HNS Newsletter
Issue 269 - 13.06.2005.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It
covers weekly roundups of security events that were in the
news the past week.

----------------------------------------------------------------
BLACK HAT BRIEFINGS & TRAINING USA
----------------------------------------------------------------
Attend the Black Hat Briefings & Training USA, July 23-28, 
2005 in Las Vegas. World renowned security experts reveal 
tomorrowÕs threats today. Free of vendor pitches, the 
Briefings are designed to be pragmatic regardless of your 
security environment. Featuring 29 hands-on training courses 
and 10 conference, networking opportunities with over 2,000 
delegates from 30+ nations.
----------------------------------------------------------------
http://www.blackhat.com
----------------------------------------------------------------


Table of contents:

1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Software
6) Webcasts
7) Conferences
8) Security World
9) Virus News


[ Security news ]


----------------------------------------------------------------

SECURITY BAROMETER SURVEY: THE PSYCHOLOGY OF SECURITY
Elaine Axby of Quocirca presents the findings from its IT security
survey which compares the perceptions and realities of common
security threats in today's world.
http://www.net-security.org/news.php?id=7952


MYTOB WORM DISABLES PC SECURITY
Anti-virus software maker Sophos has issued a warning on a new type
of worm that is spreading rapidly and making it difficult for users
of infected systems to clean up their Windows PCs.
http://www.net-security.org/news.php?id=7953


CA BOOSTS BIZ APPS' SECURITY
Computer Associates International today unveiled its eTrust Identity
and Access Management Toolkit, a product targeted at helping
developers build more manageable identity-based security into their
business applications.
http://www.net-security.org/news.php?id=7954


HOW DO COMPUTER VIRUSES WORK?
Computer viruses are mysterious and grab our attention. On the one
hand, viruses show us how vulnerable we are.
http://www.net-security.org/news.php?id=7955


CHEAPER, MORE SECURE ID SYSTEM SET OUT
Academics have proposed an alternative to the Government's plans for
a national identity card scheme which they claim will be more secure,
reliable, cost-effective and citizen-friendly.
http://www.net-security.org/news.php?id=7956


FEAR WILL KEEP DRIVING SECURITY SALES
Selling on fear is one way of getting an almost sure-fire sale.
http://www.net-security.org/news.php?id=7957


ARE VIRUS WRITERS CREATING A SUPER WORM?
Recent rash of Mytob worm variant has some security experts
concerned.
http://www.net-security.org/news.php?id=7958


PUBLISHING SECURE FTP SERVERS BEHIND ISA FIREWALLS
This article discusses how to create a PASV mode FTP server or a
secure FTP server which is behind ISA Server 2004.
http://www.net-security.org/news.php?id=7959


FIRMS WARNED THEY MAY BE TARGETS OF TROJAN SPIES
UK businesses should take urgent steps to check their systems are
secure, police have warned after discovering one of the world's
largest industrial espionage and hacking operations.
http://www.net-security.org/news.php?id=7960


WI-FI SECURITY: LEVERAGE WHAT YOU KNOW
How do you know that you've covered all the bases when it comes to
wireless LAN security?
http://www.net-security.org/news.php?id=7961


DIRT CHEAP NETWORK SECURITY
Throwing money at security vulnerabilities may not make you safer at
all. Follow this advice for low-cost and no-cost security measures to
put your network beyond the reach of the bad guys.
http://www.net-security.org/news.php?id=7962


ANOTHER FLAW FOUND IN MOZILLA
It appears the Mozilla foundation must deal with another round of
fixes to its popular browsers after a security firm pointed out that
they are susceptible to a seven-year-old vulnerability that could let
attackers spoof Web sites.
http://www.net-security.org/news.php?id=7963


INTERVIEW WITH THEO DE RAADT
What's your personal point of view about Security? Almost all
security problems are simply a result of poor quality.
http://www.net-security.org/news.php?id=7964


