7431SIX YEARS AFTER MELISSA, MASS-MAILED MALWARE HAS PEAKEDOn March 26, 1999, Melissa, the first virus that spread by mailingcopies of itself to addresses it dug out of infected machines, sweptthe Internet. Six years later, mass-mailed worms have reached theirpeak, said the researcher who led authorities to the hacker who wroteMelissa.http://www.net-security.org/news.php?id=7432HOW TO HIRE AN IT SECURITY CONSULTANTRelying on the three Ts can help: thoroughness, timing, and trust.http://www.net-security.org/news.php?id=7433SECURITY DEBATE CENTERS ON FIREFOX AND IEMicrosoft Internet Explorer developer Dave Massy responded to aMozilla Foundation claim that Firefox will "always" be more secure.http://www.net-security.org/news.php?id=7434MICROSOFT FUNDING OF SECURITY REPORT DECRIEDFinding that system is superior to Linux is biased, critics say.http://www.net-security.org/news.php?id=7435MICROSOFT CONSIDERING DESKTOP, SECURITY CERTSNew cert options for MCPs may be in future.http://www.net-security.org/news.php?id=7436WHY DUE DILIGENCE AS A DEFENSE IS NOT ENOUGHWhile businesses have invested in technologies such as firewalls,intrusion detection, and now intrusion prevention, we are all toofamiliar with FUD (Fear, Uncertainty, and Doubt). How manypresentations have you attended in the last six months where asecurity service provider discusses ÒCode RedÓ, ÒNimdaÓ or ÒSlammerÓ?The most recent of these is now two years old. So why are we stilldiscussing them? One word, ÒfearÓ.http://www.net-security.org/news.php?id=7437MITNICK SEQUEL FAILS TO HACK ITWhereas Art of Deception had a simple theme - how social engineeringgets around your computer defences - Art of Intrusion is less sure ofits ground.http://www.net-security.org/news.php?id=7438LEGAL FEARS HALT APPLE VIRUS COMPETITIONOrganisers scrap $25,000 challenge to infect OS X.http://www.net-security.org/news.php?id=7439ORACLE SNAPS UP SECURITY FIRMDatabase behemoth Oracle continued its shopping spree yesterday whenit bought Oblix, a privately-owned security firm, for an undisclosedamount.http://www.net-security.org/news.php?id=7440CISCO, EARTHLINK, MCI JOIN FORCES AGAINST CYBER ATTACKSTelecom equipment providers and network operators, including CiscoSystems Inc., EarthLink Inc. and MCI Inc., unveiled on Monday analliance to combat cyber attacks.http://www.net-security.org/news.php?id=7441DNA KEY TO DECODING HUMAN FACTORFor law enforcement officials charged with busting sophisticatedfinancial crime and hacker rings, making arrests and seizingcomputers used in the criminal activity is often the easy part.http://www.net-security.org/news.php?id=7442THE 10 WORST SECURITY PRACTICESSecurity specialists are constantly on the lookout for proven methodswe can replicate to keep our networks and data safe.http://www.net-security.org/news.php?id=7443INDUSTRY TEAMS UP TO FINGER HACKERSOfficial database to examine the behaviour of attacks against ITsystems.http://www.net-security.org/news.php?id=7444STOLEN UC BERKELEY LAPTOP EXPOSES PERSONAL DATAA thief recently walked into a University of California, Berkeleyoffice and swiped a computer laptop containing personal informationabout nearly 100,000 alumni.http://www.net-security.org/news.php?id=7445PRACTICALLY CERTIFIEDRecent changes to the GIAC makes one question the value ofcertification for the security industry.http://www.net-security.org/news.php?id=7446BREAKING FIREWALLS WITH OPENSSH AND PUTTYIf the system administrator deliberately filters out all trafficexcept port 22 (ssh), to a single server, it is very likely that youcan still gain access other computers behind the firewall.http://www.net-security.org/news.php?id=7447TACKLING THE ENEMY WITHINStaff training is as vital to network security as the mostcutting-edge patch or state-of-the-art email filter.http://www.net-security.org/news.php?id=7448NET FINGERPRINTS COMBAT ATTACKSEighty large net service firms have switched on software to spot andstop net attacks automatically.http://www.net-security.org/news.php?id=7449PHISHERS