====================================================
InfoSec World 2009 Conference & Expo
March 7-13, 2009, Orlando, FL
http://www.misti.com/infosecworld
====================================================

InfoSec World 2009 Conference & Expo features over 100 sessions, 11 
content tracks, dozens of case studies and live demos, 15 in-depth 
workshops, 3 co-located summits and over 140 exhibitors! With the 
primary objective of providing top-notch education to all levels of 
information security professionals - from CISOs to system administrators 
- InfoSec World delivers practical sessions that offer the tools to 
strengthen security without restricting business. Attendees are allowed 
to track-hop freely throughout the main conference and can earn up 
to 51 CPE credits by attending the entire event.

====================================================

HNS Newsletter
Issue 448 - 08.12.2008
http://www.net-security.org

Table of contents:

1) Security news
2) Advisories
3) Software
4) Conferences
5) Security World
6) Virus News


[ Security news ]


----------------------------------------------------------------

GUIDE - THE NEED FOR VULNERABILITY MANAGEMENT
This guide describes the need for vulnerability management.
http://www.net-security.org/news.php?id=16213


EU TO SEARCH OUT CYBER CRIMINALS
Remote searches of suspect computers will form part of an EU plan to
tackle hi-tech crime.
http://www.net-security.org/news.php?id=16214


SET UP A SSH-BASED POINT TO POINT CONNECTION
This article explains how to use SSH to set up SSH-based point to
point connections with OpenSuse 11.0 which can then be used to create
routes that create virtual private networks.
http://www.net-security.org/news.php?id=16215


A NEW ISSUE OF (IN)SECURE MAGAZINE HAS BEEN RELEASED
(IN)SECURE Magazine is a free digital security magazine in PDF
format. In this issue you can read about the future of AV, holes in
Windows login controls, extended validation and online security, Web
filtering in a Web 2.0 world, and a lot more. Download your FREE copy
today!
http://www.net-security.org/news.php?id=16217


EXPAND YOUR USER-AUTHENTICATION OPTIONS WITH MOUSE DYNAMICS
Learn how to apply the open source tools cnee and Perl in mouse-click
dynamics to measure the more subtle characteristics of human-computer
interaction. Then use the number and hold time of mouse-click events
to help authenticate users.
http://www.net-security.org/news.php?id=16218


WHITEPAPER - HACKING YOUR PBX: 15 WAYS TO MAKE THE MOST OF A MODERN
PHONE SYSTEM
Discover the tips and tricks to help PBX users optimize their
business phone setup.
http://www.net-security.org/news.php?id=16219


WHITEPAPER - WORST PRACTICES IN SOA IMPLEMENTATION
Learn the top-four worst practices for SOA integration.
http://www.net-security.org/news.php?id=16220


A WOMAN SENT NIGERIAN SCAM ARTISTS $400,000
This may well be the mother of all internet scam cases.
http://www.net-security.org/news.php?id=16222


REAL WEB 2.0: BATTLING WEB SPAM
This article explains how to assess whether a visitor is a spammer
and how to organize site workflow to discourage spam.
http://www.net-security.org/news.php?id=16223


WHITEPAPER - HOW TO ATTAIN PCI COMPLIANCE
IT security is on everyone's mind nowadays. In addition to such
worries the finance and banking industry has to comply also with the
Payment Card Industry Data Security Standards.
http://www.net-security.org/news.php?id=16225

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Slackware Security Advisory - php (SSA:2008-339-01)
http://www.net-security.org/advisory.php?id=9509


Ubuntu Security Notice - nfs-utils vulnerability (USN-687-1)
http://www.net-security.org/advisory.php?id=9508


Debian Security Advisory - New Linux 2.6.24 packages fix several
vulnerabilities (DSA-1681-1)
http://www.net-security.org/advisory.php?id=9507


SUSE Security Announcement - Linux kernel (SUSE-SA:2008:057)
http://www.net-security.org/advisory.php?id=9506


Debian Security Advisory - New clamav packages fix potential code
execution (DSA-1680-1)
http://www.net-security.org/advisory.php?id=9505


Turbolinux Security Announcement - Multiple vulnerabilities exist in
cups
http://www.net-security.org/advisory.php?id=9504


Ubuntu Security Notice - AWStats vulnerability (USN-686-1)
http://www.net-security.org/advisory.php?id=9503


Ubuntu Security Notice - Net-SNMP vulnerabilities (USN-685-1)
http://www.net-security.org/advisory.php?id=9502