MICROSOFT'S MOST SUCCESSFUL FAILURE
Someone once asked Pable Picasso which one of his many paintings was
his favorite. His reply: the next one. Ask Steve Ballmer which
version of Windows is the most secure and guess what his answer will
be?
http://www.net-security.org/news.php?id=7965


COMPANIES RUSH TO PLUG 'DATA LEAKS'
The threat entails employees leaking sensitive data about customers,
finances or intellectual property in violation of security policies
and regulatory requirements.
http://www.net-security.org/news.php?id=7966


TECH VS. TERRORISM
The FBI stumbled badly in modernizing its IT to help fight terrorism.
Here's how the bureau plans to get on track.
http://www.net-security.org/news.php?id=7967


INTRODUCING GT4 SECURITY
In this article, you are introduced to the Grid Security
Infrastructure (GSI), the security component in Globus Toolkit 4
(GT4).
http://www.net-security.org/news.php?id=7968


THE TRUE COMPUTER PARASITE
It is now twenty years since Fred Cohen published his seminal
research paper suggesting the potential threat of computer viruses.
In the years since this publication, the risk that Cohen described
has unquestionably been borne out, and alongside hackers, the threat
of the computer virus is the security issue that has most clearly
permeated the public mind.
http://www.net-security.org/news.php?id=7969


SECURE MAC AND LINUX AUTHENTICATION
There are several reasons I'm not a big Apple fan (high prices,
blogger lawsuits etc.) but let's blame them for the right things.
http://www.net-security.org/news.php?id=7970


A TALE OF TWO HACKERS
Lapping up the sunshine outside a downtown cafe, Kevin Mitnick is
apprehensive.
http://www.net-security.org/news.php?id=7971


HOW WELL DO YOU KNOW YOUR PARTNER?
This is an opinion piece with 8 helpful hints and tips on how to
avoid becoming a victim of industrial espionage and malicious
hackers.
http://www.net-security.org/news.php?id=7972


TELSPACE RESEARCH EXPOSES PEAK HACKER ASSAULT PERIODS
There are specific periods when Web servers are most vulnerable to
hacker attacks, says Dino Covotsos, MD and founder of IT security
provider Telspace.
http://www.net-security.org/news.php?id=7973


STUDY: FLAW DISCLOSURE HURTS SOFTWARE MAKERS' STOCK
Software makers stand to lose significant market value whenever a
flaw is found in their products, two university researcher said in a
paper published last week.
http://www.net-security.org/news.php?id=7974


HACKERS WANT YOU
Dave Bullard read these two books on hacking and immediately updated
his computer security.
http://www.net-security.org/news.php?id=7975


RANKIN FRIEND DUIC DENIES HACKING INTO RBC COMPUTER
Daniel Duic denied a lawyer's suggestion yesterday that he regularly
had the opportunity to get insider information on stocks by hacking
into the server at brokerage firm RBC Dominion Securities Inc.
http://www.net-security.org/news.php?id=7976


PAOGA - AN ANSWER TO THE PRIVACY PROBLEM?
Information wants to be free, as the dotcom era clichŽ would have it.
Sadly, that is true of your private personal details as anything else.
http://www.net-security.org/news.php?id=7977


MICROSOFT CENTRALIZES PATCH MANAGEMENT
Microsoft CEO Stave Ballmer introduces new versions of Windows Server
Update Service and Microsoft Update to make it easier for customers to
find and download security patches and software updates.
http://www.net-security.org/news.php?id=7978


SEAGATE'S DRIVE PLANS INCLUDE 500 GBS AND ENCRYPTION
Seagate Technology unveiled its 2005 lineup on Wednesday, which takes
drives to the half-terabyte level and introduces a product family that
encrypts data.
http://www.net-security.org/news.php?id=7979


