HNS Article Issue 411 - 24.03.2008 Webcast: Proactive Vulnerability Management Dr. Chenxi Wang, Principal Analyst, Security and Risk Management, Forrester Research, Inc. In this talk, Dr. Chenxi Wang, Principal Analyst for Security and Risk Management at Forrester Research, will cover the key aspects of proactive vulnerability management and more importantly, the steps via which you can follow to achieve proactive vulnerability management. More specifically: * Continuing assessment of network and devices * Integration with your IT risk management systems * Effective analysis of assessment results * Implementation of proactive remediation Table of contents: 1) Security news 2) Advisories 3) Articles 4) Reviews 5) Conferences 6) Security World 7) Virus News [ Security news ] XENSPLOIT: A RECIPE FOR ATTENTION Take the hottest datacenter technology, add a generous pinch of security scrutiny, and a dash of clever name recognition... and =91Wha-La!=92, you have ingredients for our latest topic of vulnerability du jour: Xensploit. CREDIT CARD DATA STOLEN FROM SUPERMARKET CHAIN A computer hacker stole thousands of credit card numbers after breaching security at two U.S. grocery store chains owned by Belgium-based Delhaize Group SA, the companies said on Monday. MACBOOK AIR REMOTE DISC SECURITY OVERVIEW ISFYM: "As promised, we=92ve spent some time reviewing the new MacBook Air=92s Remote Disc feature from a network security point of view. It=92s confusing and a bit worrisome." MAN ADMITS CREATING WEB VIRUS, SPREADING VIA COPYRIGHT FOOTAGE A 24-year-old man on trial in the Kyoto District Court charged with violating the Copyright Law admitted Tuesday he created a computer virus and used copyrighted animation footage to spread it on the Internet. BOOK REVIEW - MAC OS X LEOPARD PHRASEBOOK Mac OS X Leopard is the latest operating system from Apple that very quickly proved itself to be a great solution for a number of working environments. This book is aimed for those who want to check out what is under the hood and learn how to use the full potential of the command line. LATEST BLU-RAY COPY PROTECTION CRACKED The latest effort at blocking unofficial copying of Blu-ray movies has been undone, the developers of a cracking utility claim. [ Advisories ] All advisories are located at: Mandriva Linux Security Update Advisory - audacity: Insecure temporary file creation ( MDVSA-2008:074) Mandriva Linux Security Update Advisory - perl-Net-DNS Ubuntu Security Notice - unzip vulnerability (USN-589-1 ) Debian Security Advisory - xwine (DSA-1526-1) Mandriva Linux Security Update Advisory - kernel Apple Security Update - Digital Camera RAW Compatibility Update 2.0 Ubuntu Security Notice - mysql-dfsg-5.0 vulnerabilities (USN-588-1) Debian Security Advisory - asterisk (DSA-1525-1 ) Debian Security Advisory - iceape (DSA-1506-2 ) Gentoo Linux Security Advisory - ssl-cert eclass: Certificate disclosure (GLSA 200803-30) Apple Security Update - AirPort Extreme Base Station Firmware 7.3.1 Gentoo Linux Security Advisory - OpenLDAP: Denial of Service vulnerabilities (GLSA 200803-28) Gentoo Linux Security Advisory - ViewVC: Multiple vulnerabilities (GLSA 200803-29) Mandriva Linux Security Update Advisory - krb5 Mandriva Linux Security Update Advisory - krb5 Mandriva Linux Security Update Advisory - krb5 US-CERT Technical Cyber Security Alert - MIT Kerberos Updates for Multiple Vulnerabilities (TA08-079B) SUSE Security Announcement - krb5 SUSE Security Announcement - cups Ubuntu Security Notice - krb5 vulnerabilities (USN-587-1) Mandriva Linux Security Update Advisory - unzip Gentoo Linux Security Advisory - MoinMoin: Multiple vulnerabilities (GLSA 200803-27) Gentoo Linux Security Advisory - Adobe Acrobat Reader: Insecure temporary file creation (GLSA 200803-26) Mandriva Linux Security Update Advisory - nagios Apple Security Update - Security Update 2008-002 Debian Security Advisory - krb5 (DSA-1524-1) MIT krb5 Security Advisory - array overrun in RPC library used by kadmind MIT krb5 Security Advisory - double-free, uninitialized data vulnerabilities in krb5kdc MIT krb5 Security Advisory - array overrun in RPC library used by kadmind Apple Security Update - Safari 3.1 Gentoo Linux Security Advisory - Dovecot: Multiple vulnerabilities (GLSA 200803-25) Gentoo Linux Security Advisory - PCRE: Buffer overflow (GLSA 200803-24:02) Debian Security Advisory - ikiwiki (DSA-1523-1) Debian Security Advisory - icedove (DSA-1485-2 ) Debian Security Advisory - unzip (DSA-1522-1) Novell Security Advisory - vulnerability in the GroupWise Windows client API Debian Security Advisory - sdl-image1.2 (DSA-1493-2) Debian Security Advisory - lighttpd (DSA-1521-1 ) Debian Security Advisory - smarty (DSA-1520-1 ) Debian Security Advisory - orde3 (DSA-1519-1) Debian Security Advisory - backup-manager (DSA-1518-1) Debian Security Advisory - ldapscripts (DSA-1517-1) Gentoo Linux Security Advisory - Website META Language: Insecure temporary file usage (GLSA 200803-23) Ubuntu Security Notice - mailman vulnerability (USN-586-1) Turbolinux Security Announcement - kernel -> Security and Update [ Articles ] All articles are located at: Articles can be contributed to GUARD AGAINST CYBERSPACE THREATS With the changing nature of threats in cyberspace, the need is growing to absorb attacks and to protect online identities against both high-profile and stealthy infiltration attempts. These new types of threats often evade detection by traditional antivirus solutions and