HNS Newsletter
Issue 352 - 29.01.2007.
http://www.net-security.org

===========================================
ADVERTISEMENT: GFI SECURITY PRODUCTS
===========================================

Control entry & exit of data on your network with GFI
EndPointSecurity. FREE evaluation available at:
http://www.gfi.com/adentry.asp?adv=62&loc=33

Network & server monitoring made easy with GFI Network
Server Monitor. FREE trial available at:
http://www.gfi.com/adentry.asp?adv=62&loc=25

===========================================


Table of contents:

1) Security news
2) Advisories
3) Articles
4) Software
5) Conferences
6) Security World
7) Virus News


[ Security news ]


----------------------------------------------------------------

WINDOWS VISTA CONTENT PROTECTION - TWENTY QUESTIONS AND ANSWERS
A conversation has cropped up since the recent publication of a paper
scrutinizing how Windows handles digital rights management, especially
for HD video.
http://www.net-security.org/news.php?id=13316


CHINESE PROFESSOR CRACKS FIFTH DATA ENCRYPTION ALGORITHM
In five years, the U.S. government will cease to use SHA-1 and
convert to a new and more advanced computer data encryption.
http://www.net-security.org/news.php?id=13317


NEW SECURE VPN TUNNELING PROTOCOL IN THE WORKS AT MICROSOFT
SSTP intended for remote access.
http://www.net-security.org/news.php?id=13318


IPOD: NEW THREAT WHEN IT COMES TO MOBILE SECURITY
Manging mobility requires planning, says Ephraim Schwartz.
http://www.net-security.org/news.php?id=13319


HOST MULTIPLE APACHE SSL WEB SITES ON A SINGLE NETWORK CARD WITH IP
ALIASING
The interest in using SSL and name-based virtual hosts together is on
the increase. Some people will tell you that such a thing is
impossible, but you can implement virtual hosts in Apache through
IP-based virtual hosts. In this article, John Liao and Jim Miles show
you how.
http://www.net-security.org/news.php?id=13320


THE GROWING THREAT OF COLLATERAL HACKING
Collateral hacking occurs when an entity trusted with critical data
is compromised.
http://www.net-security.org/news.php?id=13321


RFID IN THE SUPPLY CHAIN ⓠA NEW DEMAND FOR AVAILABILITY
Using data from their RFID tags, organisations can use this
information to get a better insight into their manufacturing
processes. Examples of how this information could be used include,
monitoring the level of components compared to levels of completed
goods for sale or demonstrating how all the stages of the
manufacturing process are working.
http://www.net-security.org/news.php?id=13322


HACKERS STEAL FROM CUSTOMERS OF US FEDERAL SAVINGS PLAN
Keylogging software allowed criminals to record all keystrokes made
by savings plan participants.
http://www.net-security.org/news.php?id=13323


WHY ANTIVIRUS TECHNOLOGY IS INEFFECTIVE
Many malware blockers are inadequate because they target only known
intruders, but there's hope in new security products.
http://www.net-security.org/news.php?id=13324


ABA SLAMS REPORTS IT WANTS CUSTOMERS LIABLE FOR ONLINE SECURITY
Australian Banking Association (ABA) chief executive David Bell has
slammed misleading reports that member banks have been lobbying the
Australian Securities and Investment Commission (ASIC) to make
customers liable for Internet banking fraud.
http://www.net-security.org/news.php?id=13325


RESEARCHER SAYS PATCHGUARD CHANGES HELPED MICROSOFT
Microsoft has come under fire for quietly releasing a fix to its
PatchGuard kernel protection software in order to improve the
performance of its Virtual Server 2005 product.
http://www.net-security.org/news.php?id=13326


THE CROSS-SITE REQUEST FORGERY (CSRF/XSRF) FAQ
This paper serves as a living document for Cross-Site Request Forgery
issues. This document will serve as a repository of information from
existing papers, talks, and mailing list postings and will be updated
as new information is discovered.
http://www.net-security.org/news.php?id=13327


VISTA COPY PROTECTION IS DEFENDED
Microsoft has defended the digital rights management systems
integrated into its new Vista operating system.
http://www.net-security.org/news.php?id=13328