BRIT HACK SUSPECT FACES EXTRADITION FIGHT
A Briton suspected of hacking into numerous US military and NASA
computers faces an extradition fight following his arrest in London
on Tuesday.
http://www.net-security.org/news.php?id=7980


ISPS FOUND INNOCENT OF AIDING ZOMBIE ATTACKS IN 'TRIAL'
Mock trial determines that ISPs still can do more to protect users.
http://www.net-security.org/news.php?id=7981


BANKING ON SECURITY
On the face of it banks face a conundrum when it comes to on-line
security.
http://www.net-security.org/news.php?id=7982


AT&T'S SECURITY HEAD WEARS MANY HATS
AT&T's Chief Security Information Officer Ed Amoroso recently spoke
with Network World about his job heading up security for one of the
largest telecom companies in the world.
http://www.net-security.org/news.php?id=7983


GNER PRINTS PASSWORDS IN CUSTOMER MAGAZINE
Train operator's mainframe security publicised in photograph.
http://www.net-security.org/news.php?id=7984


VIRUS PHISHES FOR VICTIMS
The creators of the Mytob virus or its variants are trying a new
trick to infect people's computers Ñ phishing.
http://www.net-security.org/news.php?id=7985


BLUETOOTH HACK SHAKES MOBILE SECURITY
Cryptographers have discovered a security flaw in implementations of
Bluetooth which allows hackers to pair their devices with prospective
victims.
http://www.net-security.org/news.php?id=7986


TWO-THIRDS OF FIRMS HAVE INSUFFICIENT PASSWORD SECURITY
Survey reveals IT staff are keeping passwords on post-it notes.
http://www.net-security.org/news.php?id=7987


WHAT TO ASK WHEN EVALUATING INTRUSION-PREVENTION SYSTEMS
An intrusion-prevention system (IPS) is part of an overall security
strategy to protect your network from attack.
http://www.net-security.org/news.php?id=7988


INSECURITY THROUGH OBSCURITY
Security through obscurity is probably one of the oldest tricks in
the security book.
http://www.net-security.org/news.php?id=7989


USING A NETWORK ANALYSER AS A SECURITY TOOL
Every administrator these days has already built strong defences
against hackers and virus attacks.
http://www.net-security.org/news.php?id=7990


SYMANTEC ASK COURT TO RULE HOTBAR.COM AS ADWARE
Symantec has filed suit in defence of its right to produce tools that
classify programs from Hotbar.com as adware.
http://www.net-security.org/news.php?id=7991


IN THE FUTURE, EVERYONE'S PC WILL BE INFECTED FOR 15 MINUTES
Gartner research says "Warhol Worms" and four other topics comprise
the five most overhyped security threats today.
http://www.net-security.org/news.php?id=7992


EVEN TAXI CABS ARE WORRIED ABOUT CONSUMER DATA SECURITY
TNS, a credit card payment service provider, has begun encrypting
consumer data passing across wireless networks.
http://www.net-security.org/news.php?id=7993


BULLETIN BOARD HOSTER LOSES POSTINGS IN HACKER ATTACK
Ezboard, a hosting service to hundreds of thousands of online
bulletin boards, suffered a hacker attack on Memorial Day that
permanently erased countless postings.
http://www.net-security.org/news.php?id=7994


CODE SIGNING: IS IT A SECURITY FEATURE?
In this article, weÕll take a look at how code signing works and
where it fits into your organizationÕs security plan.
http://www.net-security.org/news.php?id=7995


MICROSOFT FIXES HOTMAIL HACK
Malicious web page closed down as Redmond investigates.
http://www.net-security.org/news.php?id=7996


SPYWARE PROBE PI IN HOSPITAL AFTER FALL
A key suspect in a spyware-linked industrial espionage case was
severely injured after falling down a stairwell on Wednesday during a
break in questioning by Israeli police.
http://www.net-security.org/news.php?id=7997


