HNS Newsletter Issue 428 - 21.07.2008 http://www.net-security.org ================================================================ PCI Compliance 2008: What You Need To Know ================================================================ This 10-minute webcast briefing focuses excusively on key facts you need to know as a PCI Merchant. When: Thursday, July 31 at 11:00 am PST Length: 15 minutes http://events.qualys.com/content/PCI_Compliance_2008 ========================================================= Table of contents: 1) Security news 2) Advisories 3) Articles 4) Reviews 5) Software 6) Conferences 7) Security World 8) Virus News [ Security news ] ---------------------------------------------------------------- 8 BEST PRACTICES FOR ENCRYPTION KEY MANAGEMENT AND DATA SECURITY From centralization to support for standards, these encryption key management and data security best practices can help you protect your organizationâ™s confidential data and comply with regulatory mandates. http://www.net-security.org/news.php?id=16004 WHITEPAPER: AVOIDING THE COMPLIANCE TRAP FOR TRAVEL AND EXPENSES Discover how on-demand T&E solutions are helping companies quickly meet requirements to enforce policies and controls and are also providing capabilities to meet evolving compliance requirements. http://www.net-security.org/news.php?id=16005 IS DNSSEC THE ANSWER TO INTERNET SECURITY? DNSSEC (DNS Security Extensions) provides a form of signed verification for DNS information, which is intended to assure DNS authenticity. http://www.net-security.org/news.php?id=16006 Q&A: INSIDER THREAT Bob Farber is the CEO of Symark and in this interview he discusses the growing problem of insider threat with thoughts on evolution, the main challenges of controlling access to proprietary systems and more. http://www.net-security.org/news.php?id=16007 DNS VULNERABILITY OVERVIEW AND SUGGESTED MITIGATIONS On July 9th, 2008 a massive effort was made among software and hardware vendors to release a simultaneous patch to their products. This patch was created to mitigate or minimize the effects of a vulnerability discovered in the basic operation of the Internet Domain Name System or DNS. This subsystem is critical to the operation of the Internet and provides for the translation of human readable names into computer usable IP addresses. http://www.net-security.org/news.php?id=16008 CYBERCRIME ORGANIZATIONAL STRUCTURES AND MODUS OPERANDI This report explores the trend of loosely organized clusters of hackers trading stolen data online being replaced by hierarchical cybercrime organizations. These organizations deploy sophisticated pricing models, crimeware business models refined for optimal operation, crimeware drop zones, and campaigns for optimal distribution of the crimeware. http://www.net-security.org/news.php?id=16009 AUTOMATE BACKUPS ON LINUX The loss of critical data can prove devastating. Still, millions of professionals ignore backing up their data. http://www.net-security.org/news.php?id=16010 BOOK REVIEW - SECURITY POWER TOOLS By reading through security web sites, traversing through software depositories and using Google, you can keep your self updated with the latest tools and attack/defense scenarios based on them. If you want a centralized place on reading this kind of information, "Security Power Tools" is definitely the book you should check out. http://www.net-security.org/news.php?id=16011 SELF-SIGNED CERTIFICATES IN PRODUCTION POINT TO A FAILURE OF SSL I am realising that, although the problem that many Firefox users have with self-signed certificates points to a failure in software design (this is not a stab at Firefox, rather a testament to how difficult it is to design software to suit a diverse user base), it really points to a failure of SSL. http://www.net-security.org/news.php?id=16012 REINVIGORATE YOUR THREAT MODELING PROCESS There are many things called threat modeling. Rather than argue about which is "the one true way," consider your needs and what your skills, abilities, and schedules are, and then work with a method that's best for you. http://www.net-security.org/news.php?id=16013 INCREASING THREAT OF CONFIDENTIAL INFORMATION LOSS A national security and privacy survey sponsored by CA showed that security threats from within an organization now are a bigger problem than attacks from external sources. At the same time, the number of U.S. organizations reporting loss of confidential data and reduced customer satisfaction has increased by 55 percent and 65 percent, respectively, in the past two years. http://www.net-security.org/news.php?id=16014 WHITEPAPER: AUDITING PRIVILEGED ACCESS AND ACTIVITY IN WINDOWS Regulatory compliance and governance are critical areas of focus for organizations of all kinds, often including extensive auditing and monitoring requirements. http://www.net-security.org/news.php?id=16015 ---------------------------------------------------------------- [ Advisories ] All advisories are located at: http://www.net-security.org/archive_advi.php ---------------------------------------------------------------- SUSE Security Announcement - SUSE Security Summary Report (SUSE-SR:2008:015) http://www.net-security.org/advisory.php?id=9092 Turbolinux Security Announcement - firefox and phpmyadmin (18/Jul/2008) http://www.net-security.org/advisory.php?id=9091 Ubuntu Security Notice - firefox vulnerabilities (USN-623-1) http://www.net-security.org/advisory.php?id=9090 Slackware Security Advisory - mozilla-firefox (SSA:2008-198-01) http://www.net-security.org/advisory.php?id=9089 Slackware Security Advisory - seamonkey (SSA:2008-198-02) http://www.net-security.org/advisory.php?id=9088 Debian Security Advisory - afuse (DSA-1611-1) http://www.net-security.org/advisory.php?id=9087 Debian Security Advisory - pdns-recursor (DSA-1544-2 ) http://www.net-security.org/advisory.php?id=9086 Ubuntu Security Notice - linux, linux-source-2.6.15/20/22 vulnerabilities (USN-625-1) http://www.net-security.org/advisory.php?id=9085 Turbolinux Security Announcement - bind, php (16/Jul/2008) http://www.net-security.org/advisory.php?id=9084 Mandriva Linux Security Update Advisory - pcre (MDVSA-2008:147) http://www.net-security.org/advisory.php?id=9083 Mandriva Linux Security Update Advisory - poppler (MDVSA-2008:146) http://www.net-security.org/advisory.php?id=9082 Gentoo Linux Security Advisory - Mercurial: Directory traversal (GLSA 200807-09) http://www.net-security.org/advisory.php?id=9081 Debian Security Advisory - gaim (DSA-1610-1 ) http://www.net-security.org/advisory.php?id=9080 Debian Security Advisory - lighttpd (DSA-1609-1) http://www.net-security.org/advisory.php?id=9079 Mandriva Linux Security Update Advisory - bluez (MDVSA-2008:145) http://www.net-security.org/advisory.php?id=9078 Ubuntu Security Notice - pcre3 vulnerability (USN-624-1) http://www.net-security.org/advisory.php?id=9077 Gentoo Linux Security Advisory - BIND: Cache poisoning (GLSA 200807-08) http://www.net-security.org/advisory.php?id=9076 US-CERT Technical Cyber Security Alert - Sun Java Updates for Multiple Vulnerabilities (TA08-193A) http://www.net-security.org/advisory.php?id=9075 Mandriva Linux Security Update Advisory - openoffice.org (MDVSA-2008:138-1) http://www.net-security.org/advisory.php?id=9074 Apple Security Update - APPLE-SA-2008-07-11 (Xcode tools 3.1) http://www.net-security.org/advisory.php?id=9073 Mandriva Linux Security Update Advisory - openldap (MDVSA-2008:144) http://www.net-security.org/advisory.php?id=9072 Debian Security Advisory - mysql-dfsg-5.0 (DSA-1608-1) http://www.net-security.org/advisory.php?id=9071 FreeBSD Security Advisory - DNS cache poisoning (FreeBSD-SA-08:06.bind ) http://www.net-security.org/advisory.php?id=9070 ---------------------------------------------------------------- [ Articles ] All articles are located at: http://www.net-security.org/articles_main.php Articles can be contributed to articles@net-security.org ---------------------------------------------------------------- DNS VULNERABILITY OVERVIEW AND SUGGESTED MITIGATIONS On July 9th, 2008 a massive effort was made among software and hardware vendors to release a simultaneous patch to their products. This patch was created to mitigate or minimize the effects of a vulnerability discovered in the basic operation of the Internet Domain Name System or DNS. This subsystem is critical to the operation of the Internet and provides for the translation of human readable names into computer usable IP addresses. http://www.net-security.org/article.php?id=1156 Q&A: INSIDER THREAT Bob Farber is the CEO of Symark. Prior to joining Symark, Mr. Farber was the Manager of Technical Support Operations for Candle Corporation. In this interview he discusses the growing problem of insider threat. http://www.net-security.org/article.php?id=1155 ---------------------------------------------------------------- [ Reviews ] All reviews are located at: http://www.net-security.org/reviews.php ---------------------------------------------------------------- SECURITY POWER TOOLS http://www.net-security.org/review.php?id=190 ---------------------------------------------------------------- [ Software ] Windows software is located at: http://net-security.org/software_main.php?cat=1 Linux software is located at: http://net-security.org/software_main.php?cat=2 Pocket PC software is located at: http://net-security.org/software_main.php?cat=3 Mac OS X software is located at: http://net-security.org/software_main.php?cat=5 ---------------------------------------------------------------- CRYPT4FREE 4.7.8 (Windows) Crypt4Free is a free files & email encryption program. http://www.net-security.org/software.php?id=724 DATA GUARDIAN 1.4.4 (Windows) Data Guardian is a secure, Universal Binary, database application for storing passwords, credit card numbers, adressses, notes, customer databases, and more. http://www.net-security.org/software.php?id=663 DATA GUARDIAN 1.4.4 (Mac OS X) Data Guardian is a secure, Universal Binary, database application for storing passwords, credit card numbers, adressses, notes, customer databases, and more. http://www.net-security.org/software.php?id=662 JOHN THE RIPPER 1.7.3 (Linux) John the Ripper is a fast password cracker. http://www.net-security.org/software.php?id=11 MINORFS 0.3.4 (Linux) MinorFS combines a small set of cooperating userspace filesystems for Linux that provide private storage to pseudo persistent processes. http://www.net-security.org/software.php?id=701 PRELUDE MANAGER 0.9.14 (Linux) Prelude Manager is the main program of the Prelude Hybrid IDS suite. http://www.net-security.org/software.php?id=264 VISUALROUTE 2008 12.0g (Windows) VisualRoute delivers the functionality of key Internet "ping," "whois," and "traceroute" tools, in a high-speed visually