WIDGETS: THE NEXT BIG SECURITY THREAT?
Desktop gadgets and widgets that display system information and other
data, like weather forecasts, are becoming so popular they could
become the next big security threat, says Eric Chien, security
response engineer at Symantec.
http://www.net-security.org/news.php?id=13329


VISTA SERVICE PACK 1 IS COMING
Reckon you won't upgrade to Vista until the first service pack is
released? That's looking likely to be the second half of this year,
according to Microsoft's latest email blast.
http://www.net-security.org/news.php?id=13330


HACKERS TO TARGET MOBILE BANKING, STUDY SAYS
This year could see a sharp rise in hacker attacks on
Internet-enabled smartphones as a number of new banking and payment
initiatives enter the mobile channel.
http://www.net-security.org/news.php?id=13331


MALWARE MORE COMPATIBLE WITH VISTA THAN ANTI-MALWARE PRODUCTS
Malware writers appear to be much further along in developing malware
for Vista than the security industry is in making products to protect
the new operating system.
http://www.net-security.org/news.php?id=13332


STEP BY SECURE STEP: NETWORK SECURITY PLANNING
With a little prioritization, setting up a network security plan
doesn't have to eat up all your time.
http://www.net-security.org/news.php?id=13333


NOLISTING - POOR MAN'S GREYLISTING
Nolisting fights spam by specifying a primary MX that is always
unavailable.
http://www.net-security.org/news.php?id=13334


GOOGLE ADMITS TO USER DATA DISCLOSURE
Anti-phishing list logged user names and passwords.
http://www.net-security.org/news.php?id=13335


BLU-RAY DRM DEFEATED
The copy protection technology used by Blu-ray discs has been cracked
by the same hacker who broke the DRM technology of rival HD DVD discs
last month.


http://www.net-security.org/news.php?id=13336


TANGLING WITH IDENTITY MANAGEMENT? THERE'S HELP
Portal designed to aid developers building identity-based apps.
http://www.net-security.org/news.php?id=13337


FRAUD AND HACKS: PREVENTION AND RECOVERY
It is officially open-season on small businesses.
http://www.net-security.org/news.php?id=13338


ONE HACKER KIT ACCOUNTS FOR 71% OF ATTACKS
The "Q406 Roll-up" is a security headache because the exploits are
heavily encrypted, say experts.
http://www.net-security.org/news.php?id=13339


ASKING FOR CREDENTIALS FROM IT
If you are not part of the IT group, you may have to ask someone for
the right credentials to perform patch and configuration audits with
Nessus. This blog entry will offer some advice and strategies to
consider when attempting to obtain access to the devices for
auditing.
http://www.net-security.org/news.php?id=13340


HILLARY: THE PRIVACY CANDIDATE?
The New York Democrat has clearly staked out her positions on the
esoteric subject, and they're sending electronic civil libertarians'
hearts a twitter.
http://www.net-security.org/news.php?id=13341


APPLE RELEASES 'HIGHLY CRITICAL' QUICKTIME PATCH
Apple has patched a 'highly critical' vulnerability in QuickTime for
both Mac OS X and Windows.
http://www.net-security.org/news.php?id=13342


UK FIRMS NAIVE TO USB STICK DANGERS
Half of UK companies are prepared to put their network security at
risk by inserting a USB stick posing as a party invitation, according
to research published this week.
http://www.net-security.org/news.php?id=13343


HIGH-TECH CRIME UNITS LACK CENTRAL SUPPORT
Technology crime is low on local police force agendas.
http://www.net-security.org/news.php?id=13344


TIME TO REBOOT THE INTERNET AGAIN
Cisco, the company whose hardware routers are responsible for
handling the majority of the world's Internet traffic, today issued
patches to fix at least three very serious security holes in its
products.
http://www.net-security.org/news.php?id=13345


PRIVACY BOARD WON'T SHARE DOCUMENTS
The White House Privacy and Civil Liberties Board responded to Wired
News's request for documents about its briefings on the board's
knowledge of the government's warrantless wiretapping of Americans
and is refusing to release any records.
http://www.net-security.org/news.php?id=13346


