Australian IT Security Blogger Roundup

Posted on February 14th, 2010 by Drazen Drazic

From the Australian IT Security Blog Directory:

- Jarrod Loidl at /dev/null has a couple of good recent posts; one on web application scanners and the other on “How to get a start in Information Security.
- Chris Gatford at http://www.penetrationtester.com/ talks about his recent radio interview and then presents “7 Tips for Small Business IT Security”.
- Over at Infamous Agenda, Matthew’s latest post is on Incident Response and what he believe works. Have a read and respond to Matt if you disagree with anything.
- Eldar at Just Another Hacker has changed the look of his site. A heap of topics in recent times from Internet Filtering, theories on hacking, XSS Bank of Queensland and ING plus more.
- Donal at Ockham’s Razor is as always thinking outside the square and presenting theories to question the established ways. He’s also busy with Nodecity and this is definitely worth a look. For more information, contact Donal.
- Fifth.Sentinel in his latest post is talking about research on Windows Registry and time time analysis. Worth a read.
- Christian, the main man from Perth at un-excogitate.org has covered quite a few topics in recent times; BeEF, Sandboxing, new ISACA certification, discussion on “Trust”.

I haven’t covered everyone here. If you want to be added to the list, let me know.

Busiest Blog post of the week; Once again, anything to do with the ACS gets people worked up, and this one here has been no different.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in news | 1 Comment »

Apple Don’t Care……

Posted on January 28th, 2010 by Drazen Drazic

I love my Mac. Unlike a PC, it still works the same as the day I bought it! Same speed and can work with it for months without a re-boot other than having to reboot for an update. (Happy to get Windows 7 people responses…..does Windows 7?). Apple formula: you never go back.

iPod, iPhone; so locked in with music and apps – you never go back to anything else.

Fillers like Macbook Air and iPad are just that, “fillers” – perception of innovation to keep the “standards” like Mac Notebooks and iPods going. They all know that.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in news | 7 Comments »

New ACS “Centres of Excellence” – Security and Advanced Computing

Posted on November 28th, 2009 by Drazen Drazic

From the Western Australian branch of the Australian Computer Society; they are launching two new “Centres of Excellence”. Information here. Information supplied by Philip Argy. Thank you to the ACS for passing this to us. We look forward to hearing more about this initiative.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in Research, news | 8 Comments »

CERT Australia Announced

Posted on November 26th, 2009 by Drazen Drazic

Good luck to the AGD team with CERT Australia. Further reports:
- Australian IT mentions the role of AusCERT in this.
- AusCERT’s press release here.
*** Should have included this also in original post: http://www.ag.gov.au/cybersecurity

For those attending the AISA National Annual Seminar Day; David Campbell, (Director Australian Government Computer Emergency Readiness Team) will be talking about the new CERT. Should be an interesting presentation.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in Risk Management, cyber crime, news | 4 Comments »

Random Links and Rants……

Posted on November 9th, 2009 by Drazen Drazic

- We got a chance to do some Endpoint Security testing for ZDNet here: How effective is endpoint security? Thanks for the feedback on this one. We only had a very small window to get this done and given more time, the results in terms of scope of testing would have been much larger. It is what it is and we hope you liked it. Hopefully a part II, with some really cool stuff.

- Fionnbharr Davies from Securus Global (Thoth) will be presenting at Kiwicon 2009. Fionn’s talk synoposis: “Linux kernel rootkits are everywhere, but no modern (public) detection system exists. Linux rootkit checkers are currently woefully inadequate, often focusing upon mundane and outdated techniques that are only used by the lowest of the kiddies. I will briefly highlight common modern rootkit techniques as seen in real in-the-netz linux rootkits, and walk through my Antilulz tool, which is an LKM designed to be loaded at times of peak paranoia to give your kernel the once over. I’ll continue the conversation discussing what a rootkit would need to do to defeat these checks, and expand upon antilulz to continue the cold war. If I’ve time, I’ll talk a bit about the state of rootkit detection, and will discuss real-time kernel IDS techniques, and why they are extremely hard to do”.

- Thanks to Craig B and fudsec.com for having me on; Testing the Vendor Guarantees. Guaranteed Security….Just Show Us the Money.