SUSE Security Announcement - Kernel (SUSE-SA:2008:056)
http://www.net-security.org/advisory.php?id=9501


Ubuntu Security Notice - ClamAV vulnerability (USN-684-1)
http://www.net-security.org/advisory.php?id=9500


Debian Security Advisory - New awstats packages fix cross-site
scripting (DSA-1679-1)
http://www.net-security.org/advisory.php?id=9499


Debian Security Advisory - New perl packages fix privilege escalation
(DSA-1678-1)
http://www.net-security.org/advisory.php?id=9498


Debian Security Advisory - New CUPS packages fix arbitrary code
execution (DSA 1677-1)
http://www.net-security.org/advisory.php?id=9497


Gentoo Linux Security Advisory - Mantis: Multiple vulnerabilities
(GLSA 200812-07)
http://www.net-security.org/advisory.php?id=9496


Gentoo Linux Security Advisory - libxml2: Multiple vulnerabilities
(GLSA 200812-06)
http://www.net-security.org/advisory.php?id=9495


Gentoo Linux Security Advisory - libsamplerate: User-assisted
execution of arbitrary code (GLSA 200812-05)
http://www.net-security.org/advisory.php?id=9494


Gentoo Linux Security Advisory - lighttpd: Multiple vulnerabilities
(GLSA 200812-04)
http://www.net-security.org/advisory.php?id=9493


Gentoo Linux Security Advisory - IPsec-Tools: racoon Denial of
Service (GLSA 200812-03)
http://www.net-security.org/advisory.php?id=9492


Gentoo Linux Security Advisory - enscript: User-assisted execution of
arbitrary code (GLSA 200812-02)
http://www.net-security.org/advisory.php?id=9491


Gentoo Linux Security Advisory - OptiPNG: User-assisted execution of
arbitrary code (GLSA 200812-01)
http://www.net-security.org/advisory.php?id=9490


Ubuntu Security Notice - Imlib2 vulnerability (USN-683-1)
http://www.net-security.org/advisory.php?id=9489


Debian Security Advisory - New flamethrower packages fix denial of
service (DSA-1676-1)
http://www.net-security.org/advisory.php?id=9488


Ubuntu Security Notice - imagemagick vulnerability (USN-681-1)
http://www.net-security.org/advisory.php?id=9487


Ubuntu Security Notice - libvorbis vulnerabilities (USN-682-1)
http://www.net-security.org/advisory.php?id=9486


Ubuntu Security Notice - libvorbis vulnerabilities (USN-682-1)
http://www.net-security.org/advisory.php?id=9485

----------------------------------------------------------------




[ Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2

Pocket PC software is located at:
http://net-security.org/software_main.php?cat=3

Mac OS X software is located at:
http://net-security.org/software_main.php?cat=5


----------------------------------------------------------------

AUTOKRYPT 8.11 (Windows)

http://www.net-security.org/software.php?id=726


CRYPTOEXPERT 2008 PROFESSIONAL 7.8.5 (Windows)
CryptoExpert creates encrypted virtual disks and these disks are
visible as usual disks with drive letters.
http://www.net-security.org/software.php?id=305


FILE ENCRYPTION XP 1.5.125 (Windows)
With File Encryption XP, you can encrypt files of any type, including
Microsoft Word, Excel and PowerPoint documents
http://www.net-security.org/software.php?id=728


GFI LANGUARD 9 (Windows)
This tool is used to audit network security and proactively secure
it.
http://www.net-security.org/software.php?id=481


KERIO WINROUTE FIREWALL 6.5.2 Build 5172 (Windows)
Kerio Personal Firewall represents smart, easy-to-use personal
security technology that fully protects personal computers against
attackers.
http://www.net-security.org/software.php?id=108


NETWRIX PASSWORD MANAGER 5.1.38.0 (Windows)
Gives end users the ability to securely manage their passwords and
resolve account lockouts in a self-service fashion without
involvement of help desk personnel.
http://www.net-security.org/software.php?id=686


PASSWORD MANAGER XP 2.3.448 (Windows)
Password Manager XP is a program that will help you systematize
secret information.
http://www.net-security.org/software.php?id=70


TOR, PRIVOXY AND VIDALIA BUNDLE 0.2.0.32 (Windows)
An anonymous Internet communication system.
http://www.net-security.org/software.php?id=253

----------------------------------------------------------------




[ Conferences ]