MASSACHUSETTS' TOP PROSECUTOR LAUGHS OFF CREDIT CARD FRAUD
Any would-be credit-card thieves will be cheered by the news that
Massachusetts' chief prosecutor reckons the chances of catching
crooks who steal credit card details to make purchases online are
next to nil - even when they're attempting to defraud the attourney
general herself.
http://www.net-security.org/news.php?id=13347


HIDE DATA IN FILES WITH EASY STEGANOGRAPHY TOOLS
The digital equivalent of invisible ink is steganography software,
apps that embed files and data inside other files, hidden from
everyone who doesn't know any better.
http://www.net-security.org/news.php?id=13348


ACTIVEX FLAW COULD AFFECT UP TO 70 APPS
Vulnerable third-party component used by more than 20 vendors.
http://www.net-security.org/news.php?id=13349


CRACKING THE ENCRYPTION OF A WINDOWS MOBILE APPLICATION
While the visual and operational functions of a program are easy to
rate, many software components are hidden away inside the blackbox of
the executable.
http://www.net-security.org/news.php?id=13350


IN PRAISE OF SECURITY THEATER
While visiting some friends and their new baby in the hospital last
week, I noticed an interesting bit of security.
http://www.net-security.org/news.php?id=13351


BUG BROKERS OFFERING HIGHER BOUNTIES
Adriel Desautels aims to be the go-to guy for researchers that want
to sell information regarding serious security vulnerabilities.
http://www.net-security.org/news.php?id=13352


CONCERN OVER NET SECURITY PATCHES
The firm that makes hardware for much of the backbone of the internet
has released three patches for security holes in its products.
http://www.net-security.org/news.php?id=13353


SUBSTITUTE TEACHER FACES JAIL TIME OVER SPYWARE
A 40-year-old former substitute teacher from Connecticut is facing
prison time following her conviction for endangering students by
exposing them to pornographic material displayed on a classroom
computer.
http://www.net-security.org/news.php?id=13354


MICHIGAN TREASURER FALLS FOR NIGERIAN SCAM
A public treasurer in the Michigan county of Alcona stands accused of
embezzling tax payers out of more than $1.2m, at least part of which
was used to cover costs he incurred falling for a Nigerian banking
fraud.
http://www.net-security.org/news.php?id=13355


SYMANTEC STORAGE REVENUE DOWN; JOB CUTS AHEAD
With sales of its storage software dropping, Symantec Corp. plans to
lay off some of its staff as part of an effort to cut $200 million in
expenses.
http://www.net-security.org/news.php?id=13356


WHY PIRATED VISTA HAS MICROSOFT CHAMPING AT THE BITTORRENT
On the eve of launch, P2P networks unnerve the software giant.
http://www.net-security.org/news.php?id=13357


CONVICTED COP KILLER STOLE PA. MAN'S IDENTITY
Thief stole money from bank account, purchased a used Cadillac
Escalade.
http://www.net-security.org/news.php?id=13358


BREACHES: BOARDS NEED TO WAKE UP
The first reports of fraud using data stolen from retail giant TJX in
December started to trickle in last week, and many observers fear a
torrent will develop.
http://www.net-security.org/news.php?id=13359


HI-DEF DVD SECURITY IS BYPASSED
The encryption on high-definition DVDs has been bypassed, the
consortium backing the copy protection system on discs has confirmed.
http://www.net-security.org/news.php?id=13360


SECURITY NO MATTER WHAT THE OS
Running a "more secure" operating system doesn't excuse you from
basic security management.
http://www.net-security.org/news.php?id=13361


HACKERS ACTIVELY EXPLOIT NEW MICROSOFT WORD FLAW
The new Microsoft Word threat, which Symantec has labeled
Trojan.Mdropper.W, relies on a certain execution vulnerability to
install files onto a compromised computer. When an infected Word
document is opened, it drops a Trojan onto the computer to give the
malicious hackers remote access to the machine.
http://www.net-security.org/news.php?id=13362


SSL SECURES VNC APPLICATIONS
SSL provides a novel mechanism for convenient, secure access of
remote desktops with VNC and standard Web browsers.
http://www.net-security.org/news.php?id=13363

----------------------------------------------------------------

===========================================
ADVERTISEMENT: GFI SECURITY PRODUCTS
===========================================

Control entry & exit of data on your network with GFI
EndPointSecurity. FREE evaluation available at:
http://www.gfi.com/adentry.asp?adv=62&loc=33