- Some articles at Tek-Tips. Here’s a couple of the latest ones:

Clouding the Solution Landscape: Mediocrity vs Strategy – Going the Easy Path

Data Classification Policies – Forgotten Purpose

As always, keen on your thoughts.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in cyber crime, news | 4 Comments »

Australian Bloggers Roundup

Posted on November 6th, 2009 by Drazen Drazic

I enjoy following what the local guys have been up to. Well worth bookmarking the following Australian blogs:

- Donal at Ockham’s Razor latest post Troubleshooting-101 is a typical Donal brain dump of ideas. Smart guy and also doing some great things with Nodecity. Check them out.
- Big 4 man Matthew at Infamous Agenda has really started to get stuck into it. Is there another Big 4 Infosec dude blogging away? Great to see. A heap of new posts here covering; web application security, cloud security, security requirements, security governance.
- The biggest blogger from the west, @xntrik doesn’t post that often but always posts interesting things at un-excogitate.org. Checkout the Internet Censorship video in his latest post.
- Jarrod at /dev/null has posted a book review of; Security Metrics: Replacing Fear, Uncertainty and Doubt. Check out his other recent posts also. Jarrod’s recently moved to the dark side (consulting). :)
- Eldar (@wireghoul) has a new advisory and more information and updates to “Graudit” in his blog, Just Another Hacker. He’ll also be presenting at the next AISA National Annual Seminar Day on Graudit.
- Phillip Hall at CyberSecurity Junkie has been writing about WordPress, Windows 7 and Password security. You can get Phillip on twitter also @PhilHall.
- Bradley Schatz blogs about Forensics at Inside out. I enjoy reading Bradley’s work. He knows his stuff and posts on some interesting topics. Check it out if you haven’t already.
- Paul Ducklin (CEO of Sophos) doesn’t only spend time talking about Malware at his blog, Duck or grouse. Recent topics aside form malware facts and figures include; ACMA, Social Networking, Computer Security in Schools. One of Australia’s best infosec speakers.

I haven’t covered everyone, but if you are blogging in Australia or know of someone who is, let us know and we’ll add them to the Australian IT Security Blog Directory.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in news | 5 Comments »

HOUSE OF REPRESENTATIVES STANDING COMMITTEE ON COMMUNICATIONS – Subject: CyberCrime (Latest)

Posted on October 23rd, 2009 by Drazen Drazic

Transcripts from latest hearings:
http://www.aph.gov.au/House/committee/coms/cybercrime/hearings.htm

Previous post on this subject here.

Thanks again to @cmlh for the link.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in news | No Comments »

Australian Bloggers Roundup

Posted on September 25th, 2009 by Drazen Drazic

While the Information Security blogging scene is relatively small here in Australia, the guys in it are always bringing out interesting things. Here’s a brief roundup of what’s been happening lately:

- Donal at Ockham’s Razor looks at Electronic Voting in his latest post and raises, (what to us), are valid points. He links to an article from Ireland which is interesting reading. Do yourself a favour and read some of D’s other posts. Worth scanning through for some thinking “outside the square”.
- Wade doesn’t focus that much on Information Security anymore but every so often, he’ll have a few gems there. Interesting reading at wadem anyway.
- The west’s biggest and best blogger, Christian at un-excogitate.org covers the latest OWASP meeting in Perth and also talks about Cloud Security in his latest posts.
- Jordan at Security Technology Science has started posting again. I like Jordan’s posts as he looks at the psychology of our industry and the people within it. He’s got extensive experience so for new guys coming up through the ranks (and those already there), it’s interesting to get that take from a “veteran”. (He’ll hate me saying that as he’s heaps younger than me!)
- Another BJJ/MMA exponent (gees, there’s a few in our industry), Jarrod at /DEV/NULL has posts on Cloud Security and Exemptions which are worth a read. Post your thoughts to Jarrod.
- The Big 4 man Matthew at Infamous Agenda has recently been getting hot over a few topics. Go see what’s been getting Matt worked up.
- Pat’s Risky.Biz continues to be one of the best Information Security podcasts out there. He’s got a heap of new stuff; forums, vids and the usual weekly Risky Business podcast.
- Eldar’s stuff at Just Another Hacker makes my old technical – now non-technical head spin, but for you techo dudes, go suss it out.
- James at Karter.Net while not a totally security focused blog, but Open Source and other things, plus his experience, is publishing a lot of good stuff. To narrow it down to one sentence would not do it justice. Click away.
- Philip at PhilipHall.com has been talking about Apple vulns in recent times. “CyberSecurity Junkie” and worth reading his archive of posts.
- Bradley at Inside Out continues his focus on forensics, digital evidence and legal issues. One of few in Australia blogging about this topic. Worth bookmarking!

I haven’t covered everyone, but if you are blogging in Australia or know of someone who is, let us know and we’ll add them to the Australian IT Security Blog Directory.

Posted in Research, news | 1 Comment »

Random Links and Rants…….

Posted on September 8th, 2009 by Drazen Drazic

- Have been following this thread at Risky.Biz about “VulnDisco bug list made public“. I think through flagg’s comments, our position on it has been made. Yes, we are their local representatives as we are with Immunity and D2. Not that any of this is news as Securus Global has been for a while (see link). Personally, I don’t think this is story is news here as Flagg mentioned for some in the industry but it does make for good awareness for a majority of the industry who may be oblivious to markets outside of “mainstream” security products. Interesting reading some of the comments though in terms of thoughts on effectiveness, impact and moreso about people’s thoughts on difficulty (or lack of thereof) in reproducing exploits based upon a knowledge now of the vulnerabilities.

- With Cloud Security being such a popular topic of discussion now, good unbiased sources of news and information about Cloud Security can be hard to find. (Vendor waffle vs. reality for example). My favourite site is Craig Balding’s cloudsecurity.org. If you want information that is honest, informative and asks serious questions about the topic, bookmark this one! Craig has also recently kicked off the Cloud Security podcast here with Chris Hoff of Rational Survivability. Highly recommended.

Read the rest of this entry »

Posted in news | 2 Comments »

Randon Links and Rants…….

Posted on August 22nd, 2009 by Drazen Drazic

- Didn’t the 4 Corners Episode; “Fear in the Fast Lane” generate some discussion and debate this week? I didn’t post anything about it myself here for a couple of reasons; (1) I didn’t think anything new and worthwhile was worth highlighting, and, (2) People were “twittering up a storm” over it – some of it very over the top. (Refer to #4corners on Twitter search for more on that). Interestingly, from within our own industry, the discussion was more personal – questioning people’s credentials as “experts” as opposed to the actual content itself in many cases. Some fair questions raised and some not so in my opinion. I welcome your thoughts here.

-Which leads me to discussions and analysis on who are the “experts”. Anton Chuvakin, our Qualys and PCI friend ponders the question here; “A Myth of an Expert Generalist“. The same question was also raised in the Beast or Buddha forums a little while ago in the post titled; “Internet Security ‘Expert‘”. I had some thoughts on this topic (and the 4 Corners episode) on my twitter; here and here. Chris Gatford, an industry colleague in Australia and one of the people heavily featured during the 4 Corners episode responded to this here.

- Hackers vs Federal Police was a big story this week here as reported in the SMH; “Hackers break into police computer as sting backfires“. Some things get reported and some don’t: http://r00tsecurity.org/files/zf05.txt. No more to add. Everyone’s a target and everyone’s ownable (well at least you’d bet on it it being the case). Kind of makes a mockery of some of the talk on the conference circuit. Waffle vs substance…what do people want to listen to? Can most even judge?

- I’ve recently been invited to write for Tek-Tips Forums. Yep, that’s my mug. I’ll link the posts from here also when I remember to do so. After coming back from a holiday, the inspirational juices aren’t really flowing but I expect things will start to annoy me and then I’ll be back to normal. :)

- Had to repost this one: “How not to setup a Hotel Safe”; I took this photo recently in a hotel in Croatia. At first I thought I must be missing something here (like being able to program the code) but no, this is it. Needless to say, I didn’t use the “safe”. :)

- And finally, off the Information Security topics. The latest issue of Top Gear magazine (which I thought was not the Australian one – yuk….but seems now like some sort of a combination of Aus and UK) has a home fridge magnet Cool Wall – most cool! Here’s my “Cool Wall“.

Posted in Bad Stuff, Dumb Security, Risk Management, Vulnerability Management, Web Application Security, cyber crime, news | No Comments »

CERTs in Australia….and the saga continues….

Posted on August 18th, 2009 by Drazen Drazic

From Australian IT; “AusCERT sidelined in CERT revamp“. Sadly the big question that most will raise from this is; “What will happen to the yearly junket, (I mean conference), on the Gold Coast?” Be shocked if anyone even responds to this post.

Positive to see the Government doing things. Hopefully it’s being well planned and thought out.

Posted in Risk Management, cyber crime, news | 17 Comments »

Securus Global News and Information

Posted on August 13th, 2009 by Drazen Drazic

I don’t normally use this forum to talk about the business side of things for Securus Global but thought I would take an opportunity to talk a bit about what’s been happening.

2009 surprisingly has seen good growth for us. Still hoping we’re not going to see some delayed effect of the Global Economic Crisis.

While we’ve always had a large client base in Melbourne, we’ve recently setup a permanent presence there and we’re looking at doing the same for other Australian cities. Asia and other international clients we support from Sydney at present (and travel as required like we always have), but we’re looking at our position here. (Also based upon international partnerships).

With this expansion, we are looking for good people, so we’re keen to hear from experienced and passionate Information Security Specialists. Generally, the level of expertise we look for is as described here. Working with many of Australia’s largest organisations across most industry sectors (in particular across critical infrastructure), we’re seen as leaders in our field and we’ve built our reputation and differentiation on the quality of our work and people. There’s few others that can now match our client-base and we’re proud of our achievements to have gotten to where we are.

Read the rest of this entry »

Posted in Securus Global, news | No Comments »

Random Links and Rants…….

Posted on August 10th, 2009 by Drazen Drazic

- How not to setup a Hotel Safe: I took this photo recently in a hotel in Croatia. At first I thought I must be missing something here (like being able to program the code) but no, this is it. Needless to say, I didn’t use the “safe”. :)

- Ockham’s Razor post on Security Shapes. D’s stuff is always interesting and worth a read.

- Our old friend Big Galoot has certainly shown the power of the Internet Blogger. His “Protect Jerrys Plains” blog has exposed many questionable business and government practices. In recent times, his work has received attention from mainstream media. He may well have brought down a minister.

- Saw this one on my return – reported by Pat at Risky.Biz: “McAfee Leaks 1400 Security Pro Details“. I haven’t had a chance to listen to the podcast yet where Pat interviews McAfee over the incident. I question how big a deal this is. How much of the information is confidential really? AusCert and many other conferences send out similar lists (albeit the attendees have opted-in for their information to be available to sponsors). Mistake or marketing – Hey, look how many important people were interested in McAfee. Might drive others to follow these important people. DLP discussion/debate? Seriously?

- Christian has a new post where he poses some good questions around putting solutions together and approaches to Information Security; “Keep It Simple“.

- Jarrod looks at the “Full-Disclosure” debate here at his /Dev/Null blog.

- We’ve added a few more to the list of Australian IT Security Bloggers. Let me know if you want to be added to this list.

- I see Kiwicon 3 has been anounced for November 28-29, 2009. Details here. Follow on Twitter also.

Back now after almost 4 weeks abroad. While I was away, the guys at Tek-Tips kicked off publication of some of my articles. I’ll be writing more for the publication so will post links sometimes from here to the site. Anyway, I better get back to work now.

Posted in Dumb Security, WTF, news | No Comments »

A CIO and CEO Guide to improving corporate security today – it is possible.

Posted on August 10th, 2009 by Drazen Drazic

Just got back and saw this was confirmed:
http://www.iirme.com/securecon/workshops/c.html

CEOs, CIOs and Middle East Gov and Gov Security seems to be the audience.

Should be fun…..there is no slides…….just talk…..they accepted that….(somewhat I think). :) I prefer to just talk……

This will be an all-out session and I hope Bruce S (Keynote) will be there….Pass this link to 20 of your friends and you will receive…magically a new notebook.

Posted in Applications, Bad Developers, Bad Stuff, Disclosure Laws, Dumb Security, Firewalls, Forensics, PCI, PCI DSS, Research, Risk Management, Securus Global, Too cool, Vulnerability Management, Web Application Security, cyber crime, governance, news | No Comments »

E-security: Government Strategies?

Posted on June 10th, 2009 by Drazen Drazic

Almost missed it again…..E-Security Awareness Week. Here’s the details and awesome video with great security tip for all:
http://www.staysmartonline.gov.au/awareness-week

Computerworld reports that; “Govt preaches security to slack business“. Anyone have a copy of the presentations? Be interesting to find out what was spoken about.

Still keen to know what the Government itself is really doing as posted here. More probing into the Government’s role was this post by SGirl here. It copped a bit of criticism but more support than anything else.

CNVA Program “suspended” as reported here.

Movement on the E-Security strategy front I hear??!!….But how does it all relate to the above and what information is going to be provided to those who made submissions to this piece of work? Is it all finally coming together or just becoming more disjointed?

