HNS MAIN FEEDTHE WIRE
Majority of companies spend no time managing their security systems Whitepaper - Good architecture and security Whitepaper - 4 key steps to automate IT security compliance 14% of SSL certificates signed using vulnerable MD5 algorithm Addressing the challenges of identification and authentication in American society MALWARE
Tales from the support crypt: infected DVD drives, antiviruses that blow fuses and more Rogue antivirus applications related to Continental Flight 1404 and other current news Zero-day Web malware blocks surpass yearly average New password-stealing application disguised as a Firefox plugin Malware week: Antivirus360 antivirus and Sinowal.VXR banker trojan 
============================================
Find and fix network vulnerabilities with QualysGuard.
Register for a 14-day free trial to access all features that
make it the most accurate and comprehensive vulnerability
management and compliance solution.
http://www.net-security.org/qualysguard
============================================
HNS Newsletter
Issue 452 - 05.01.2009
http://www.net-security.org
Table of contents:
1) Security news
2) Advisories
3) Software
4) Conferences
5) Virus News
[ Security news ]
----------------------------------------------------------------
TALES FROM THE SUPPORT CRYPT
Talking viruses, infected physical devices, lights that go out are
some of the “problems” Panda Security’s tech support service has had
to face. Many of them were not a result of computer viruses, but of
confused users. This proves once again, that antivirus manufacturers
must make a special effort to increase user knowledge regarding
computer security and malware effects.
http://www.net-security.org/news.php?id=16254
INFORMATION GATHERING WITH GPG/PGP KEYTRUSTS
Some times you just need to know more about a person...
http://www.net-security.org/news.php?id=16255
FUTURISTIC SECURITY CHECKPOINT PREDICTS YOUR ACTIONS
New security check points in 2020 will look just like something out
of the futuristic movie, The Minority Report.
http://www.net-security.org/news.php?id=16256
PRIVATE FIRM MAY TRACK ALL EMAIL AND CALLS
The private sector will be asked to manage and run a communications
database that will keep track of everyone's calls, emails, texts and
internet use under a key option contained in a consultation paper to
be published next month by Jacqui Smith, the home secretary.
http://www.net-security.org/news.php?id=16257
ON THE ‘09 INFRASTRUCTURE SECURITY RADAR
In considering the past year and what’s in store for 2009 and
beyond, there’s a broad spectrum of Internet infrastructure security
related issues that are sure to make for absorbing times in the
coming years.
http://www.net-security.org/news.php?id=16258
----------------------------------------------------------------
[ Advisories ]
All advisories are located at:
http://www.net-security.org/archive_advi.php
----------------------------------------------------------------
Debian Security Advisory - ruby1.8, ruby1.9 (DSA-1695-1)
http://www.net-security.org/advisory.php?id=9579
Debian Security Advisory - xterm (DSA-1694-1)
http://www.net-security.org/advisory.php?id=9578
Debian Security Advisory - xterm (DSA-1694-1)
http://www.net-security.org/advisory.php?id=9577
Slackware Security Advisory - mozilla-thunderbird (SSA:2008-366-0)
http://www.net-security.org/advisory.php?id=9576
Mandriva Linux Security Update Advisory - kernel (MDVSA-2008:246)
http://www.net-security.org/advisory.php?id=9575
Slackware Security Advisory - seamonkey (SSA:2008-362-01)
http://www.net-security.org/advisory.php?id=9574
Debian Security Advisory - phppgadmin (DSA-1693-1)
http://www.net-security.org/advisory.php?id=9573
Debian Security Advisory - php-xajax (DSA-1692-1 )
http://www.net-security.org/advisory.php?id=9572
----------------------------------------------------------------
[ Software ]
Windows software is located at:
http://net-security.org/software_main.php?cat=1
Linux software is located at:
http://net-security.org/software_main.php?cat=2
Pocket PC software is located at:
http://net-security.org/software_main.php?cat=3
Mac OS X software is located at:
http://net-security.org/software_main.php?cat=5
----------------------------------------------------------------
GNU ANUBIS 4.1.1 (Linux)
GNU Anubis is an outgoing mail processor and the SMTP tunnel between
MUA and MTA. It is also a secure/anonymous SMTP client.
http://www.net-security.org/software.php?id=7
SAMHAIN 2.5.1 (Linux)
Samhain is an open source file integrity and host-based intrusion
detection system.
http://www.net-security.org/software.php?id=125
STRONGSWAN 4.2.1.0 (Linux)
strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4
and 2.6 kernels
http://www.net-security.org/software.php?id=643
SUPHP 0.7.0 (Linux)
suPHP is a combination of an Apache module (mod_suphp) and an
executable which provides a wrapper for PHP.
http://www.net-security.org/software.php?id=161
TINC 1.0.9 (Linux)
tinc is a VPN daemon that uses tunnelling and encryption to create a
secure private network between hosts on the Internet.
http://www.net-security.org/software.php?id=62
WEBJOB 1.8.0 (Linux)
WebJob downloads a program over HTTP/HTTPS and executes it in one
unified operation. Output may be directed to stdout/stderr or a Web
resource.
http://www.net-security.org/software.php?id=460
----------------------------------------------------------------
[ Conferences ]
All conferences are located at:
http://net-security.org/conferences.php
----------------------------------------------------------------
ShmooCon 2009
Organized by ShmooCon - 6 February-8 February 2009
http://www.net-security.org/conference.php?id=286
Southern California Linux Expo (SCALE 7x)
Organized by SCALE - 20 February-22 February 2009
http://www.net-security.org/conference.php?id=283
InfoSec World 2009 Conference & Expo
Organized by MIS Training Institute - 7 March-13 March 2009
http://www.net-security.org/conference.php?id=282
The Fourth International Conference on Availability, Reliability and
Security (ARES 2009)
Organized by Vienna University of Technology / Secure Business
Austria - 16 March-19 March 2009
http://www.net-security.org/conference.php?id=260
2009 European Workshop on System Security (EuroSec)
Organized by EuroSec - 31 March-31 March 2009
http://www.net-security.org/conference.php?id=281
RSA Conference 2009
Organized by RSA Conference - 20 April-24 April 2009
http://www.net-security.org/conference.php?id=280
21st Annual FIRST Conference
Organized by FIRST - 28 June-3 July 2009
http://www.net-security.org/conference.php?id=284
The 9th Privacy Enhancing Technologies Symposium (PETS 2009)
Organized by PET - 5 August-7 August 2009
http://www.net-security.org/conference.php?id=275
SANS WhatWorks in Virtualization Security Summit 2009
Organized by SANS - 17 August-18 August 2009
http://www.net-security.org/conference.php?id=287
----------------------------------------------------------------
[ Virus News ]
All virus news are located at:
http://www.net-security.org/viruses.php
----------------------------------------------------------------
Tales from the support crypt: infected DVD drives, antiviruses that
blow fuses and more
http://www.net-security.org/virus_news.php?id=1019
----------------------------------------------------------------
Questions, contributions, comments or ideas go to:
Help Net Security staff
staff@net-security.org
http://net-security.org
----------------------
Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php
The archive of the newsletter in TXT and PDF format is available
http://www.net-security.org/newsletter_archive.php