SPREAD NET FOR SMALLER PREYFraudsters moving away from banks towards e-commerce sites.http://www.net-security.org/news.php?id=7450NEW WARPS TO PROVIDE SECURITY EARLY WARNINGThe government has stepped up its drive to protect the UK's criticaltechnology infrastructure by backing the creation of computersecurity and cybercrime information exchanges for businesses inYorkshire and the North East.http://www.net-security.org/news.php?id=7451PHONE HACKERS TAP INTO HOSPITALCyber criminals have hacked into a private hospital's telephonesystem, racking up almost $5,000 in international calls in an attackexperts warn is becoming increasingly common.http://www.net-security.org/news.php?id=7452MICROSOFT WORKING ON NEW ID SYSTEMMicrosoft Corp. will build software for managing identities intoWindows in order to beef up security by giving users more controlover their personal information, the world's largest software makersaid Tuesday.http://www.net-security.org/news.php?id=7453NETWORK TO FIGHT BACK AGAINST DOS ATTACKS"Service providers that are cooperating by sharing attackfingerprints are helping mitigate these threats more quickly andcloser to the source, thus making the Internet a more secure place,"says Yankee Group senior analyst Jim Slaby.http://www.net-security.org/news.php?id=7454LOGON TYPE CODES REVEALEDThe logon/logoff category of the Windows security log gives you theability to monitor all attempts to access the local computer.http://www.net-security.org/news.php?id=7455MALWARE COMES OF AGE: THE ARRIVAL OF THE TRUE COMPUTER PARASITEEven though malware has been a recognised threat within the generalIT community for well over 15 years, it is effectively a biggerproblem now than it has ever been before.http://www.net-security.org/news.php?id=7456ANALYSTS SLAM HACKER LAW CHANGESTechnology darling Derek Wyatt MP is proposing changes to theComputer Misuse Act next week but analysts from the Butler Group saysthe changes don't go far enough.http://www.net-security.org/news.php?id=7457EUROPEANS WORRY ABOUT ONLINE BANKING SECURITYPhishing, keystroke logging and other types of scams are increasinglyworrying users of online banking services in Europe while scaringothers away, according to a report issued Tuesday from ForresterResearch Inc.http://www.net-security.org/news.php?id=7458EMEA ENTERPRISE SECURITY MARKET UP 49% IN Q4 2004The Europe, Middle East and Africa (EMEA) enterprise security marketcontinued its impressive record of growth in the fourth quarter of2004 to achieve the highest value yet seen in a single quarter.http://www.net-security.org/news.php?id=7459SURFERS URGED TO TAKE PHISHING IQ TESTGet smart, not ripped off.http://www.net-security.org/news.php?id=7460MICROSOFT DROPS BLASTER VIRUS WRITER FINEParsons' punishment, an alternative to paying Microsoft back themoney, was the result of an agreement between prosecutors, defenseattorneys and Microsoft representatives yesterday.http://www.net-security.org/news.php?id=7462PROTECT WIRELESS ACCESS USING MAC ADDRESS FILTERSThere are a number of basic steps you should take to protect yourwireless network and filtering MAC addresses is one more way tosecure it.http://www.net-security.org/news.php?id=74637 COMPUTER SECURITY TIPS FOR STUDENTSPreparing for school used to mean filling a backpack with a handfulof sharpened pencils, spiral notebooks, and a dozen textbooks.http://www.net-security.org/news.php?id=7464NEW IDENTITY THEFT SCENARIOSJust wanted to let in all of my friends and family on a secret alearned while attending an Identity Theft class put on at the OntarioConvention Center on March 22, 2005.http://www.net-security.org/news.php?id=7465SWEATING OVER SECURITY - NEW EXAMS FROM MICROSOFTTwo new exams for developers really put your secure coding expertiseto the challenge.http://www.net-security.org/news.php?id=7466APPRENTICE HACKER RINGS UP LARGE PHONE BILLAn "apprentice" hacker broke into the PABX (private automatic branchexchange) system of John James