INTEGRATING AND SECURING LINUX WITHOUT A SILVER BULLET
There is no silver bullet for dealing with dynamic Linux issues, but
in this tip, author Peter Harrison offers sage advice for Linux
security and integration.
http://www.net-security.org/news.php?id=7998


"WE THINK LIKE HACKERS" - MICROSOFT
Reports from TechEd, Microsoft's geek fest say that much of what's
going on is around security.
http://www.net-security.org/news.php?id=7999


COMPUTER VIRUSES BECOME HACKER INFORMANTS
vAn emerging breed of computer virus that keeps hackers informed
about the latest weaknesses in computer networks has been discovered
by security experts.
http://www.net-security.org/news.php?id=8000


MICROSOFT WARNS ON SECURITY FIXES
Microsoft has issued an alert about a bumper package of security
updates for Windows.
http://www.net-security.org/news.php?id=8001

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/vulnerabilities.php


----------------------------------------------------------------

YaMT Multiple Option Traversal Arbitrary File Overwrite
http://www.net-security.org/vulnerability.php?id=17250


Siteframe siteframe.php LOCAL_PATH Variable Remote File Inclusion
http://www.net-security.org/vulnerability.php?id=17246


Gaim Malformed MSN Message DoS
http://www.net-security.org/vulnerability.php?id=17237


Cerberus Helpdesk reports.php Path Disclosure
http://www.net-security.org/vulnerability.php?id=17228


Cerberus Helpdesk knowledgebase.php Path Disclosure
http://www.net-security.org/vulnerability.php?id=17229


Cerberus Helpdesk configuration.php Path Disclosure
http://www.net-security.org/vulnerability.php?id=17230


Cerberus Helpdesk index.php errorcode Variable XSS
http://www.net-security.org/vulnerability.php?id=17231


IRIX rpc.mountd Anonymous Access Deny Issue
http://www.net-security.org/vulnerability.php?id=17206


tattle getemails() Arbitrary Remote Command Execution
http://www.net-security.org/vulnerability.php?id=17198


Gibraltar Firewall clamav Anti-Virus Scanning Failure
http://www.net-security.org/vulnerability.php?id=17186


FormularManager Unspecified Security Issues
http://www.net-security.org/vulnerability.php?id=17177


LutelWall Symlink Arbitrary File Create/Overwrite
http://www.net-security.org/vulnerability.php?id=17173


Clavister Firewall ASN.1 Parser IKE Certificate Overflow
http://www.net-security.org/vulnerability.php?id=17184


FlatNuke foot_news.php Direct Request CPU Consumption DoS
http://www.net-security.org/vulnerability.php?id=17165


FlatNuke referer.php Crafted Referer Arbitrary PHP Code Execution
http://www.net-security.org/vulnerability.php?id=17166


FlatNuke help.php Multiple Variable XSS
http://www.net-security.org/vulnerability.php?id=17167


FlatNuke footer.php Multiple Variable XSS
http://www.net-security.org/vulnerability.php?id=17168


FlatNuke index.php where Variable Path Disclosure
http://www.net-security.org/vulnerability.php?id=17169


Sun ONE Application Server Unspecified File Disclosure
http://www.net-security.org/vulnerability.php?id=17146


602LAN SUITE Log File Processing HTML Tag Obfuscation
http://www.net-security.org/vulnerability.php?id=17129


L-Soft LISTSERV Mail Command Output Information Disclosure
http://www.net-security.org/vulnerability.php?id=17112


Lpanel diagnose.php Arbitrary Domain DNS Setting Reset DoS
http://www.net-security.org/vulnerability.php?id=17136


YaPiG upload.php File Extension Validation Failure Arbitrary Command
Execution
http://www.net-security.org/vulnerability.php?id=17115


YaPiG global.php BASE_DIR Variable Local File Inclusion
http://www.net-security.org/vulnerability.php?id=17116


YaPiG last_gallery.php YAPIG_PATH Variable Remote File Inclusion
http://www.net-security.org/vulnerability.php?id=17117


