This week at AusCERT we have two new Computer Security Analysts to join the AusCERT co-ordination centre: Paul Fahey and Damien Curtain. They are both very welcome additions to team and look forward to working with you, our members.

We were also made aware that Storm (aka Peacomm) is now using encryption with a 40 byte key for its communication. This change may point to the future (or current) selling of the Storm network to others for SPAM, DDoS and other malicious activity (http://www.secureworks.com/research/blog/index.php/2007/10/15/the-changing-storm).

Wednesday saw Oracle release patches for 51 vulnerabilities in "hundreds" of Oracle products (http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2007.html). So if you are running any Oracle products you should probably think about applying the patches.

Lastly today a new version of Firefox (2.0.0.8) was released correcting multiple security vulnerabilities (http://www.auscert.org.au/render.html?it=8237).

Richard