Hospital in Canberra, Australia, lastweek and made more than A$5,000 (US$3,850) worth of internationalcalls.http://www.net-security.org/news.php?id=7467WEB BROWSER FORENSICS, PART 1This article provides a case study of digital forensics, andinvestigates incriminating evidence using a user's web browserhistory.http://www.net-security.org/news.php?id=7468VENDORS OFFER IP-TELEPHONY SECURITY SERVICESEnterasys Networks and Lucent Technologies introduced a package ofservices designed to improve the security of IP telephony networks.http://www.net-security.org/news.php?id=7469MICROSOFT EXPANDS WINDOWS PIRACY CHECK ON DOWNLOADSPolicy will apply to local langauge add-ons.http://www.net-security.org/news.php?id=7470WINDOWS SERVER 2003 SP1 IS HERESP1 heavily laced with security fixes.http://www.net-security.org/news.php?id=7471US INTEL AGENCIES 'INCOMPETENT'US intelligence agencies suffer from a poor analytical processinfluenced by presumptions and biases, and poor data collectioncapabilities, according to an unclassified report just out from theCommission on the Intelligence Capabilities of the United StatesRegarding Weapons of Mass Destruction.http://www.net-security.org/news.php?id=7472MOZILLA BUG BOUNTY PAYS FAULT-FINDERSUsers who find flaws offered $500 per bug plus a free T-shirt.http://www.net-security.org/news.php?id=7473IM USERS GO PRIVATE TO GET SECUREA quarter of surveyed readers are using private enterprise instantmessaging systems which are more secure than the pubic systems.http://www.net-security.org/news.php?id=7474ENTERPRISE SECURITY BOOM CONTINUESThe market for enterprise security is growing at its highest rateever in Europe, according to analyst firm Canalys.http://www.net-security.org/news.php?id=7475GRID COMPUTING CAN ALLOW SECURITY THREATSSecurity experts on Wednesday recommended that IT administratorsclearly identify and understand the security risks associated withlarge-scale grid computing deployments.http://www.net-security.org/news.php?id=7476BLOGGER CATCHES IDENTITY THIEVESThis morning, I found out that thousands of dollars of charges hadbeen made on two of my credit cards in the past two days. Now, theidentity thieves are sitting in jail. This is how it happened.http://www.net-security.org/news.php?id=7477EU PUSHES FOR SAFEGUARDS ON BIOMETRIC TECHNOLOGIESReport examine effects of EU's decision to use biometric passports,visas, resident permits.http://www.net-security.org/news.php?id=7478IDENTITY THEFT: ARE ORGANIZATIONS OBLIGED TO NOTIFY CLIENTS?Although identity theft is not a new offense, the Internet hasprovided perpetrators with new means to misappropriate personal data.http://www.net-security.org/news.php?id=7479LAWSUITS DRIVE 'SPAM KING' RICHTER TO BANKRUPTCYThe received wisdom in libertarian circles is that email anti-spamlaws don't work, so they're not worth trying.http://www.net-security.org/news.php?id=7480MICROSOFT FILES 117 PHISHING LAWSUITSSoftware giant seeking to identify large-scale operations, collectdamages.http://www.net-security.org/news.php?id=7481SECURING YOUR ONLINE PRIVACY WITH TORThe Tor project can help you keep your online communication private.http://www.net-security.org/news.php?id=7482MARCH'S BUG STORY: OLD WORMS MAINTAIN GRIPOlder worms and viruses continued to dominate March's list of Top 10baddest apples, security firms say.http://www.net-security.org/news.php?id=7483----------------------------------------------------------------[ Vulnerabilities ]All vulnerabilities are located here:http://www.net-security.org/vulnerabilities.php----------------------------------------------------------------phpCOIN Search Engine SQL Injectionhttp://www.net-security.org/vulnerability.php?id=15160phpCOIN Product Order SQL Injectionhttp://www.net-security.org/vulnerability.php?id=15161phpCOIN Forgotten Password Request SQL Injectionhttp://www.net-security.org/vulnerability.php?id=15162phpCOIN auxpage.php Traversal Arbitrary File Accesshttp://www.net-security.org/vulnerability.php?id=15163Squirrelcart