YaPiG view.php Multiple Method/Field XSS
http://www.net-security.org/vulnerability.php?id=17118


YaPiG view.php phid Variable Path Disclosure
http://www.net-security.org/vulnerability.php?id=17119


YaPiG upload.php dir Variable Arbitrary Directory Manipulation
http://www.net-security.org/vulnerability.php?id=17120


YaPiG USE_COOKIES Option Plaintext Authentication Credential Storage
http://www.net-security.org/vulnerability.php?id=17121


RakNet Empty UDP Datagram Remote DoS
http://www.net-security.org/vulnerability.php?id=17125


Microsoft Windows Remote Desktop Protocol (RDP) Private Key
Disclosure
http://www.net-security.org/vulnerability.php?id=17131


Sawmill Unspecified Remote Administrative Privilege Escalation
http://www.net-security.org/vulnerability.php?id=17100


Sawmill Unauthorized License Addition
http://www.net-security.org/vulnerability.php?id=17101


Sawmill Add User Window username Field XSS
http://www.net-security.org/vulnerability.php?id=17102


Sawmill Licensing Page license key Field XSS
http://www.net-security.org/vulnerability.php?id=17103


WWWeb Concepts Events System login.asp Password Field SQL Injection
http://www.net-security.org/vulnerability.php?id=17106

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

OpenPKG Security Advisory - gzip (OpenPKG-SA-2005.009)
http://www.net-security.org/advisory.php?id=4889


OpenPKG Security Advisory - openpkg (OpenPKG-SA-2005.010)
http://www.net-security.org/advisory.php?id=4888


OpenPKG Security Advisory - bzip2 (OpenPKG-SA-2005.008)
http://www.net-security.org/advisory.php?id=4887


OpenPKG Security Advisory - cvs (OpenPKG-SA-2005.007)
http://www.net-security.org/advisory.php?id=4886


SUSE Security Announcement - SUSE Security Summary Report
(SUSE-SR:2005:015)
http://www.net-security.org/advisory.php?id=4885


Ubuntu Security Notice - gaim vulnerability (USN-139-1)
http://www.net-security.org/advisory.php?id=4884


Mandriva Linux Security Update Advisory - wget (MDKSA-2005:098)
http://www.net-security.org/advisory.php?id=4883


Ubuntu Security Notice - gedit vulnerability (USN-138-1)
http://www.net-security.org/advisory.php?id=4882


SUSE Security Announcement - MozillaFirefox (SUSE-SA:2005:030)
http://www.net-security.org/advisory.php?id=4880


SUSE Security Announcement - kernel (SUSE-SA:2005:029)
http://www.net-security.org/advisory.php?id=4879


FreeBSD Security Advisory - BIND 9 DNSSEC remote denial of service
vulnerability (FreeBSD-SA-05:12.bind9)
http://www.net-security.org/advisory.php?id=4878


FreeBSD Security Advisory - gzip directory traversal and permission
race vulnerabilities (FreeBSD-SA-05:11.gzip)
http://www.net-security.org/advisory.php?id=4877


FreeBSD Security Advisory - Infinite loops in tcpdump protocol
decoding (FreeBSD-SA-05:10.tcpdump)
http://www.net-security.org/advisory.php?id=4876


Conectiva Linux Security Announcement - gaim (CLA-2005:964)
http://www.net-security.org/advisory.php?id=4875


Ubuntu Security Notice - linux-source-2.6.10, linux-source-2.6.8.1
vulnerabilities (USN-137-1)
http://www.net-security.org/advisory.php?id=4874


SGI Security Advisory - rpc.mountd security issues in IRIX
6.5.25-6.5.27 (20050601-01-P)
http://www.net-security.org/advisory.php?id=4873


SCO Security Advisory - UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1
: wu-ftp denial of service (SCOSA-2005.28)
http://www.net-security.org/advisory.php?id=4872


