HNS Newsletter Issue 429 - 28.07.2008 http://www.net-security.org ================================================================ PCI Compliance 2008: What You Need To Know ================================================================ This 10-minute webcast briefing focuses excusively on key facts you need to know as a PCI Merchant. When: Thursday, July 31 at 11:00 am PST Length: 15 minutes http://events.qualys.com/content/PCI_Compliance_2008 ========================================================= Table of contents: 1) Security news 2) Advisories 3) Articles 4) Software 5) Webcasts 6) Conferences 7) Security World 8) Virus News [ Security news ] ---------------------------------------------------------------- INTEGRATE ENCRYPTION INTO GOOGLE CALENDAR WITH FIREFOX EXTENSIONS Today's Web applications provide many benefits for online storage, access, and collaboration. Although some applications offer encryption of user data, most do not. http://www.net-security.org/news.php?id=16016 OYSTER CARD HACK TO BE UNVEILED Details of how to copy the Oyster cards used on London's transport network can be published, a Dutch judge has ruled. The ruling overturns an injunction to suppress the information won by NXP - makers of the travel smartcards used in London and many other cities. http://www.net-security.org/news.php?id=16017 PROTECTING AGAINST WI-FI, BLUETOOTH, RFID DATA ATTACKS Using a laptop, cell phone headset, building access badge, credit cards, or even a passport can make you a walking target for data thieves and other criminals, a security expert warned at the Last HOPE hacker conference here late Friday. http://www.net-security.org/news.php?id=16018 VIDEO: THE VULNERABILITY ECONOMY Jeff Moss, the founder of DEFCON and Black Hat, discusses the unfolding of the vulnerability economy. Nowadays, instead of exposing high profile zero-day vulnerabilities at conferences, many researchers opt for selling their discoveries on a growing market. http://www.net-security.org/news.php?id=16019 LOCAL FILE INCLUSION – TRICKS OF THE TRADE Everyone understands that local file includes are bad. The ability to execute an arbitrary file as code is unquestionably a security risk and should be protected against. http://www.net-security.org/news.php?id=16020 WHITEPAPER - INSTITUTIONAL IDENTITY THEFT Learn how the identity theft of your customers leads to the erosion of your company's profits and good name. http://www.net-security.org/news.php?id=16021 Q&A: WEB 2.0 SECURITY Sam Masiello has more than 18 years of email systems and IT management experience, including nearly 10 years network and security systems management. In this interview he discusses various aspects of Web 2.0 security. http://www.net-security.org/news.php?id=16022 INTERESTING PATTERN IN STORM WORM TRAFFIC This blog post contains a few graphs with interesting observations he made when tracking the Storm Worm botnet as part of his thesis on detection of advanced botnets. http://www.net-security.org/news.php?id=16023 4 REASONS NOT TO USE MOD_SECURITY mod_security provides many options for validating URLs, URIs, and application data. You are, essentially, implementing a custom web application firewall using configuration directives. http://www.net-security.org/news.php?id=16024 SECURITY POLICY CONSIDERATIONS FOR VIRTUAL WORLDS Virtual worlds offer significant outreach and business development opportunities to companies, governments, and the world at large. As these worlds evolve and grow in popularity and acceptance, and become more integrated into many aspects of business and society, they offer new and uncharted terrain for security practitioners to embrace, explore and apply corporate governance and information security policy. http://www.net-security.org/news.php?id=16025 MALICIOUS SPAM CAMPAIGNS CONTINUES WITH RUSTOCK BOTNET The recent, large-scale campaign is designed to infect computers with malware and convert them into part of the Rustock botnet, and it is succeeding. Over the last month, Rustock has grown to claim second place among the largest spam producing botnets behind the Srizbi botnet in first place. Rustock has increased its share of global spam volumes from 10 percent in mid-June to 21.5 percent last week. http://www.net-security.org/news.php?id=16026 ---------------------------------------------------------------- [ Advisories ] All advisories are located at: http://www.net-security.org/archive_advi.php ---------------------------------------------------------------- Debian Security Advisory - refpolicy (DSA-1617-1) http://www.net-security.org/advisory.php?id=9115 Ubuntu Security Notice - mozilla-thunderbird, thunderbird vulnerabilities (USN-629-1) http://www.net-security.org/advisory.php?id=9114 Turbolinux Security Announcement - Multiple vulnerabilities