PHP Shopping Cart index.php SQL Injectionhttp://www.net-security.org/vulnerability.php?id=15124Kerio Personal Firewall Network Rules Process Masquerade Local Bypasshttp://www.net-security.org/vulnerability.php?id=15123FastStone 4in1 Browser Web Server Traversal Arbitrary File Accesshttp://www.net-security.org/vulnerability.php?id=15118PortalApp ad_click.asp banner_id Parameter SQL Injectionhttp://www.net-security.org/vulnerability.php?id=15119Multiple Iatek App content.asp Multiple Variable XSShttp://www.net-security.org/vulnerability.php?id=15120Ublog Reload login.asp msg Variable XSShttp://www.net-security.org/vulnerability.php?id=15121Ublog Reload ublogreload.mdb Information Disclosurehttp://www.net-security.org/vulnerability.php?id=15122Chatness message.php user Variable XSShttp://www.net-security.org/vulnerability.php?id=15117TinCat Network Library Player Logging Remote Overflowhttp://www.net-security.org/vulnerability.php?id=15092The Settlers: Heritage of Kings Player Logging Remote Overflowhttp://www.net-security.org/vulnerability.php?id=15153Sacred Player Logging Remote Overflowhttp://www.net-security.org/vulnerability.php?id=15154PhotoPost PHP Pro showgallery.php Multiple Variable XSShttp://www.net-security.org/vulnerability.php?id=15096PhotoPost PHP Pro showmembers.php Multiple Variable XSShttp://www.net-security.org/vulnerability.php?id=15097PhotoPost PHP Pro slideshow.php photo Variable XSShttp://www.net-security.org/vulnerability.php?id=15098PhotoPost PHP Pro showmembers.php sl Parameter SQL Injectionhttp://www.net-security.org/vulnerability.php?id=15099PhotoPost PHP Pro showphoto.php photo Parameter SQL Injectionhttp://www.net-security.org/vulnerability.php?id=15100E-Data Personal Information Addition XSShttp://www.net-security.org/vulnerability.php?id=15091NetComm NB1300 Malformed Ping Saturation DoShttp://www.net-security.org/vulnerability.php?id=15088ACS Blog Multiple BBcode Tag XSShttp://www.net-security.org/vulnerability.php?id=15087Smarty regex_replace Modifier Arbitrary Code Executionhttp://www.net-security.org/vulnerability.php?id=15081Deplate elements.rb Malformed Filename ID Issuehttp://www.net-security.org/vulnerability.php?id=15082Iron Bars Shell Nondescript Security Issuehttp://www.net-security.org/vulnerability.php?id=15080EncapsBB index_header.php root Parameter Remote File Inclusionhttp://www.net-security.org/vulnerability.php?id=15078Antigen for Domino Malformed RAR File DoShttp://www.net-security.org/vulnerability.php?id=15077Linux Kernel ext2 Directory Creation Arbitrary Memory Disclosurehttp://www.net-security.org/vulnerability.php?id=15115E-Xoops viewforum.php sortdays Variable XSShttp://www.net-security.org/vulnerability.php?id=15068E-Xoops newbb/index.php viewcat Variable XSShttp://www.net-security.org/vulnerability.php?id=15069E-Xoops newbb/index.php viewcat Parameter SQL Injectionhttp://www.net-security.org/vulnerability.php?id=15070E-Xoops sections/index.php artid Parameter SQL Injectionhttp://www.net-security.org/vulnerability.php?id=15071E-Xoops sections/index.php Path Disclosurehttp://www.net-security.org/vulnerability.php?id=15072----------------------------------------------------------------[ Advisories ]All advisories are located at:http://www.net-security.org/archive_advi.php----------------------------------------------------------------Mandrakelinux Security Update Advisory - ImageMagick (MDKSA-2005:065)http://www.net-security.org/advisory.php?id=4679Debian Security Advisory - krb5 (DSA 703-1)http://www.net-security.org/advisory.php?id=4678Debian Security Advisory - imagemagick (DSA 702-1)http://www.net-security.org/advisory.php?id=4677Ubuntu Security Notice - linux-source-2.6.8.1 vulnerabilities(USN-103-1)http://www.net-security.org/advisory.php?id=4676Mandrakelinux Security Update Advisory - libexif (MDKSA-2005:064)http://www.net-security.org/advisory.php?id=4675Mandrakelinux Security Update Advisory - htdig (MDKSA-2005:063)http://www.net-security.org/advisory.php?id=4674Mandrakelinux