SCO Security Advisory - UnixWare 7.1.4 : MySQL updated MySQL (version
4.1.11) fixes security issues (SCOSA-2005.27)
http://www.net-security.org/advisory.php?id=4871


Mandriva Linux Security Update Advisory - a2ps (MDKSA-2005:097)
http://www.net-security.org/advisory.php?id=4870


Mandriva Linux Security Update Advisory - openssl (MDKSA-2005:096)
http://www.net-security.org/advisory.php?id=4869


Conectiva Linux Security Announcement - php4 (CLA-2005:961)
http://www.net-security.org/advisory.php?id=4868


Conectiva Linux Security Announcement - krb5 (CLA-2005:962)
http://www.net-security.org/advisory.php?id=4867


Conectiva Linux Security Announcement - ethereal (CLA-2005:963)
http://www.net-security.org/advisory.php?id=4866


Fedora Legacy Update Advisory - Updated kernel packages fix security
issues (FLSA:152532)
http://www.net-security.org/advisory.php?id=4865


Debian Security Advisory - krb4 (DSA 731-1)
http://www.net-security.org/advisory.php?id=4864


Conectiva Linux Security Announcement - libexif (CLA-2005:960)
http://www.net-security.org/advisory.php?id=4863


Conectiva Linux Security Announcement - sasl2 (CLA-2005:959)
http://www.net-security.org/advisory.php?id=4862


Mandriva Linux Security Update Advisory - xine-lib (MDKSA-2005:094)
http://www.net-security.org/advisory.php?id=4861


Mandriva Linux Security Update Advisory - postgresql (MDKSA-2005:093)
http://www.net-security.org/advisory.php?id=4860

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org


----------------------------------------------------------------

HOW WELL DO YOU KNOW YOUR PARTNER?
This is an opinion piece with 8 helpful hints and tips on how to
avoid becoming a victim of industrial espionage and malicious
hackers.
http://www.net-security.org/article.php?id=795

----------------------------------------------------------------




[ Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2

Pocket PC software is located at:
http://net-security.org/software_main.php?cat=3


----------------------------------------------------------------

CONFIDENTIAL NOTES 1.0 (Pocket PC)
Confidential Notes is a practical and easy to use solution that
increases your productivity and provides you with a high level of
security for your mobile data.
http://www.net-security.org/software.php?id=632


DANTE 1.1.16 (Linux)
Dante is a circuit-level firewall/proxy that can be used to provide
convenient and secure network connectivity to a wide range of hosts.
http://www.net-security.org/software.php?id=43


MARADNS 1.1.40 (Linux)
MaraDNS is a DNS server that strives to be secure and fully
open-sourced.
http://www.net-security.org/software.php?id=84


MIMEDEFANG 2.52 (Linux)
MIMEDefang is a flexible MIME email scanner designed to protect
Windows clients from viruses.
http://www.net-security.org/software.php?id=214


NESSQUICK 0.05 (Linux)
 nessQuick is a quick PERL hack that pulls Nessus scan results from
the .nbe file and imports that information into a MySQL database.
There is another script to generate a quick'n dirty report.
http://www.net-security.org/software.php?id=270


NUFW 1.0.7 (Linux)
NuFW is an "authenticating gateway". This means it requires
authentication for any connections to be forwarded through the
gateway.
http://www.net-security.org/software.php?id=526


SECURE DATA MANAGER 2.1.0 (Windows)
The SDM application was created to help you manage your passwords and
other private information for web sites, computers, and other programs
within one secure application.
http://www.net-security.org/software.php?id=437


SHOREWALL 2.4.0 (Linux)
Shorewall is an iptables based firewall that can be used on a
dedicated firewall system, a multi-function masquerade gateway/server
or on a standalone Linux system.
http://www.net-security.org/software.php?id=40