in thunderbird (24/Jul/2008) http://www.net-security.org/advisory.php?id=9113 Debian Security Advisory - clamav: Multiple vulnerabilities (DSA-1616-1) http://www.net-security.org/advisory.php?id=9112 Slackware Security Advisory - dnsmasq (SSA:2008-205-01) http://www.net-security.org/advisory.php?id=9111 Mandriva Linux Security Update Advisory - xemacs (MDVSA-2008:154) http://www.net-security.org/advisory.php?id=9110 Mandriva Linux Security Update Advisory - emacs (MDVSA-2008:153) http://www.net-security.org/advisory.php?id=9109 Debian Security Advisory - xulrunner (DSA-1615-1) http://www.net-security.org/advisory.php?id=9108 Ubuntu Security Notice - php5 vulnerabilities (USN-628-1 ) http://www.net-security.org/advisory.php?id=9107 Debian Security Advisory - iceweasel (DSA-1614-1) http://www.net-security.org/advisory.php?id=9106 Debian Security Advisory - lighttpd (DSA-1540-3) http://www.net-security.org/advisory.php?id=9105 Mandriva Linux Security Update Advisory - wireshark (MDVSA-2008:152) http://www.net-security.org/advisory.php?id=9104 SUSE Security Announcement - kernel ( SUSE-SA:2008:037) http://www.net-security.org/advisory.php?id=9103 Debian Security Advisory - libgd2 (DSA-1613-1) http://www.net-security.org/advisory.php?id=9102 Mandriva Linux Security Update Advisory - libxslt (MDVSA-2008:151) http://www.net-security.org/advisory.php?id=9101 Gentoo Linux Security Advisory - BitchX: Multiple vulnerabilities (GLSA 200807-12) http://www.net-security.org/advisory.php?id=9100 Gentoo Linux Security Advisory - PeerCast: Buffer overflow (GLSA 200807-11) http://www.net-security.org/advisory.php?id=9099 Gentoo Linux Security Advisory - Bacula: Information disclosure (GLSA 200807-10) http://www.net-security.org/advisory.php?id=9098 Debian Security Advisory - ruby1.8 (DSA-1612-1 ) http://www.net-security.org/advisory.php?id=9097 SUSE Security Announcement - libxcrypt (SUSE-SA:2008:036) http://www.net-security.org/advisory.php?id=9096 SUSE Security Announcement - kernel (SUSE-SA:2008:035) http://www.net-security.org/advisory.php?id=9095 Mandriva Linux Security Update Advisory - mysql (MDVSA-2008:150) http://www.net-security.org/advisory.php?id=9094 Mandriva Linux Security Update Advisory - mysql (MDVSA-2008:149) http://www.net-security.org/advisory.php?id=9093 ---------------------------------------------------------------- [ Articles ] All articles are located at: http://www.net-security.org/articles_main.php Articles can be contributed to articles@net-security.org ---------------------------------------------------------------- SECURITY POLICY CONSIDERATIONS FOR VIRTUAL WORLDS Virtual worlds offer significant outreach and business development opportunities to companies, governments, and the world at large. As these worlds evolve and grow in popularity and acceptance, and become more integrated into many aspects of business and society, they offer new and uncharted terrain for security practitioners to embrace, explore and apply corporate governance and information security policy. http://www.net-security.org/article.php?id=1159 Q&A: WEB 2.0 SECURITY Sam Masiello oversees the MX Logic Threat Operations Center. Masiello has more than 18 years of email systems and IT management experience, including nearly 10 years network and security systems management. In this interview he discusses various aspects of Web 2.0 security. http://www.net-security.org/article.php?id=1158 THE VULNERABILITY ECONOMY Jeff Moss, the founder of DEFCON and Black Hat, discusses the unfolding of the vulnerability economy. Nowadays, instead of exposing high profile zero-day vulnerabilities at conferences, many researchers opt for selling their discoveries on a growing market. http://www.net-security.org/article.php?id=1157 ---------------------------------------------------------------- [ Software ] Windows software is located at: http://net-security.org/software_main.php?cat=1 Linux software is located at: http://net-security.org/software_main.php?cat=2 Pocket PC software is located at: http://net-security.org/software_main.php?cat=3 Mac OS X software is located at: http://net-security.org/software_main.php?cat=5 ---------------------------------------------------------------- FWKNOP 1.9.6 (Linux) fwknop implements an authorization scheme called Single Packet Authorization that requires only a single encrypted packet to communicate various pieces of information. http://www.net-security.org/software.php?id=695 IPCOP 1.4.20 (Linux) IPCop Firewall is a Linux firewall distribution geared towards home and SOHO (Small Office/Home Office) users. http://www.net-security.org/software.php?id=147 ---------------------------------------------------------------- [ Webcasts ] All webcasts are located at: http://net-security.org/webcasts.php ---------------------------------------------------------------- Code Scanning: Success and Failure in the Field Organized by iSEC on 30 July 2008, 10:00 AM http://www.net-security.org/webcast.php?id=511 ---------------------------------------------------------------- [ Conferences ] All conferences are located at: http://net-security.org/conferences.php ---------------------------------------------------------------- Black Hat USA 2008 Briefings & Training Organized by Black Hat - 2 August-7 August 2008 http://www.net-security.org/conference.php?id=262 Breakaway 2008 Organized by CompTIA - 5 August-7 August 2008 http://www.net-security.org/conference.php?id=261 Forrester Research Security Forum 2008 Organized by Forrester - 4 September-5 September 2008 http://www.net-security.org/conference.php?id=264 NETWAYS Nagios Conference 2008 Organized by Netways - 11 September-12 September 2008 http://www.net-security.org/conference.php?id=263 IT Security World 2008 Conference & Expo Organized by MIS Training Institute - 13 September-18 September 2008 http://www.net-security.org/conference.php?id=258 VB2008 Organized by Virus Bulletin - 1 October-3 October 2008 http://www.net-security.org/conference.php?id=256 I Digital Security Forum Organized by FSD - 7 November-8 November 2008 http://www.net-security.org/conference.php?id=255 RUXCON 2008 Organized by RUXCON - 29 November-30 November 2008 http://www.net-security.org/conference.php?id=265 The Fourth International Conference on Availability, Reliability and Security (ARES 2009) Organized by Vienna University of Technology / Secure Business Austria - 16 March-19 March 2009 http://www.net-security.org/conference.php?id=260 ---------------------------------------------------------------- [ Security World ] All security world articles are located at: http://www.net-security.org/secworld_main.php Send your press releases to press@net-security.org ---------------------------------------------------------------- Malicious spam campaigns continues with Rustock botnet http://www.net-security.org/secworld.php?id=6354 Security flaws in online banking sites http://www.net-security.org/secworld.php?id=6353 New book: "Google Apps: The Missing Manual" http://www.net-security.org/secworld.php?id=6352 New high-end home chip and PIN security solution http://www.net-security.org/secworld.php?id=6351 Top internal network threats in 2008 so far http://www.net-security.org/secworld.php?id=6350 IPsec security toolkit optimized for new Intel EP80579 integrated processors http://www.net-security.org/secworld.php?id=6349 Business websites attacked, office workers at risk, Web 2.0 threats http://www.net-security.org/secworld.php?id=6348 Vulnerabilities in Anti-Virus Software - reaction to the McAfee Statement http://www.net-security.org/secworld.php?id=6347 TDM to IP converter with built-in ethernet switch http://www.net-security.org/secworld.php?id=6346 New SSL deployment technologies http://www.net-security.org/secworld.php?id=6345 The Planet offers free backup, discounted data protection and firewalls http://www.net-security.org/secworld.php?id=6344 First wireless intrusion prevention software provider to support IPv6 http://www.net-security.org/secworld.php?id=6343 New bank card security system to support EMV2000 specifications http://www.net-security.org/secworld.php?id=6342 Open Source Database Survey: strong PostgreSQL adoption in enterprises http://www.net-security.org/secworld.php?id=6341 .ORG is the first generic TLD to start DNSSEC implementation http://www.net-security.org/secworld.php?id=6340 Managed web security appliance strengthens policy compliance http://www.net-security.org/secworld.php?id=6339 PGP delivers a new endpoint protection solution http://www.net-security.org/secworld.php?id=6337 Disaster recovery protection for Citrix XenServer virtual machines http://www.net-security.org/secworld.php?id=6338 ---------------------------------------------------------------- [ Virus News ] All virus news are located at: http://www.net-security.org/viruses.php ---------------------------------------------------------------- Get rid of malware with F-Secure Rescue CD http://www.net-security.org/virus_news.php?id=964 False Formula 1 crash news report spreads a trojan http://www.net-security.org/virus_news.php?id=963 Website infection rate three times faster than 2007 http://www.net-security.org/virus_news.php?id=962 ---------------------------------------------------------------- Questions, contributions, comments or ideas go to: Help Net Security staff staff@net-security.org http://net-security.org ---------------------- Unsubscribe from this weekly digest on: http://www.net-security.org/subscribe.php The archive of the newsletter in TXT and PDF format is available http://www.net-security.org/newsletter_archive.php