Security Update Advisory - ipsec-tools (MDKSA-2005:062)http://www.net-security.org/advisory.php?id=4673SUSE Security Announcement - ipsec-tools (SUSE-SA:2005:020)http://www.net-security.org/advisory.php?id=4672Conectiva Linux Security Announcement - kernel (CLA-2005:945)http://www.net-security.org/advisory.php?id=4671Debian Security Advisory - samba (DSA 701-1)http://www.net-security.org/advisory.php?id=4670Turbolinux Security Announcement - perl, python, xemacs, postgresql,gftp (31/Mar/2005)http://www.net-security.org/advisory.php?id=4669Cisco Security Advisory - Cisco IPSec Malformed IKE PacketVulnerability (Revision 2.0)http://www.net-security.org/advisory.php?id=4668Cisco Security Advisory - Cisco VPN 3000 Concentrator Vulnerable toCrafted SSL attackhttp://www.net-security.org/advisory.php?id=4667Debian Security Advisory - mailreader ( DSA 700-1)http://www.net-security.org/advisory.php?id=4666Mandrakelinux Security Update Advisory - krb5 (MDKSA-2005:061)http://www.net-security.org/advisory.php?id=4665SUSE Security Announcement - SUSE Security Summary Report(SUSE-SR:2005:009)http://www.net-security.org/advisory.php?id=4664Debian Security Advisory - netkit-telnet-ssl (DSA 699-1)http://www.net-security.org/advisory.php?id=4663Debian Security Advisory - mc (DSA 698-1)http://www.net-security.org/advisory.php?id=4662Ubuntu Security Notice - sharutils vulnerabilities (USN-102-1)http://www.net-security.org/advisory.php?id=4661Debian Security Advisory - netkit-telnet (DSA 697-1)http://www.net-security.org/advisory.php?id=4660MIT krb5 Security Advisory - Buffer overflows in telnet client(2005-001)http://www.net-security.org/advisory.php?id=4659FreeBSD Security Advisory - telnet client buffer overflows(FreeBSD-SA-05:01.telnet)http://www.net-security.org/advisory.php?id=4658Ubuntu Security Notice - netkit-telnet vulnerabilities (USN-101-1)http://www.net-security.org/advisory.php?id=4657Conectiva Linux Security Announcement - ethereal (CLA-2005:942)http://www.net-security.org/advisory.php?id=4656Slackware Security Advisory - Mozilla/Firefox/Thunderbird(SSA:2005-085-01)http://www.net-security.org/advisory.php?id=4655----------------------------------------------------------------[ Articles ]All articles are located at:http://www.net-security.org/articles_main.phpArticles can be contributed to articles@net-security.org----------------------------------------------------------------MALWARE COMES OF AGE: THE ARRIVAL OF THE TRUE COMPUTER PARASITEEven though malware has been a recognised threat within the generalIT community for well over 15 years, it is effectively a biggerproblem now than it has ever been before.http://www.net-security.org/article.php?id=778WHY DUE DILIGENCE AS A DEFENSE IS NOT ENOUGHWhile businesses have invested in technologies such as firewalls,intrusion detection, and now intrusion prevention, we are all toofamiliar with FUD (Fear, Uncertainty, and Doubt). How manypresentations have you attended in the last six months where asecurity service provider discusses ÒCode RedÓ, ÒNimdaÓ or ÒSlammerÓ?The most recent of these is now two years old. So why are we stilldiscussing them? One word, ÒfearÓ.http://www.net-security.org/article.php?id=777----------------------------------------------------------------[ Software ]Windows software is located at:http://net-security.org/software_main.php?cat=1Linux software is located at:http://net-security.org/software_main.php?cat=2Pocket PC software is located at:http://net-security.org/software_main.php?cat=3----------------------------------------------------------------IPCOP 1.4.5 (Linux)IPCop Firewall is a Linux firewall distribution geared towards homeand SOHO (Small Office/Home Office) users.http://www.net-security.org/software.php?id=147KISMET 2005-04-R1 (Linux)Kismet is a 802.11b wireless network sniffer.http://www.net-security.org/software.php?id=218LE PUTTY 20050328 (Windows)Le Putty is a ssh suite for Windows based on the very popular