All conferences are located at:
http://net-security.org/conferences.php


----------------------------------------------------------------

Southern California Linux Expo (SCALE 7x)
Organized by SCALE - 20 February-22 February 2009
http://www.net-security.org/conference.php?id=283


InfoSec World 2009 Conference & Expo
Organized by MIS Training Institute - 7 March-13 March 2009
http://www.net-security.org/conference.php?id=282


The Fourth International Conference on Availability, Reliability and
Security (ARES 2009)
Organized by Vienna University of Technology / Secure Business
Austria - 16 March-19 March 2009
http://www.net-security.org/conference.php?id=260


2009 European Workshop on System Security (EuroSec)
Organized by EuroSec - 31 March-31 March 2009
http://www.net-security.org/conference.php?id=281


RSA Conference 2009
Organized by RSA Conference - 20 April-24 April 2009
http://www.net-security.org/conference.php?id=280


21st Annual FIRST Conference
Organized by FIRST - 28 June-3 July 2009
http://www.net-security.org/conference.php?id=284


The 9th Privacy Enhancing Technologies Symposium (PETS 2009) 
Organized by PET - 5 August-7 August 2009
http://www.net-security.org/conference.php?id=275

----------------------------------------------------------------




[ Security World ]


All security world articles are located at:
http://www.net-security.org/secworld_main.php

Send your press releases to press@net-security.org


----------------------------------------------------------------

Rogue bots and social networking
http://www.net-security.org/secworld.php?id=6809


Trust the UK Government with my data? No way!
http://www.net-security.org/secworld.php?id=6806


Social networking boom enables cybercriminals to make more plausible
scams
http://www.net-security.org/secworld.php?id=6807


With a surge in online cybercrime, IBM bolsters security services
http://www.net-security.org/secworld.php?id=6804


Card Authentication Package from Ricoh
http://www.net-security.org/secworld.php?id=6803


Cisco introduces expert-level CCIE certification in wireless
networking
http://www.net-security.org/secworld.php?id=6802


Advanced malware techniques boost the underground economy
http://www.net-security.org/secworld.php?id=6808


Third Brigade VM Protection delivers cloud-ready security for VMware
virtual machines
http://www.net-security.org/secworld.php?id=6805


First secure USB flash drive to fully support Mac OS X
http://www.net-security.org/secworld.php?id=6801


Fighting computer crimes without the threat of a forensic compromise
http://www.net-security.org/secworld.php?id=6800


Apache Tomcat 4.1.39 fixes security issues
http://www.net-security.org/secworld.php?id=6799


BIO-key granted patent to secure biometric enrollments from
unauthorized use
http://www.net-security.org/secworld.php?id=6798


Solarflare 65nm triple-speed 10GBASE-T silicon
http://www.net-security.org/secworld.php?id=6797


Growth in Internet crime calls for growth in punishment
http://www.net-security.org/secworld.php?id=6796


SecureEmail free for non-commercial use
http://www.net-security.org/secworld.php?id=6795


Prevent illegal corporate activity with SifoScopes
http://www.net-security.org/secworld.php?id=6794


Automated network compliance and assurance management for PCI DSS
http://www.net-security.org/secworld.php?id=6793


Survey unveils major gap in the way CEOs manage cyber risks
http://www.net-security.org/secworld.php?id=6790


First HDTV network camera with 10x optical zoom and H.264 compression
http://www.net-security.org/secworld.php?id=6789


Utimaco combines the Lenovo fingerprint logon with full disk
encryption
http://www.net-security.org/secworld.php?id=6792


Vulnerability management solution from Rapid7 and Trend Micro
http://www.net-security.org/secworld.php?id=6791


Entrust enhances its multifactor authentication platform
http://www.net-security.org/secworld.php?id=6788


New mobile authentication options
http://www.net-security.org/secworld.php?id=6787


Internet link balancers with VPN load balancing and failover from
Peplink
http://www.net-security.org/secworld.php?id=6786


Fingerprint-enabled personal navigation devices from Medion
http://www.net-security.org/secworld.php?id=6785


Study reveals corporate failure to safeguard core IT assets
http://www.net-security.org/secworld.php?id=6784

----------------------------------------------------------------




[ Virus News ]


All virus news are located at:
http://www.net-security.org/viruses.php


----------------------------------------------------------------

Popular airlines exploited by cybercriminals
http://www.net-security.org/virus_news.php?id=1006

----------------------------------------------------------------



Questions, contributions, comments or ideas go to:

Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php