Network & server monitoring made easy with GFI Network
Server Monitor. FREE trial available at:
http://www.gfi.com/adentry.asp?adv=62&loc=25

===========================================


[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

OpenPKG Security Advisory - bind (OpenPKG-SA-2007.007)
http://www.net-security.org/advisory.php?id=7165


Debian Security Advisory - mozilla-firefox (DSA 1253-1 )
http://www.net-security.org/advisory.php?id=7164


Debian Security Advisory - vlc (DSA 1252-1 )
http://www.net-security.org/advisory.php?id=7163


Slackware Security Advisory - bind (SSA:2007-026-01)
http://www.net-security.org/advisory.php?id=7162


Mandriva Linux Security Update Advisory - libsoup (MDKSA-2007:029)
http://www.net-security.org/advisory.php?id=7161


Mandriva Linux Security Update Advisory - ulogd (MDKSA-2007:028)
http://www.net-security.org/advisory.php?id=7160


Ubuntu Security Notice - firefox regression (USN-398-4 )
http://www.net-security.org/advisory.php?id=7159


SUSE Security Announcement - SUSE Security Summary Report
(SUSE-SR:2007:002)
http://www.net-security.org/advisory.php?id=7158


Mandriva Linux Security Update Advisory -
xine-ui,xine-lib,xine-extra,xine-devel (MDKSA-2007:027)
http://www.net-security.org/advisory.php?id=7157


Ubuntu Security Notice - tetex-bin vulnerability (USN-410-2 )
http://www.net-security.org/advisory.php?id=7156


Apple Security Update - AirPort Extreme Update (APPLE-SA-2007-01-25)
http://www.net-security.org/advisory.php?id=7155


US-CERT Technical Cyber Security Alert - Cisco IOS is Affected by
Multiple Vulnerabilities (TA07-024A)
http://www.net-security.org/advisory.php?id=7154


Ubuntu Security Notice - squid vulnerabilities (USN-414-1)
http://www.net-security.org/advisory.php?id=7153


Slackware Security Advisory - fetchmail vulnerability
(SSA:2007-024-01)
http://www.net-security.org/advisory.php?id=7152


Cisco Security Advisory - Crafted IP Option Vulnerability
(cisco-sa-20070124-crafted-ip-option)
http://www.net-security.org/advisory.php?id=7151


Cisco Security Advisory - Crafted TCP Packet Can Cause Denial of
Service (cisco-sa-20070124-crafted-tcp)
http://www.net-security.org/advisory.php?id=7150


Cisco Security Advisory - IPv6 Routing Header Vulnerability
(cisco-sa-20070124-IOS-IPv6)
http://www.net-security.org/advisory.php?id=7149


Cisco Security Advisory - Cisco Security Advisory: Crafted TCP Packet
Can Cause Denial of Service (cisco-sa-20070124-crafted-tcp)
http://www.net-security.org/advisory.php?id=7148


Turbolinux Security Announcement - Two vulnerabilities discovered in
Ruby (24/Jan/2007)
http://www.net-security.org/advisory.php?id=7147


Ubuntu Security Notice - bluez-utils vulnerability (USN-413-1)
http://www.net-security.org/advisory.php?id=7146


Ubuntu Security Notice - geoip vulnerability (USN-412-1)
http://www.net-security.org/advisory.php?id=7145


Mandriva Linux Security Update Advisory - squid (MDKSA-2007:026)
http://www.net-security.org/advisory.php?id=7144


Mandriva Linux Security Update Advisory - proftpd (MDKSA-2006:217-2)
http://www.net-security.org/advisory.php?id=7143


Ubuntu Security Notice - libsoup vulnerability (USN-411-1 )
http://www.net-security.org/advisory.php?id=7142


Apple Security Update -  Security Update 2007-001
(APPLE-SA-2007-01-23)
http://www.net-security.org/advisory.php?id=7141


Mandriva Linux Security Update Advisory - kernel (MDKSA-2007:025)
http://www.net-security.org/advisory.php?id=7140


SUSE Security Announcement - xine-ui,xine-lib,xine-extra,xine-devel
(SUSE-SA:2007:013)
http://www.net-security.org/advisory.php?id=7139