Puttyproject.http://www.net-security.org/software.php?id=416MAILSCANNER 4.40.11 (Linux)MailScanner is a virus scanner for e-mail designed for use on e-mailgateways.http://www.net-security.org/software.php?id=144NUFW 1.0.2 (Linux)NuFW is an "authenticating gateway". This means it requiresauthentication for any connections to be forwarded through thegateway.http://www.net-security.org/software.php?id=526REVELATION 0.4.3 (Linux)Revelation is a password manager for the GNOME 2 desktop.http://www.net-security.org/software.php?id=293TCPDUMP FOR WINDOWS 1.0 (Windows)Command-line packet capture tool for Windows.http://www.net-security.org/software.php?id=624XML SECURITY LIBRARY 1.2.8 (Linux)XML Security Library is a C library based on LibXML2 and OpenSSL.http://www.net-security.org/software.php?id=197----------------------------------------------------------------[ Webcasts ]All webcasts are located at:http://net-security.org/webcasts.php----------------------------------------------------------------Best Practices for Deploying & Securing Wireless NetworksOrganized by Airdefense on 12 April 2005, 2:00 PMhttp://www.net-security.org/webcast.php?id=369Vulnerability Expert Forum USOrganized by eEye on 13 April 2005, 1:00 PMhttp://www.net-security.org/webcast.php?id=277Exposing Spyware. Don't be lured into the TrapOrganized by ISS on 13 April 2005, 3:00 PMhttp://www.net-security.org/webcast.php?id=370Vulnerability Expert Forum EuropeOrganized by eEye on 14 April 2005, 3:30 PMhttp://www.net-security.org/webcast.php?id=258----------------------------------------------------------------[ Conferences ]All conferences are located at:http://net-security.org/conferences.php----------------------------------------------------------------The 1st International Workshop on Systems and Network Security(SNS2005)Organized by University of Colorado at Colorado Springs - 4 April-8April 2005http://www.net-security.org/conference.php?id=114Infosec World 2005Organized by MIS Training Institute - 4 April-6 April 2005http://www.net-security.org/conference.php?id=128Black Hat Briefings & Training Asia 2005Organized by Black Hat Briefings - 5 April-8 April 2005http://www.net-security.org/conference.php?id=131OWASP AppSec Europe 2005 ConferenceOrganized by OWASP - 9 April-10 August 2005http://www.net-security.org/conference.php?id=1324th Annual PKI R&D Workshop (PKI'05)Organized by National Institute of Standards and Technology - 19April-21 April 2005http://www.net-security.org/conference.php?id=115Infosecurity Europe 2005Organized by Reed Exhibitions - 26 April-28 April 2005http://www.net-security.org/conference.php?id=126DallasCon 2005 Professional Cyber Defense ConferenceOrganized by DallasCon - 2 May-5 May 2005http://www.net-security.org/conference.php?id=127The International Conference on Computational Science & ItsApplications (ICCSA 05)Organized by Institute of High Performance Computing - 9 May-12 May2005http://www.net-security.org/conference.php?id=116The 18th International FLAIRS ConferenceOrganized by The American Association of Artificial Intelligence - 16May-18 May 2005http://www.net-security.org/conference.php?id=117Second European PKI WorkshopOrganized by University of Salford - 30 June-1 July 2005http://www.net-security.org/conference.php?id=118SIG SIDAR Conference on Detection of Intrusions and Malware &Vulnerability Assessment (DIMVA 2005)Organized by German Informatics Society - 7 July-8 July 2005http://www.net-security.org/conference.php?id=119The 4th European Conference on Information Warfare and Security (ECIW2005)Organized by Academic Conferences International - 11 July-15 July2005http://www.net-security.org/conference.php?id=120The 32nd International Colloquium on Automata, Languages andProgramming (ICALP'05)Organized by European Association for Theoretical Computer Science -11 July-15 July 2005http://www.net-security.org/conference.php?id=121Crypto 2005Organized by International Association for Cryptologic Research - 14August-18 August 