Posted in Bad Stuff, Dumb Security, cyber crime, news | 9 Comments »

Random Links and Rants…….

Posted on May 30th, 2009 by Drazen Drazic

- I enjoyed following the AusCERT conference over the Net – mainly on Twitter. How long before we can attend conferences from all over the world without having to leave home? As raised also by @Kinshasha on Twitter. Just pay for the sessions you want to view from the world’s best conferences and away you go. (I suppose in Australia it would help to have a better network but it could still work). I don’t think it would kill attendances at conferences. In fact, it would open up whole new potentially large revenue streams for the organisers. Only a matter of time I suppose before this becomes standard. While on the subject of AusCERT, photo time! :)

- Craig Balding at cloudsecurity.org with his thoughts on Sun creating a UK cloud security group. You really have to wonder if there is any substance to this once you scratch the surface. Craig raises some valid points.

- The best PCI DSS roundup on the worldwide web for those of you that want the latest news and opinions consolidated into one site. Anton’s commentary as always is interesting: http://chuvakin.blogspot.com/

- Seriously take some time out and have a look at nodecity. It is a not for profit organisation. The video in the link is Donal speaking with the CEO of Deloitte Digital and the Chair of Future Summit 2009. More on what nodecity is all about here.

- Patrick at Risky.Biz has a heap of AusCERT 2009 presentation podcasts plus his usual weekly Risky Business podcast. Check it out.

- A few people have asked how this one is progressing. We’re getting there and thanks for the feedback from everyone – those who posted and the score of emails I got about this.

- Latest updates to the Australian IT Security Blog Directory.

Posted in news | 3 Comments »

Australian Government CNVA Program to be “suspended” from 1 July, 2009.

Posted on May 30th, 2009 by Drazen Drazic

“It is likely to be re-activated in the future, however no decision has been made on timing” I have been told.

While the intentions were good as documented here, it never really picked up a critical mass of support by non-government critical infrastructure sectors. According my sources, attention is now focused on the “CERT within Government” program. Any potentianl impact to AusCERT with this current “focus” you have to ask? For most, as long as the annual Gold Coast conference remains, all is good.

Posted in news | 4 Comments »

Crime Insurance – Implications of bad business IT security practices……

Posted on May 25th, 2009 by Drazen Drazic

Interesting looking at the latest Crime Insurance Renewal forms I’ve been sent. A hot topic from a discussion perspective a few years ago in regards to being a potential driver of better IT security practices in business, but it fell off the radar somewhat in recent years. I have to ask, has it finally seriously arrived (at least here in Australia)? Has this quietly snuck up on us and is now about to be the next “PCI DSS”?

Obviously if you had good IT security practice before, PCI DSS compliance wasn’t a pain, and if you’re PCI DSS compliant now, then Crime Insurance requirements won’t be a pain….but if you haven’t got the first and second ones under control, well here’s another concern to add to the list. And, for those of you that were not required to be PCI DSS compliant, you’re now probably going to feel the pain you thought you were lucky to miss out on.

Now this one could be the biggest of the lot. Read on…..

Read the rest of this entry »

Posted in Bad Stuff, Risk Management, Vulnerability Management, Web Application Security, cyber crime, news | 7 Comments »

AusCERT 2009: Day 3

Posted on May 21st, 2009 by Drazen Drazic

A big thank you to all those people who took the time out to post on Twitter during AusCERT 2009. For those of us not there, it was great to hear about the presentations and goings on. Even remote correspondents in Poland were involved and kept the laugh factor at high for most of the time. No updates from Day 3 from Pete and The Knuckle as yet as I believe they are still hiding under their beds from the storms…..Can someone go and knock on their doors to make sure they’re okay.

Twitter: https://twitter.com/#search?q=%23auscert

Posted in news | 4 Comments »

AusCERT 2009: Day 2

Posted on May 20th, 2009 by Drazen Drazic

This is what happens when you have guys in the field getting into the spirit of the conference with little regard for deadlines. :) Late or no submissions. At least Pete finally got something to me. No sign of Knuckle as yet and it’s 3:00pm.
—————————————————————————————————–

Good value following the Twitter updates here. A few interesting posts during last night’s awards also. Some not so happy people with some of the winners, but overall, seemed like a great night for those in attendance:
https://twitter.com/#search?q=%23auscert
Read the rest of this entry »

Posted in Research, cyber crime, news | 3 Comments »