This is a dodgy operation who went bankrupt and did not pay their bills but somehow still exist under the same name?
Stay away from them. Weird they exist.
———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.
Posted in Bad Stuff, WTF | 2 Comments »
I’m not going to go back over all the old posts to try to remember who all these mobs were, but is there a consortium still doing anything? eg; ICASI and SAFECode. etc etc…..
Some previous posts mentioning them: http://beastorbuddha.com/?s=consortium
Not much more to add that I haven’t already said in the link above and links within the posts.
Is there a Cloud one also? Sure there is. 
———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.
Posted in Bad Stuff, Dumb Security, WTF | 1 Comment »
I know it has taken me a while to catch up, but I relegated it low priority when I first heard of this “APT” business. Bad of me? Who made this stuff up? This is something you’d only make up for a laugh. But, all of the sudden, my industry is talking about it. FFS. Is this an American thing?
….if I had to mention that to a client. “Stand back…..you have an APT!!!”…… “Thanks Draz…awesome we hired you to save us!”
I have nothing! If this makes Wikipedia, (which it may have by now (Ed: yeah, I know it’s there), I’d love to chat (Ed: modified to not scare people), with that genius who invented the term, (for our industry).
———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.
Posted in Bad Stuff, Disclosure Laws, WTF | 15 Comments »
Symantec Press Release 22 February, 2010: Symantec 2010 State of Enterprise Security Study……
(Time to pump out another piece of marketing to get people thinking about buying Symantec. Here’s the report if you are interested in wasting a few minutes).
Just reading this now…….wooo…..hang on……what I don’t see anywhere in this report is a proud statement that Symantec customers are the lucky few that are safe from malicious attacks that other businesses are facing.
Why is this not in there Symantec? Surely you should be beating your own drums given you so proudly told us all some time ago that your product(s), and I quote; will provide “…proactive protection against unknown and zero-day threats”. It’s the Symantec Guarantee!
As such, surely Symantec customers do not have the same concerns as those poor businesses you mention in your study. Let us know if this was just an error on your part, or Symantec just not wanting to show off here because, surely you would not use bullshit marketing in the past?!
———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.
Posted in Bad Stuff, Dumb Security, Too cool, Vulnerability Management, WTF, cyber crime | 20 Comments »
Made my day when I heard iiNet won their case against the Film Industry! Here reported by itnews. Awesome. Hoping some common sense will prevail and workable collaborative efforts can happen now. Well done iiNet.
Some of our previous posts on this topic…worth a read:
http://beastorbuddha.com/?s=iinet
———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.
Posted in Dumb Security, Internet Filtering, WTF | No Comments »
This video was put together by Donal and Wade at the recent RSA Conference in San Francisco (April 2009).
Dan Kaminsky, Pete Lindstrom and Marcus Ranum put forward their thoughts on Australia’s plan to censor the Internet. Dan talks about many of the issues that Securus Global’s Matthew Strahan talked about in his interview with ban.this.url. Surprising that these concerns have barely rated a mention here. Marcus certainly adds some interesting analogies and angles to the whole debate.
Related Posts on Internet Filtering. Thanks to Donal and Wade for representing BorB at the Blogger Meetup at the conference.
———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.
Posted in Bad Stuff, Dumb Security, Internet Filtering, WTF | 4 Comments »
Thanks to Wade for this one (and @Wadeis on Twitter). A bit late on my part, but worth a read.
Obama position on; “…right to a free internet….and unshackled internet” – article from The AGE: White House steps into China-Google row.
I wonder how that marries up to Stephen Conroy’s position and thoughts? Yes, I know he’ll “sell” his “project” as a different beast but is it really? We know the implications. More here: http://beastorbuddha.com/category/internet-filtering/
Can you have shades of grey here and spin to suit the occasion/scenario? Keep the fire burning people.
———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.
Posted in Bad Stuff, Dumb Security, Internet Filtering, WTF | No Comments »
Random thoughts: News?, OMG really?….nah!, Awesome marketing move Google!, Using the Net for spying…you naughty boys China…you’re the only ones and need to be punished , Hang on, he who controls the pipes…controls it all? It’s okay as long as it’s not someone other than us doing it!, yawn…..news?, Great marketing….I’m pulling out of China too! Write it up journos, I need more business!
———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.
Posted in Bad Stuff, Dumb Security, WTF, cyber crime | 1 Comment »
Run by Electronic Frontiers Australia (EFA), “The Great Australian Internet Blackout” is on.
Some background on this from our perspective can be found here. This is important.
We’ve been against this Government “initiative” from the outset. It is flawed on so many levels, so please, have a read and pass this information onto your colleagues, family and friends, if you haven’t already.
We need critical thinkers to push this information out into the broader community who may not understand the real issues outside of the Government spin on it. We need to wake up our fellow Australians!
———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.
Posted in Dumb Security, Internet Filtering, WTF | 1 Comment »
It’s always interesting reading about larger scale fraud like this one recently with the Bank of Queensland. You wonder in cases like this, had the accused pulled the pin earlier, would he ever have gotten caught? You wonder how many do get away with it – stopping before obvious alarm bells start to ring?
There’s no generic solution/strategy for fraud detection to critique, as each organisation addresses it’s own internal security and risk management practices differently, but there is a scary pattern of misguided thought in regards to securing systems and actually defending against, and detecting fraud. It’s “security” by definition but are many blinkered in regards to what the full definition of “security” encompasses? I think so.