2005http://www.net-security.org/conference.php?id=1228th Information Security Conference(ISC'05)Organized by Institute for Infocomm Research - 21 September-23September 2005http://www.net-security.org/conference.php?id=123----------------------------------------------------------------[ Security World ]All press releases are located at:http://www.net-security.org/press_main.phpSend your press releases to press@net-security.org----------------------------------------------------------------DI.GI. Security partners with Kavado to meet the rapidly growingdemand for Web Applications Security in Italyhttp://www.net-security.org/press.php?id=3050Plymouth City Council Turns To Becrypt To Secure Data To Adhere ToNew Legislationhttp://www.net-security.org/press.php?id=3049Optenet, European Leader In Web Filtering And Anti-Spam Solutions,Goes All Outhttp://www.net-security.org/press.php?id=3048MDIÕs iTRUST & SAFEnet Security Solution Awarded 2005 IntegratedPhysical Security Product of the Year by Network Defense & ProductNews and Government Security Newshttp://www.net-security.org/press.php?id=3047Denver Health Deploys Blue Coat Proxy Appliances To Prevent Spywarehttp://www.net-security.org/press.php?id=3046Crossbeam Systems and Check Point Announce Trio Of New EuropeanCustomers For Their Virtual Security Systemshttp://www.net-security.org/press.php?id=3045O'Reilly Releases "Linux Network Administrator's Guide, ThirdEdition"http://www.net-security.org/press.php?id=3044Swedish Police Force Selects Utimaco Solutions for Mobile Securityhttp://www.net-security.org/press.php?id=3043MessageLabs Helps Customers Address Email Privacy Concerns With A NewManaged Encryption Servicehttp://www.net-security.org/press.php?id=3042Protocom Advises Importance Of Credential Management Technologies InPreventing Online Thefthttp://www.net-security.org/press.php?id=3041Protect Your Corporate Communications Environment From Virus HavocWith   new Protea AntiVirus Tools for Lotus Dominohttp://www.net-security.org/press.php?id=3040SkyRecon Enters UK Security Markethttp://www.net-security.org/press.php?id=3039U.S. Army To Secure Mobile Medical Information With Endpoint SecuritySolution From Pointsechttp://www.net-security.org/press.php?id=3038McAfee, Inc. to Report First Quarter 2005 Earnings May 5thhttp://www.net-security.org/press.php?id=3037Trapeze Networks Attacks Rapidly Growing Linux Market With IndustryÕsFirst Certifed Radius Solution For NovellÕs Suse Linuxhttp://www.net-security.org/press.php?id=3036----------------------------------------------------------------[ Virus News ]All virus news are located at:http://www.net-security.org/viruses.php----------------------------------------------------------------Weekly Report on Viruses and Intruders - Beliu.A Trojan, Mydoom.BNand Mytob.P Wormshttp://www.net-security.org/virus_news.php?id=540Worm Plays On Rumours Of Romance Between Brad Pitt And Angelina Joliehttp://www.net-security.org/virus_news.php?id=539----------------------------------------------------------------Questions, contributions, comments or ideas go to:Help Net Security staffstaff@net-security.orghttp://net-security.org----------------------Unsubscribe from this weekly digest on:http://www.net-security.org/subscribe.phpThe archive of the newsletter in TXT and PDF format is available http://www.net-security.org/newsletter_archive.php

----------------------------------------------------------------REGISTER FOR INFOSECURITY EUROPE 2005----------------------------------------------------------------Infosecurity Europe is Europe's number one, dedicated InformationSecurity event. Now in its 10th anniversary year, InfosecurityEurope continues to provide an unrivalled education programme,new products & services, over 250 exhibitors and over 10,000visitors from every segment of the industry.----------------------------------------------------------------Get all the information at: http://www.infosec.co.uk/hns----------------------------------------------------------------