security suites, infecting users who think they are protected. No longer satisfied with just slowing your PC or causing havoc, these new attacks hijack your PC, access your personal information, and steal your money. [ Reviews ] All reviews are located at: MAC OS X LEOPARD PHRASEBOOK [ Software ] Windows software is located at: Linux software is located at: Pocket PC software is located at: Mac OS X software is located at: BOTAN 1.7.4 (Linux) Botan aims to be a portable, easy to use, and efficient C++ crypto library. GROKEVT 0.4.1 (Linux) GrokEVT is a collection of scripts for reading Windows event log files. NAGIOS 3.0 (Linux) Nagios is a host and service monitor designed to inform you of network problems before your clients, end-users or managers do. SILC TOOLKIT 1.1.7 (Linux) SILC is much more than just about encrypting the traffic. That is easy enough to do with IRC and SSL hybrids, but even then the entire network cannot be secured, only part of it. WINSCP 4.1.0 (Windows) WinSCP is an open source SSH file transfer protocol and secure copy client for Windows using SSH. XYRIA:DNSD 0.8 pre (Linux) Xyria:DNSd is a high performance DNS server that supports only the most important features and resource records while being extremely fast and secure. [ Conferences ] All conferences are located at: Black Hat Europe 2008 Organized by Black Hat - 25 March-28 March 2008 RSA Conference 2008 Organized by RSA Security - 7 April-11 April 2008 HITBSecConf2008 Organized by Hack in the Box - 14 April-17 April 2008 TRISC 2008 Organized by Texas Chapters of ISSA, ISACA, ASIS International and Infragard - 21 April-23 April 2008 Infosecurity 2008 Organized by Reed Exhibitions - 22 April-24 April 2008 OWASP AppSec Europe 2008 Belgium Organized by OWASP - 20 May-23 May 2008 Hacker Halted USA 2008 Organized by EC-Council - 28 May-4 June 2008 Second International Symposium on Human Aspects of Information Security & Assurance Organized by Information Security & Network Research Group, University of Plymouth - 8 July-10 July 2008 [ Security World ] All security world articles are located at: Send your press releases to Microsoft acquires rootkit detection provider Don't sign your refund check over to malware writers VeriSign introduces security upgrades to its Project Titan Malware prevention for Skype Howard A. Schmidt named (ISC)2 Security Strategist Red Hat Certificate System source code released New Firewall Analyzer product suite New product: Sophos Endpoint Security and Control 8.0 New version of BullGuard Backup Identikey Server 3.0 - new authentication solution for large enterprises Four key steps every company should take to protect its critical data New versions of Veritas Storage Foundation and Cluster Server 5.1 Spammers are leveraging Google applications SSL VPN technology is enhancing virtual services Secure Mail next gen email security appliance fideAS a new file encryption solution Webcast: Proactive Vulnerability Management Dr. Chenxi Wang, Principal Analyst, Security and Risk Management, Forrester Research, Inc. In this talk, Dr. Chenxi Wang, Principal Analyst for Security and Risk Management at Forrester Research, will cover the key aspects of proactive vulnerability management and more importantly, the steps via which you can follow to achieve proactive vulnerability management. More specifically: * Continuing assessment of network and devices * Integration with your IT risk management systems * Effective analysis of assessment results * Implementation of proactive remediation [ Virus News ] All virus news are located at: Weekly report on viruses and intruders Man admits to writing anime trojan horse Questions, contributions, comments or ideas go to: Help Net Security staff Purchase from this weekly digest on: The archive of the article in TXT and PDF format is available Archive: Purchase:
... Back to listing 10
... Back to article 1818 | SITEMAP | Next to article 1820 ...
We would like to express our gratitude to all those who are kindly providing this unique content, especially to:
office@a3ides.com
olga@bemobile.md
tirlik@brainchildhunter.com
office@bemobile.md
sharuha@causeni.info
info@webconsulting.md
irina.gorea@bemobile.md
office@milieukontakt.nl
igor.romanyuk@bemobile.com.ua
yuri.sekretar@olympia.net.ua
info@tophost.md
webmoldova@yahoo.com
admin@bemobile.md
webmaster@bemobile.md
emil@a3ides.com
olea@bemobile.md
yuri.sekretar@bemobile.com.ua
contact@a3ides.com
info@a3ides.com
vitaliy.lozovskiy@bemobile.md
drugg83@yahoo.com
rector@usm.md
gaugash@usm.md
acad.rudic@mail.md
acadrudic@yahoo.com
veaceslav.vasilache@gmail.com
s.bakker@milieukontakt.nl
katea.melnicenco@gmail.com
mkoe.moldova@vox.md
musteata@doctor.com
renat.buga@ase.md
s.molenkamp@milieukontakt.nl
si_problemme@mail.ru
willem.tjebbe.oostenbrink@planet.nl
Tag cloud:
Security, Advisory, located, Organized, Mandriva, vulnerability, security, vulnerabilities, proactive, network, (Linux), Multiple, Windows, assessment, Principal, Management, software, Research,, management, Forrester, solution, Articles, Insecure, Announcement, temporary, articles, threats, aspects, kadmind, importantly,,
Similar listing on:
Security, Advisory, located, Organized, Mandriva, vulnerability, security, vulnerabilities, proactive, network, (Linux), Multiple, Windows, assessment, Principal, Management, software, Research,, management, Forrester, solution, Articles, Insecure, Announcement, temporary, articles, threats, aspects, kadmind, importantly,,
Similar listing on: