Hitting the easy targets and letting the big guys get away with it again and again….

May 29th, 2008 Drazen Drazic

I started to talk about this in a response to the last post here.

I am seeing this trend of organisations with false and mis-leading promises being targeted with our industry’s ire, and as I said, rightly so but is the focus blinkered? I think so…..the easy targets are being hit while others continue to get away with it over and over again.

ScanAlert seems to be one of, if not the most hated products/services by people in our industry. Just look at most security bloggers pages and you’ll see pretty much a consensus of people’s opinions of it. See latest post here for example.

There’s plenty of individuals in our industry who put their thoughts out there and get attacked (when deserved) for it. I know I do. Individuals are easy to target!

Read the rest of this entry »

Posted in Bad Stuff, Dumb Security, WTF, cyber crime | 12 Comments »

Be careful of being too cockey…Lifelock CEO cops it….

May 25th, 2008 Drazen Drazic

Watch the Lifelock ad on the site as it scrolls through. :-) Story at ha.ckers.org.

From the story in Yahoo! News.

Another one to add to the list of failed magical solutions? You have to take any promises of total security with a grain of salt. See recent posts about ScanAlert and the links within the links. (Aside: Is this the most hated product/service in the IT Security industry?)

But then again, we have the old Symantec Guarantee. Posted here again for your viewing pleasure and evidence requirements for any legal action you may ever contemplate. (Though by clicking on the software agreement when you installed it, you probably signed away all rights you had anyway, but worth a shot!)

Posted in Bad Developers, Bad Stuff, Dumb Security, WTF, cyber crime, news | 4 Comments »

AusCert Roundup and Malware Giveaways at the conference….

May 23rd, 2008 Drazen Drazic

Hot off the press from Patrick who sent me this one: Telstra distributes malware-infected USB drives at AusCert.

Thanks to all the people that have been reading my posts on AusCert and those people who have been sending me emails about the posts and their AusCert experience. I was going to close it off with yesterday’s post but I’ve been asked a few times now to add some final thoughts. So here we go:

Read the rest of this entry »

Posted in Research, Uncategorized | 7 Comments »

AusCert Day 3: Conference last day

May 22nd, 2008 Drazen Drazic

I can see many “sore” heads this morning walking around, but then again, that’s pretty standard throughout AusCert. The dinner last night (Tuesday) was pretty good and great to catchup with people. Always enjoy my time with my mates at TrustDefender. (Blatant promo for the guys. They will do well and I highly recommend you check them out).

Here we go:

Read the rest of this entry »

Posted in Research, Uncategorized | 1 Comment »

Risky Business @ AusCert

May 21st, 2008 Drazen Drazic

Now I am only covering so much in my posts, but Patrick Gray’s podcasts are well worth a listen to get deeper into the AusCert conference:
http://itradio.com.au/auscert08/

Enjoy!

Posted in Uncategorized | No Comments »

AusCert Day 2: Does it matter if the presentations are not that good if the dinner is a winner?

May 21st, 2008 Drazen Drazic

What a weird start to the day…Keynote speaker is John Stewart from Cisco but before he starts, the MC (AusCert dude), looking very sombre, tells the delegates that he has read stuff on Blogs talking about AusCert day 1 and also the lack of local content versus overseas presenters after the first day. He seems really upset by it. “Gees!”, is he talking about me? Or this? I cringe and then I think, hell yeah…..if me, good!…if not me……Good! If this is the wake up call you need, then whoever did it, it may well be worth it to get this conference (and organisation) back to reality! (Personally, I have nothing to do with AusCert and neither do any of my clients….I have no idea of their relevance….I have no idea why I do not! I run a team of security consultants and researchers and none of them do either!) But that’s another story.

Read the rest of this entry »

Posted in Uncategorized | 6 Comments »

Some interesting news and thoughts on McAfee/ScanAlert

May 19th, 2008 Drazen Drazic

There’s some interesting links also within the following posts at 0×000000 (and yeah, some backwards and forwards between sites):

http://www.0×000000.com/?i=573
http://www.0×000000.com/?i=574

Interesting that the mainstream IT press hasn’t really picked up on the latter.

Posted in Bad Stuff, Dumb Security, Vulnerability Management, Web Application Security, cyber crime | 1 Comment »

AusCert Day 1: Ends up okay…somewhat….

May 19th, 2008 Drazen Drazic

Okay, I don’t have great expectations of AusCert conferences as most know. They’re a great junket and the social side of things is fantastic. Content though is usually ordinary with only a handful of presentations worth remembering.

I was looking forward to seeing Scott Charney’s “Enabling End to End Trust” keynote given recent discussions about his paper since it’s release. Scott: Impressive background, impressive presenting skills, but gees, if you’re going to travel half-way around the world to talk about your End to End Trust, talk about it!

Read the rest of this entry »

Posted in Research, cyber crime | 10 Comments »

Thank Heavens we have Ruxcon and Kiwicon….

May 17th, 2008 Drazen Drazic

It would be really sad for the Australian and New Zealand security community if we did not have Ruxcon and Kiwicon, (and OWASP this year I here was pretty good).

Just thinking about this as I head up to another AusCert conference on the Gold Coast. It’s not that we lack security conferences here in Australia and some of them are even okay……rare few though that don’t wheel out the same old people rambling on about the same old topics and working on their own self-promotion.

