TA05-194A: Oracle Products Contain Multiple Vulnerabilities

Oracle Products Contain Multiple Vulnerabilities more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 10:12:23 PMContent source: http://www.us-cert.gov/cas/techalerts/TA05-194A.html

TA05-193A: Microsoft Windows, Internet Explorer, and Word Vulnerabilities

Microsoft Windows, Internet Explorer, and Word Vulnerabilities more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 10:12:20 PMContent source: http://www.us-cert.gov/cas/techalerts/TA05-193A.html

TA05-189A: Targeted Trojan Email Attacks

Targeted Trojan Email Attacks more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 10:12:16 PMContent source: http://www.us-cert.gov/cas/techalerts/TA05-189A.html

TA05-180A: VERITAS Backup Exec Software is actively being exploited

VERITAS Backup Exec Software is actively being exploited more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 10:11:47 PMContent source: http://www.us-cert.gov/cas/techalerts/TA05-180A.html

TA05-165A: Microsoft Windows and Internet Explorer Vulnerabilities

Microsoft Windows and Internet Explorer Vulnerabilities more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 10:11:32 PMContent source: http://www.us-cert.gov/cas/techalerts/TA05-165A.html

CAN-2005-2699 (PHPKIT)

admin/admin.php in PHPKit 1.6.1 allows remote authenticated administrators to execute arbitrary PHP code by uploading a .php file to the content/images/ directory using images.php. NOTE: if a PHPKit administrator must already have access to the end system to install or modify configuration of the product, then this issue might not cross privilege boundaries, and should not be included in CVE. more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 10:10:34 PMContent source: http://nvd.nist.gov/nvd.cfm?cvename=CAN-2005-2699

CAN-2005-2698 (Nephp Publisher Enterprise)

Cross-site scripting (XSS) vulnerability in browse.php in Nephp Publisher Enterprise 3.04 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded keywords parameter. more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 9:32:05 PMContent source: http://nvd.nist.gov/nvd.cfm?cvename=CAN-2005-2698

Turkish hacker caught by FBI

Turkish hacker responsible for Internet banking fraud has been caught in Adana. Atilla Ekinci, 23, is being held responsible for breaking into... more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 9:30:38 PMContent source: http://www.crime-research.org/news/08.26.2005/1455/

Public Largely Ignorant of Online Dangers Says New Poll

LONDON, August 26, 2005 – The UK public is largely ignorant of the threats they face online and subsequently are at greater risk than ever of... more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 9:30:29 PMContent source: http://www.crime-research.org/news/08.26.2005/1454/

Microsoft to fight phishing with a new toolbar for Internet Explorer

Microsoft has revealed that anti-phishing features would be made available to Internet Explorer 6 users through an update to the company's MSN... more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 9:01:18 PMContent source: http://www.crime-research.org/news/08.31.2005/1465/

US man pleads guilty to selling Microsoft

A Meriden man has pleaded guilty in federal court to charges related to the theft of the source code to Microsoft's Windows software.

William... more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 8:40:17 PMContent source: http://www.crime-research.org/news/08.31.2005/1463/

Zotob and Mytob were originated by Russian hacker

One of the two men arrested last week on charges of creating and mailing the Zotob bot worm also authored some, but not all, of the many Mytob worms... more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 8:19:16 PMContent source: http://www.crime-research.org/news/08.30.2005/1462/

Cybercriminal and the army of zombies

In 2004, after months of putting a virtual tail on a hacker who called himself Pherk, FBI agent Timothy Nestor had the guy right where he wanted him.... more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 8:14:15 PMContent source: http://www.crime-research.org/news/08.30.2005/1461/

Anti-spam problem

Trying to stop junk email by filtering out words such as ‘sex’ didn’t work for Jeff Andrew, because incoming emails to his... more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 8:00:14 PMContent source: http://www.crime-research.org/news/08.29.2005/1460/

Hackers: Trojan horse couple arrested

Court in London goes over formalities and Britain prepares to hand over Michael and Ruth Haephrati to Israel for trial over affair that stormed Israel... more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 7:19:13 PMContent source: http://www.crime-research.org/news/08.29.2005/1459/

Alleged worm hacker detained

Two men were arrested overseas on Thursday on charges of unleashing a computer worm that infected networks across the United States nearly two weeks... more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 7:17:12 PMContent source: http://www.crime-research.org/news/08.28.2005/1457/

Phishing the net

Spam is on the run, with the world's leading spammer closed down and bankrupt.