TINYCA 0.7.0 (Linux)
TinyCA is a simple graphical user interface to manage a small CA
(Certification Authority).
http://www.net-security.org/software.php?id=308


VUURMUUR 0.5.67 (Linux)
Vuurmuur is a middle-end/front-end for netfilter/iptables.
http://www.net-security.org/software.php?id=591

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at:
http://net-security.org/webcasts.php


----------------------------------------------------------------

Spyware Protection for Small Business
Organized by Symantec on 14 June 2005, 9:00 AM
http://www.net-security.org/webcast.php?id=377


Architecting Your 802.1x-Based WLAN Deployment
Organized by Funk Software on 14 June 2005, 1:00 PM
http://www.net-security.org/webcast.php?id=297


Securing the Requirements and Design Phases of the Application
Development Lifecycle
Organized by Symantec on 16 June 2005, 9:00 AM
http://www.net-security.org/webcast.php?id=378


Correlating Vulnerability and Attack Data to Improve Enterprise
Security
Organized by Symantec on 21 June 2005, 9:00 AM
http://www.net-security.org/webcast.php?id=379


The Basics of WLAN Security
Organized by Funk Software on 21 June 2005, 1:00 PM
http://www.net-security.org/webcast.php?id=275


The Future of Authentication
Organized by RSA Security on 29 June 2005, 2:00 PM
http://www.net-security.org/webcast.php?id=380


eEye and IIS Ð Implementing a Multi-Layered Security Solution to Best
Address Spyware, Phishing and Zero Day Attacks
Organized by eEye on 14 July 2005, 2:00 PM
http://www.net-security.org/webcast.php?id=376

----------------------------------------------------------------




[ Conferences ]


All conferences are located at:
http://net-security.org/conferences.php


----------------------------------------------------------------

Second European PKI Workshop
Organized by University of Salford - 30 June-1 July 2005
http://www.net-security.org/conference.php?id=118


SIG SIDAR Conference on Detection of Intrusions and Malware &
Vulnerability Assessment (DIMVA 2005)
Organized by German Informatics Society - 7 July-8 July 2005
http://www.net-security.org/conference.php?id=119


The 4th European Conference on Information Warfare and Security (ECIW
2005)
Organized by Academic Conferences International - 11 July-15 July
2005
http://www.net-security.org/conference.php?id=120


The 32nd International Colloquium on Automata, Languages and
Programming (ICALP'05)
Organized by European Association for Theoretical Computer Science -
11 July-15 July 2005
http://www.net-security.org/conference.php?id=121


Black Hat Briefings & Training USA 2005
Organized by Black Hat - 23 July-28 July 2005
http://www.net-security.org/conference.php?id=138


14th USENIX Security Symposium
Organized by USENIX - 31 July-5 August 2005
http://www.net-security.org/conference.php?id=136


Crypto 2005
Organized by International Association for Cryptologic Research - 14
August-18 August 2005
http://www.net-security.org/conference.php?id=122


8th Information Security Conference(ISC'05)
Organized by Institute for Infocomm Research - 21 September-23
September 2005
http://www.net-security.org/conference.php?id=123


The 4th International Workshop for Applied PKI (IWAP'05)
Organized by Institute for Infocomm Research - 21 September-23
September 2005
http://www.net-security.org/conference.php?id=124


RSA Conference Europe 2005
Organized by RSA Conference - 17 October-19 October 2005
http://www.net-security.org/conference.php?id=133


CNIS 2005: IASTED International Conference on Communication, Network
and Information Security
Organized by IASTED - 14 November-16 November 2005
http://www.net-security.org/conference.php?id=137


Asiacrypt 2005
Organized by International Association for Cryptologic Research - 1
December-4 December 2005
http://www.net-security.org/conference.php?id=125

----------------------------------------------------------------




[ Security World ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org


----------------------------------------------------------------

Kaspersky Lab Releases Kaspersky Anti-Virus 5.5 for Microsoft
Exchange Server 2000/2003
http://www.net-security.org/press.php?id=3228