Read the rest of this entry »

Posted in Research | 8 Comments »

Australian/New Zealand Security Blogs

May 13th, 2008 Drazen Drazic

As I mentioned before, we’re putting together a Blog Directory of Australian and New Zealand security bloggers and independent news sites. So far, not so many, but if you’d like to be on the list, email me or get me through the “Contact Me” section of the website.

Posted in news | 3 Comments »

It must be the Chinese Hackers again….

May 9th, 2008 Drazen Drazic

Is there anything bad happening on the net not being blamed on “Chinese Hackers”? Forget the story….same old stuff. Some of the comments here are priceless:

www.theregister.co.uk/2008/05/08/belgium_india_china_warnings/comments/

Now just in case there is some language issues thing here in translation, this is a sarcastic post and in no way talking bad about Chinese Hackers. Point those probes in another direction. :-)

Posted in Bad Stuff, Dumb Security, To cool, WTF, cyber crime | 2 Comments »

IPv6 Ramblings…..

May 9th, 2008 Drazen Drazic

Interesting and good to see IPv6 get a mention/submission in Australia’s 2020 Summit. The submission is here. Not sure where it is headed as I couldn’t see any mention in the Initial Summit Report. Maybe others have heard more about this?

We haven’t lacked in some good write-ups on IPv6 in recent times. Thanks to Donal for passing this one from Arbor Networks onto me.

The Google IPv6 2008 Conference panel video is well worth seeing if you haven’t already.

Are we getting much closer?

Previous Beast or Buddha posts:
http://beastorbuddha.com/2008/03/31/some-good-ipv6-links/
http://beastorbuddha.com/2007/05/10/ipv6whenwhysecurity/

From 2001; IPv6 and the Future of the Internet.

Posted in Research | 4 Comments »

More on not logging - “Reverse Compliance”

May 8th, 2008 Drazen Drazic

Declan’s recent post on logging being a double edged sword started some interesting discussion. Anton Chuvakin follows-up further on his blog and writes:

“Reverse compliance” is a motivation to purposefully avoid technologies that have a chance of telling you that you are NOT in compliance. Sadly, logging is featured very high on the list of such technologies that a) tell you about all the problems with your compliance posture (e.g. direct violations of regulatory requirements, lack of controls, inefficient controls, policies not followed, etc) as well as b) are mandated by various regulations (e.g. PCI DSS) and c) actively used by auditors for finding compliance issues.

Read the rest of Anton’s post.

Posted in Disclosure Laws, Forensics, PCI, PCI DSS, Risk Management, cyber crime, governance | 3 Comments »

1.5 Billion Euro investment into Securus Global

May 6th, 2008 Drazen Drazic

The rumours about this company or that company wanting to buy into Securus Global continue but this one we are seriously considering. This should turn us into THE global force of Infosec Consulting:

> From: xxxxx xxx <xxxxxx@yahoo.fr>
> Reply-To: <xxxxxx.xxxx@yahoo.fr>
> Date: Mon, 5 May 2008 21:37:32 +0200 (CEST)
> To: <xxxxxx@yahoo.fr>
> Subject: INVESTMENT  PROJECT
>
> I WANT TO INVEST MY FUND {1.5BILLION EURO}IN YOUR COMPANY, LET ME KNOW
> YOUR TERMS ,IF YOU ARE INTERESTED TO INVEST WITH ME GET BACK TO ME
> WITH YOUR FULL DETAILS, I WILL SEND THE BOND FOR CONFIRMATION FOR US
> TO PROCEED THE PROJECT.
>
>
>
> MR XXXX XXXX
> OIL AND GAS

Look out world!

Posted in Securus Global | 4 Comments »

To regulate IT Security controls/practices or not?!

May 5th, 2008 Drazen Drazic

With little to no regulation around IT security practices and controls in Australia, have we fallen behind other major trading partners like the US and countries in Europe? I think the answer is most definitely yes but I welcome your thoughts on this.

This is not new…it’s something I have ranted about for a while here but as we see the landscape change elsewhere for tighter regulation(s), data breach disclosure laws for eg; coming into existence in other parts of the world, we seem to talk more than act. The PCI DSS has been the biggest thing to hit Australian business in terms of some form of enforcement of good practice and even that is operated outside of the bounds of government and local controls.

No one’s perfect, but have we really progressed much in the last few years? Sure, security awareness is higher than it has ever been, but are security issues being addressed at their core/root or does awareness just mean actioning the latest hot area/topic? I put it out there that that is the case.

Who’s addressing risk management properly? Who’s approaching security from a strategic perspective?

It’s more than just an IT security issue. It’s a business issue, it’s a shareholder value issue, it’s a national security issue..etc etc… Is regulation the key to change here? If not, what is?

Posted in Disclosure Laws, Risk Management, cyber crime, governance | 2 Comments »

Microsoft serves COFEE to the police…and a death sentence to employee!?

May 1st, 2008 Drazen Drazic

By Declan Ingram

Upon speculation that Microsoft had build backdoors into Vista, Niels Ferguson, a developer and cryptographer at Microsoft wrote:

“The suggestion is that we are working with governments to create a back door so that they can always access BitLocker-encrypted data……..Over my dead body

That’s very reassuring.. Until this was released : “Microsoft device helps police pluck evidence from cyberscene of crime“.

Read the rest of this entry »

Posted in Bad Stuff, Industry Specialists Talk, Research, WTF, cyber crime | 9 Comments »

Kiwicon 2k8

May 1st, 2008 Drazen Drazic

After the awesome Kiwicon 2k7, the 2008 event has been announced.
http://www.kiwicon.org/

Posted in Research | No Comments »