SUSE Security Announcement - squid (SUSE-SA:2007:012)
http://www.net-security.org/advisory.php?id=7138


SUSE Security Announcement - acroread (SUSE-SA:2007:011)
http://www.net-security.org/advisory.php?id=7137

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org


----------------------------------------------------------------

RFID IN THE SUPPLY CHAIN ⓠA NEW DEMAND FOR AVAILABILITY
Knowing where items are in your supply chain is crucial to
maintaining an efficient manufacturing process, and anything that can
improve and automate this process is always hailed as the âœnext big
thingâ. Radio Frequency Identification tagging, or RFID for short, is
one of the technologies that organisations are evaluating with this in
mind.
http://www.net-security.org/article.php?id=974

----------------------------------------------------------------




[ Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2

Pocket PC software is located at:
http://net-security.org/software_main.php?cat=3

Mac OS X software is located at:
http://net-security.org/software_main.php?cat=5


----------------------------------------------------------------

IPKUNGFU 0.6.1 (Linux)
IPKungFu is a script aiming to simplify the configuration of your
firewall/NAT/port forwarding.
http://www.net-security.org/software.php?id=326


NAGIOS 2.7 (Linux)
Nagios is a host and service monitor designed to inform you of
network problems before your clients, end-users or managers do.
http://www.net-security.org/software.php?id=279


SAMHAIN 2.3.1 (Linux)
Samhain is an open source file integrity and host-based intrusion
detection system.
http://www.net-security.org/software.php?id=125


SNORTALOG 2.4.1 (Linux)
Snortalog is a powerful perl script that summarize Snort logs making
an easy view of what attacks are being seen through your network.
http://www.net-security.org/software.php?id=455

----------------------------------------------------------------




[ Conferences ]


All conferences are located at:
http://net-security.org/conferences.php


----------------------------------------------------------------

RSA Conference 2007
Organized by RSA Security - 5 February-9 February 2007
http://www.net-security.org/conference.php?id=168


InfoSecurity Italia 2007
Organized by Reed Exhibitions - 6 February-8 February 2007
http://www.net-security.org/conference.php?id=188


43rd Munich Conference on Security Policy
Organized by Munich Conference - 9 February-11 February 2007
http://www.net-security.org/conference.php?id=203


SCALE 5x: Southern California Linux Expo
Organized by SCALE - 10 February-11 February 2007
http://www.net-security.org/conference.php?id=210


Financial Cryptography and Data Security '07
Organized by International Financial Cryptography Association - 12
February-15 February 2007
http://www.net-security.org/conference.php?id=194


Usable Security (USEC'07)
Organized by International Financial Cryptography Association - 15
February-16 February 2007
http://www.net-security.org/conference.php?id=195


Fourth IACR Theory of Cryptography Conference TCC 2007
Organized by IACR - 21 February-24 February 2007
http://www.net-security.org/conference.php?id=204


Black Hat DC Briefings & Trainings 2007
Organized by Black Hat - 26 February-1 March 2007
http://www.net-security.org/conference.php?id=193


The 14th Annual Network & Distributed System Security Symposium
Organized by ISOC - 28 February-2 March 2007
http://www.net-security.org/conference.php?id=205


InfoSec World Conference & Expo 2007
Organized by MIS Training Institute - 19 March-21 March 2007
http://www.net-security.org/conference.php?id=209


2007 ACM Symposium on Information, Computer and Communications
Security (ASIACCS'07)
Organized by  - 20 March-22 March 2007
http://www.net-security.org/conference.php?id=196


WebSec Conference 2007
Organized by MIS Training Institute - 26 March-30 March 2007
http://www.net-security.org/conference.php?id=208


Black Hat Europe 2007
Organized by Black Hat - 27 March-30 March 2007
http://www.net-security.org/conference.php?id=206


Business Continuity ⓠthe Risk Management Expo 2007
Organized by Reed Exhibitions - 28 March-29 March 2007
http://www.net-security.org/conference.php?id=185


ARES Conference 2007
Organized by In cooperation with ENISA - 10 April-13 April 2007
http://www.net-security.org/conference.php?id=197

----------------------------------------------------------------

===========================================
ADVERTISEMENT: GFI SECURITY PRODUCTS
===========================================

Control entry & exit of data on your network with GFI
EndPointSecurity. FREE evaluation available at:
http://www.gfi.com/adentry.asp?adv=62&loc=33

Network & server monitoring made easy with GFI Network
Server Monitor. FREE trial available at:
http://www.gfi.com/adentry.asp?adv=62&loc=25

===========================================


[ Security World ]


All security world articles are located at:
http://www.net-security.org/secworld_main.php

Send your press releases to press@net-security.org


----------------------------------------------------------------

Findings of "Annual Consumer Online Fraud Survey"
http://www.net-security.org/secworld.php?id=4665


XIRINGâ™s latest connected smart card reader receives Windows Vista
certification
http://www.net-security.org/secworld.php?id=4664


Harvard's University Information Services division deploys the PGP
Encryption platform 
http://www.net-security.org/secworld.php?id=4663


Comodo Firewall goes pro but remains free
http://www.net-security.org/secworld.php?id=4662


Potential weaknesses in Vista malware protection
http://www.net-security.org/secworld.php?id=4661


US county treasurer arrested after stealing money to pay scammers
http://www.net-security.org/secworld.php?id=4660


Next-generation smart card authentication solution with Bluetooth
connectivity
http://www.net-security.org/secworld.php?id=4659


Fortinet unifies networking and security with FortiGate-224B
http://www.net-security.org/secworld.php?id=4658


Bluefire announces technology licensing agreement with Symantec
http://www.net-security.org/secworld.php?id=4657


WhiteHat Security kicks off 2007 with record growth and momentum
http://www.net-security.org/secworld.php?id=4656


Security Management Solution 2.7.2 enhances forensic investigations
of security events
http://www.net-security.org/secworld.php?id=4655


GFI MailEssentials awarded Checkmark Premium Certification
http://www.net-security.org/secworld.php?id=4654


Smart Restart, security solution for home users
http://www.net-security.org/secworld.php?id=4653


Skybox Security achieves OPSEC certification
http://www.net-security.org/secworld.php?id=4652


VoIP security trends and predictions for 2007
http://www.net-security.org/secworld.php?id=4651


Advanced email security for IBM Lotus Notes
http://www.net-security.org/secworld.php?id=4650


Bitdefender unveils powerful security protection for Microsoft
Windows Vista
http://www.net-security.org/secworld.php?id=4649


Check Point VPN-1 POWER VSX NGX reduces costs by virtualizing network
security
http://www.net-security.org/secworld.php?id=4648


Yoggie Security Systems receives an investment by Silicom Ventures
http://www.net-security.org/secworld.php?id=4647


SafeScreen for Windows Vista supports Microsoft's Family Safety
efforts
http://www.net-security.org/secworld.php?id=4646


AEP NACpoint now shipping
http://www.net-security.org/secworld.php?id=4645


Panda Software protects  Windows Vista users
http://www.net-security.org/secworld.php?id=4644


Pointsec releases with Pointsec Device Protector
http://www.net-security.org/secworld.php?id=4643


MicroWorld releases MailScan 5.0
http://www.net-security.org/secworld.php?id=4642

----------------------------------------------------------------

===========================================
ADVERTISEMENT: GFI SECURITY PRODUCTS
===========================================

Control entry & exit of data on your network with GFI
EndPointSecurity. FREE evaluation available at:
http://www.gfi.com/adentry.asp?adv=62&loc=33

Network & server monitoring made easy with GFI Network
Server Monitor. FREE trial available at:
http://www.gfi.com/adentry.asp?adv=62&loc=25

===========================================


[ Virus News ]


All virus news are located at:
http://www.net-security.org/viruses.php


----------------------------------------------------------------

Week in review:  Alanchum.NX and Cimuz.CM trojans and the Nuwar.D
worm
http://www.net-security.org/virus_news.php?id=740


Storm malware turns amorous in major new attack
http://www.net-security.org/virus_news.php?id=739


Findings from Security Threat Report 2007
http://www.net-security.org/virus_news.php?id=738


This Trojan talks about missiles, comes like a storm
http://www.net-security.org/virus_news.php?id=737

----------------------------------------------------------------





Questions, contributions, comments or ideas go to:

Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php