integrated package. http://www.net-security.org/software.php?id=2 ---------------------------------------------------------------- [ Conferences ] All conferences are located at: http://net-security.org/conferences.php ---------------------------------------------------------------- Black Hat USA 2008 Briefings & Training Organized by Black Hat - 2 August-7 August 2008 http://www.net-security.org/conference.php?id=262 Breakaway 2008 Organized by CompTIA - 5 August-7 August 2008 http://www.net-security.org/conference.php?id=261 Forrester Research Security Forum 2008 Organized by Forrester - 4 September-5 September 2008 http://www.net-security.org/conference.php?id=264 NETWAYS Nagios Conference 2008 Organized by Netways - 11 September-12 September 2008 http://www.net-security.org/conference.php?id=263 IT Security World 2008 Conference & Expo Organized by MIS Training Institute - 13 September-18 September 2008 http://www.net-security.org/conference.php?id=258 VB2008 Organized by Virus Bulletin - 1 October-3 October 2008 http://www.net-security.org/conference.php?id=256 I Digital Security Forum Organized by FSD - 7 November-8 November 2008 http://www.net-security.org/conference.php?id=255 RUXCON 2008 Organized by RUXCON - 29 November-30 November 2008 http://www.net-security.org/conference.php?id=265 The Fourth International Conference on Availability, Reliability and Security (ARES 2009) Organized by Vienna University of Technology / Secure Business Austria - 16 March-19 March 2009 http://www.net-security.org/conference.php?id=260 ---------------------------------------------------------------- [ Security World ] All security world articles are located at: http://www.net-security.org/secworld_main.php Send your press releases to press@net-security.org ---------------------------------------------------------------- Spammers steal free e-mail providers' reputations http://www.net-security.org/secworld.php?id=6336 WordPress logins made more secure than most online bank accounts http://www.net-security.org/secworld.php?id=6335 Convenient security for ASUS ultra mobile portable PCs http://www.net-security.org/secworld.php?id=6334 Increasing threat of confidential information loss http://www.net-security.org/secworld.php?id=6333 First ruggedized NAC appliance http://www.net-security.org/secworld.php?id=6332 Advanced VFS301 fingerprint sensor http://www.net-security.org/secworld.php?id=6331 PCI managed security suite accelerates PCI compliance http://www.net-security.org/secworld.php?id=6330 Critical security issues in the open source Spring Framework http://www.net-security.org/secworld.php?id=6329 New secure online backup service http://www.net-security.org/secworld.php?id=6328 SD memory card for applications where recorded data must be unalterable http://www.net-security.org/secworld.php?id=6327 Set of tools for data loss prevention http://www.net-security.org/secworld.php?id=6326 Cybercrime organizational structures and modus operandi http://www.net-security.org/secworld.php?id=6325 DataLossDB now maintained by Open Security Foundation http://www.net-security.org/secworld.php?id=6324 Advanced privileged account access management appliance http://www.net-security.org/secworld.php?id=6323 Cloudmark granted patent for spam blocking technology http://www.net-security.org/secworld.php?id=6322 On-demand multi-factor authentication for Salesforce CRM http://www.net-security.org/secworld.php?id=6321 Virtualization solution for managing Windows and Linux servers http://www.net-security.org/secworld.php?id=6320 New Cloakware Server Password Manager http://www.net-security.org/secworld.php?id=6319 WSO2 extends SOA governance with Identity Solution 1.5 http://www.net-security.org/secworld.php?id=6318 Unified platform for endpoint security and compliance management http://www.net-security.org/secworld.php?id=6317 Social networking in the workplace may endanger corporate networks http://www.net-security.org/secworld.php?id=6316 First European privacy seal awarded http://www.net-security.org/secworld.php?id=6315 The Wireshark certification program http://www.net-security.org/secworld.php?id=6314 DoS vulnerability in popular VoIP product http://www.net-security.org/secworld.php?id=6313 Face recognition middleware for embedded systems http://www.net-security.org/secworld.php?id=6312 Comprehensive data flow and VoIP management http://www.net-security.org/secworld.php?id=6311 ---------------------------------------------------------------- [ Virus News ] All virus news are located at: http://www.net-security.org/viruses.php ---------------------------------------------------------------- Antivirus2008Pro adware and spammer trojan http://www.net-security.org/virus_news.php?id=961 Malware up 278% in first half of 2008 http://www.net-security.org/virus_news.php?id=960 Phony UPS e-mail delivers a trojan http://www.net-security.org/virus_news.php?id=959 Adware components top list of Threats in June http://www.net-security.org/virus_news.php?id=958 ---------------------------------------------------------------- Questions, contributions, comments or ideas go to: Help Net Security staff staff@net-security.org http://net-security.org ---------------------- Unsubscribe from this weekly digest on: http://www.net-security.org/subscribe.php The archive of the newsletter in TXT and PDF format is available http://www.net-security.org/newsletter_archive.php