Many in the security industry are focussed to the point of obsession on only vulnerabilities and technical attack vectors (new attack type X, new attack type Y – all generally old stuff just re-invented in different ways but promoted as new big things by many in the industry). It’s such a narrow focused view that stops at the technical exploit. That’s not where the role of a security professional should stop. Read on:
Posted in Applications, Bad Developers, Bad Stuff, Dumb Security, Forensics, IDS, IPS, Risk Management, Vulnerability Management, WTF, Web Application Security, cyber crime, governance | 6 Comments »
It amazes me that just as I think there’s no more new Ab Blaster type machines that could possibly be created, a new one pops up on one those infomercials. They get stupider and stupider looking with each generation, but given those infomercials aren’t cheap, they must sell a bomb.
Who buys these things I think to myself? The obvious answer is those people who don’t know any better, know nothing about exercise and fitness, and who actually believe these things will give them; easily, in quick time and with minimal effort on their part, the same abs as the athletes who promote the devices, (who most likely have never used these machines).
Here’s the big tip: Commitment to getting there, combined with a strict diet and exercise routine will get you those washboard abs. The new whiz bang device on it’s own won’t. It won’t even play a large percentage in getting you there. I’ll guarantee that one!
No Rocket Science degree required to get the analogy here.
———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.
Posted in Bad Stuff, Dumb Security, WTF | 12 Comments »
Re: Malware – you are always warned to not open attachments from those you don’t know. What about the ones from your dumb mates?
That should be rule number 1. Trust the stranger before trusting your non-IT, care-factor zero mates. Then move onto rule 2.
Hey, I’ve got a Mac.
———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.
Posted in Bad Stuff, Dumb Security, WTF | 3 Comments »
Reading through the ISP Filtering Live Report(s) – still wondering what this proves. Is anyone surprised by the findings? I’d have been surprised if it was much different. Now to base a full blown strategy (flawed in concept according to many from the outset) on a test/trial whose scope is ridiculously inadequate to represent real-life implementation. It would laughable if the impacts upon us of this progressing weren’t potentially so serious. Where to start? What hasn’t been said before? Refer here:
http://beastorbuddha.com/category/internet-filtering/
———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.
Posted in Bad Stuff, Dumb Security, Internet Filtering, Uncategorized, WTF | 8 Comments »
There’s always a load of articles talking about the “core security skills” that security professionals and companies will need to develop. With 2010 approaching, we’re starting to get the typical 2010 recommendations and predictions articles on this topic.
I wonder if many of these articles are written by, and targeted at people and organisations who might just be waking up out of their slumber into the real world that we, (security people), have lived in for the last 2 or more decades. The alarm’s on snooze still though in my opinion.
I find this interesting. Aside from keeping up with technical/researcher type knowledge, (which most of these articles rarely refer to), what are these new “core skills” that we should all be developing? Keen to know if I have missed anything.
———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.
Posted in Dumb Security, Research, Risk Management, WTF, governance | 7 Comments »
Thanks to Peter for the link to this one here:
http://www.itnews.com.au/News/158006,acs-gives-conditional-thumbs-up-to-internet-filtering.aspx
Get the splinters out of your backsides ACS. Did you need to create this piece of work to justify your existence or are you trying to come across as a voice of reason…or do you truly believe you’ve come up with something groundbreaking?
Regardless, you look dumb and as irrelevant as always. A personal opinion. Just my thoughts and as usual, opening myself up to flames.
Posted in Bad Stuff, Dumb Security, Internet Filtering, WTF, cyber crime | 16 Comments »
I reckon Scott Adam’s chapter on “Management Consultants”, (in his book, “The Dilbert Principle*”) is still the best I have read on this topic. If you are consultant and you haven’t read this chapter about your job, go out and do it right now! You may learn quite a bit.
It still amazes me that there is still an attitude of elitism amongst many consultants and consulting firms that if you haven’t been a “consultant” before, you are not worthy of consideration for a role within a consulting organisation – regardless of a person’s actual expertise and experience.
I know a lot of people who have tried to crack into consulting – coming from an internal role, and who have hit a brick wall.
Posted in Bad Stuff, Dumb Security, WTF | 12 Comments »
Looking at data like this from the Conficker Working Group and talking to many Information Security Managers/CSOs still having to deal with outbreaks in their organisations, you have to wonder what’s going on? The general theme seems to be; “Infrastructure lead told us this was under control….they patch (always!)…..they now tell us [post infection], they “sometimes” patch!….Now it’s out of control!”
LOL…usually same guys who see no merit in vulnerability assessment/management systems and penetration testing (plus security in general?). Why buy something like QualysGuard when you can get a pretty thorough test for free I suppose? (If you can deal with the repercussions). From the CSO perspective; Automated Porkie Testing…no client-side input required.
Posted in Bad Stuff, Dumb Security, Risk Management, Vulnerability Management, WTF | 1 Comment »
Stay tuned….
Getting asked by people all the time why I do things like “Twitter” for example. As if it is something not so worthy. Background: here and here.
So have decided I would look at some of the real benefits of such applications in relation to our industry (and wider) in a much longer post. Who’s wasting their time or missing out? Is it that uncool? LOL……we’ll see.
DD
Posted in Bad Stuff, Dumb Security, Ford Falcon, Research, Securus Global, Too cool, UFOs, WTF | 1 Comment »
Now I am/was a Rugby Union supporter, but gees, this game is now so far behind Rugby League, it’s not funny. It’s that exciting, I can write this post as I watch the pinnacle of the sport, a Bledisloe game between Australia and the All Blacks and know I am not missing much as I type. Read on.
Posted in Bad Stuff, Ford Falcon, WTF | 8 Comments »
Coincidental timing….seeing a discussion on Twitter and forum here between a few people on why I don’t do presentations at large conferences.
Nice to know that people give me that cred worth discussing…thank you.
Posted in Bad Stuff, Dumb Security, Research, Risk Management, Too cool, WTF | 1 Comment »