BeCrypt Opens US office
http://www.net-security.org/press.php?id=3227


Utimaco Combines its Solutions with Brand New Hardware-Based Hard
Disk Encryption System from Seagate
http://www.net-security.org/press.php?id=3226


South Essex Partnership NHS Trust Uses Sophos To Secure Networks
http://www.net-security.org/press.php?id=3225


Deny All Puts Its Partner Programme In The Starting Blocks
http://www.net-security.org/press.php?id=3224


visNotes for Pocket PC - the encrypted memo for everyone
http://www.net-security.org/press.php?id=3223


O'Reilly Releases "802.11 Wireless Networks: The Definitive Guide,
Second Edition"
http://www.net-security.org/press.php?id=3222


AEP Networks' Netilla Security Platform SSL VPN Achieves
Certification from Virtual Private Network Consortium
http://www.net-security.org/press.php?id=3221


Lucid Security CTO Vik Phatak, Information Security Industry Expert
Tom Bowers to Spotlight Asset-Centric Security at CSI Netsec 2005
http://www.net-security.org/press.php?id=3220


eSafe 5 Offers Powerful New Approach To Enterprise Spyware Protection
http://www.net-security.org/press.php?id=3219


Senforce Partners WITH iPASS to Advance Endpoint Security Policy
Enforcements
http://www.net-security.org/press.php?id=3218


Tablus Announces Industry's First Comprehensive Solution for
Preventing Confidentiality Breaches at Critical Enterprise Exit
Points
http://www.net-security.org/press.php?id=3217


Tesco Internet Access Chooses F-Secure for Subscriber Anti-Virus and
Internet Security Solutions
http://www.net-security.org/press.php?id=3216


Red Earth Software releases Policy Patrol Web for Microsoft ISA
Server
http://www.net-security.org/press.php?id=3215


BigFix, Senforce Partnership Expands Endpoint Security Management For
Distributed Enterprises
http://www.net-security.org/press.php?id=3214


Senforce Partners WITH iPASS to Advance Endpoint Security Policy
Enforcement
http://www.net-security.org/press.php?id=3213


Forum Systems Introduces XWall Web Services Firewall for Microsoft
Exchange Server 2003
http://www.net-security.org/press.php?id=3212


CISA Certification Recognized by National Stock Exchange of India
http://www.net-security.org/press.php?id=3211


Application Security, Inc. Announces Alliance with Internet Security
Systems to Provide Best-in-Class Database Security Solutions
http://www.net-security.org/press.php?id=3210


Aruba Delivers The Industry's First Network-Based On-Demand Security
Solution
http://www.net-security.org/press.php?id=3209

----------------------------------------------------------------




[ Virus News ]


All virus news are located at:
http://www.net-security.org/viruses.php


----------------------------------------------------------------

Weekly Report on Viruses and Intruders - Amplusnet; two Trojans,
Mytob.EN and Downloader.CZR, Mytob.EP, and Bobax.AO, Smitfraud and
Smitfraud.A
http://www.net-security.org/virus_news.php?id=556


Latest Mytob worms use a new trick to fool users
http://www.net-security.org/virus_news.php?id=555

----------------------------------------------------------------


Questions, contributions, comments or ideas go to:

Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
BLACK HAT BRIEFINGS & TRAINING USA
----------------------------------------------------------------
Attend the Black Hat Briefings & Training USA, July 23-28, 
2005 in Las Vegas. World renowned security experts reveal 
tomorrowÕs threats today. Free of vendor pitches, the 
Briefings are designed to be pragmatic regardless of your 
security environment. Featuring 29 hands-on training courses 
and 10 conference, networking opportunities with over 2,000 
delegates from 30+ nations.
----------------------------------------------------------------
http://www.blackhat.com
----------------------------------------------------------------