However, experts warn the latest computer scam called phishing is... more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 7:15:04 PMContent source: http://www.crime-research.org/news/08.27.2005/1456/

Turkish hacker caught by FBI

Turkish hacker responsible for Internet banking fraud has been caught in Adana. Atilla Ekinci, 23, is being held responsible for breaking into... more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 5:23:26 PMContent source: http://www.crime-research.org/news/08.26.2005/1455/

Public Largely Ignorant of Online Dangers Says New Poll

LONDON, August 26, 2005 – The UK public is largely ignorant of the threats they face online and subsequently are at greater risk than ever of... more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 5:22:13 PMContent source: http://www.crime-research.org/news/08.26.2005/1454/

Packet analysis tools and methodology (Part 1)

There are untold billions of packets flying around the web today. A great many of them are of malicious intent. A prelude to malicious activity is often the port scan. We will learn about some of the more popular types of port scans in existence today, and the tools used for them. more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 5:21:57 PMContent source: http://www.WindowSecurity.com/articles/Packet-analysis-tools-methodology-Part1.html

Product-based Security vs. Service-based Security

Security vendors today can follow either of two different models: they can sell a product (a firewall, an encryption program, etc.) that your company pays for upfront, or they can sell a service that incurs an ongoing fee. In some cases, they can combine the two: an antivirus program or anti-spyware appliance that requires an update service to function properly. The current trend seems to be away from the standalone product model and toward the service model. In this article, we examine the advantages and disadvantages of both. more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 5:20:07 PMContent source: http://www.WindowSecurity.com/articles/Product-based-Security-Service-based-Security.html

Ideal-to-Realized Security Assurance In Cryptographic Keys (Part 2)

In the final installment of this two-part series, we'll cover two closely related collision attacks - the birthday attack and the meet-in-the-middle attack. We'll conclude by emphasizing the importance of simplicity through conservatism, and establishing a "golden rule" for instantiating the lengths of many cryptographic values. more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 5:19:41 PMContent source: http://www.WindowSecurity.com/articles/Ideal-to-Realized-Security-Assurance-Cryptographic-Keys-Part2.html

Implementing Principle of Least Privilege

The Principle of Least Privilege is not a new concept, but the push to implement it on production networks has never been so important. This article will go over some of the most common configurations that you can make to implement these principles and reduce the possibility of an attack from a typical end user. more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 5:18:50 PMContent source: http://www.WindowSecurity.com/articles/Implementing-Principle-Least-Privilege.html

Ideal-to-Realized Security Assurance In Cryptographic Keys (Part 1)

In the first installment of this two-part series, we'll cover key length, and relative concerns, such as entropy and how password etiquette affects key space complexity. We'll look at how the length of the key doesn't inherently equate to the security of the key, and why security isn't even just about keys, at all. more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 5:18:07 PMContent source: http://www.WindowSecurity.com/articles/Ideal-to-Realized-Security-Assurance-Cryptographic-Keys-Part1.html

PredatorWatch becomes NetClarity names Gil Roeder as CEO

Veteran Technology Executive to Drive Future Growth of Network Security Appliance Vendor
NORTH CHELMSFORD, MA -- (MARKET WIRE) -- 08/30/2005 -- PredatorWatch, a leading provider of vulnerability and intrusion management appliances, today announced a new name and a new CEO. Now known as NetClarity to invoke a stronger, more positive corporate message, the company will be led by Gil Roeder, a technology industry veteran.
Mr. Roeder, who has over 25 years of sales and marketing experience, is succeeding Gary Miliefsky, who will continue with NetClarity as Chief Technology Officer. Mr. Roeder will spearhead NetClarity's efforts to enhance its innovative product line, develop new and existing partnerships, build out a direct sales force, develop domestic and international reseller and distributor channels, and raise growth capital. http://www.marketwire.com/mw/release_html_b1?release_id=94153

Product Review: Acunetix Web Vulnerability Scanner

We've all heard of vulnerability scanners, but as the spectrum of security threats expands, security tools become more specialized. Acunetix has created a vulnerability scanner that's specifically designed to protect your Web servers and Web applications. It sounded interesting to us, so we installed the Acunetix WVS package on a Windows Server 2003 server to try it out. In this article, we'll review our experiences with its features and functionality. more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 5:07:06 PMContent source: http://www.WindowSecurity.com/articles/Product-Review-Acunetix-WVS.html

Bluetooth: Is it a Security Threat?

I've received a lot of questions from readers recently about security issues related to different types of wireless technology. 802.11 (wi-fi) security has been covered in detail in this and other forums, but you don't see nearly so much discussion of Bluetooth security. Bluetooth is becoming more and more popular, and it's time to examine its security implications. Is it secure? Can it be made secure? What are particular security concerns? We'll take a look at those questions in this article. more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 5:04:31 PMContent source: http://www.WindowSecurity.com/articles/Bluetooth-Security-Threat.html

Auditing user accounts

With Sarbanes Oxley, HIPAA, GLM, and the other auditing compliance programs getting so much attention, all aspects of the network environment are under a microscope. For any operating system environment this includes the auditing of the user accounts and their related properties. Considering that many attacks are accessed through a user account that has one or more incorrect and insecure settings, it makes sense to focus on user account properties during the audit. Within a Windows Active Directory environment there are the standard user properties that must be audited, plus a few that may not fall into too many other network environments. This article will discuss the key user account properties that need to be audited, as well as the tools that can help complete the task. more...

NetClarity - Preemptive, Proactive Protection.
Originally Posted on 8/31/2005 5:02:28 PMContent source: http://www.WindowSecurity.com/articles/Auditing-user-accounts.html