- Email: [email protected]
Hacking popular among students
CALENDAR ...Continued from page 19 “To mitigate network security risk, organisations need insight into the potential threats associated with using social media networking sites and web application downloads in a business environment,” said Mike Dausin, manager, Advanced Security Intelligence, HP TippingPoint DVLabs. “By understanding the increased risk these applications pose to the corporate network, organisations can implement remediation strategies to ensure that business processes, as well as data, remain secure.” According to DVLabs, the aim of the report is to help organisations understand the attack frequency and risks of web-based computing in order to adapt their security accordingly. In particular, DVLabs argues that firms need to get to grips with PDF vulnerabilities, understand new techniques being used by attackers and prevent older threats – such as SQL Slammer, Code Red and Conficker – from becoming a problem by understanding their pervasiveness. Data for the report was provided by hundreds of deployed HP TippingPoint Intrusion Prevention Systems (IPS), plus information provided by SANS, the Open Source Vulnerability Database and Qualsys. The report is available here (PDF): .
Smartphones present major threat
T
he smartphone is emerging as a key threat vector, but most organisations are being slow to appreciate the dangers, according to industry experts.
At the IDC Security Conference 2010, Howard Clegg, head of solution sales at Vodafone UK, said he believes that businesses are not taking mobile security seriously. He claimed that users are 15 times more likely to send confidential information using smartphones than laptops when working outside the office. 20
Network Security
“It is difficult to get organisations to realise smartphones are as important as laptops in terms of security,” he said. “With the rise in attacks on smartphones in 2010, these devices need to be considered in the same light as mini PCs.” Paul Vlissidis, technical director at NGS Secure, part of the NCC Group, has similar concerns. He believes that rogue applications downloaded to smartphones should be the top security concern for organisations. Speaking to Computer Weekly, he said: “Most large companies have the security policies and software in place to protect mobile devices on a base level, but only now are they beginning to consider apps as vulnerable to cybercrime.” These warnings come at a time when the Android platform has acquired its second trojan. Kaspersky has identified SMS malware which it has dubbed SMS.AndroidOS.FakePlayer.b. As the name suggests, it masquerades as a media player and infection requires the user to manually install the application. Warning signs are that the code is less than 17KB and requests that the user authorises the sending of SMS messages – both highly unlikely for a media player. Currently, the trojan is being distributed via Russian adult websites.
Hacking popular among students
N
early a quarter of UK college students have indulged in hacking IT systems, according to a survey conducted by Tufin Technologies and supported by the Association of Chief Police Officers (ACPO).
Encouragingly, 84% said they know that hacking is wrong, although 32% said it is cool. That means there is some degree of overlap where they feel it is both wrong and cool. Of the hackers, a third do it for fun, 22% out of curiosity and just 15% to make money. The practice is split evenly between males and females. The main hacking activity involves getting into other people’s email and social networking accounts – nearly half the students had themselves fallen victim to this.
EVENTS CALENDAR 9 October 2010 ZaCon community hacker conference Location: University of Johannesburg, South Africa Website: http://zacon.org.za
21 October 2010 MALWARE 2010 – 5th International Conference on Malicious and Unwanted Software Location: Grand Hotel de la Reine, Marlboro, MA, US Website: www.malware2010.org
25-30 October 2010 SANS Chicago 2010 Location: Chicago, US Website: www.sans.org/info/61188
27 October 2010 The 3rd Regional Conference on Criminal Law and Challenges of Fighting Cybercrime Location: Casablanca, Morocco Website: Cybercrime-fr.org/index.pl/ maroc2010
3 November 2010 Cyber Security Readiness Summit Location: Arlington, Virginia, US Website: www.wbresearch.com/cybersecurity/
7 November 2010 SANS San Francisco 2010 Location: San Francisco, California, US Website: www.sans.org/info/61308
8 November 2010 5th International Conference for Internet Technology and Secured Transactions (ICITST-2010) Location: London, UK Website: www.icitst.org
September 2010
Smartphones present major threat
T
he smartphone is emerging as a key threat vector, but most organisations are being slow to appreciate the dangers, according to industry experts.
At the IDC Security Conference 2010, Howard Clegg, head of solution sales at Vodafone UK, said he believes that businesses are not taking mobile security seriously. He claimed that users are 15 times more likely to send confidential information using smartphones than laptops when working outside the office. 20
Network Security
“It is difficult to get organisations to realise smartphones are as important as laptops in terms of security,” he said. “With the rise in attacks on smartphones in 2010, these devices need to be considered in the same light as mini PCs.” Paul Vlissidis, technical director at NGS Secure, part of the NCC Group, has similar concerns. He believes that rogue applications downloaded to smartphones should be the top security concern for organisations. Speaking to Computer Weekly, he said: “Most large companies have the security policies and software in place to protect mobile devices on a base level, but only now are they beginning to consider apps as vulnerable to cybercrime.” These warnings come at a time when the Android platform has acquired its second trojan. Kaspersky has identified SMS malware which it has dubbed SMS.AndroidOS.FakePlayer.b. As the name suggests, it masquerades as a media player and infection requires the user to manually install the application. Warning signs are that the code is less than 17KB and requests that the user authorises the sending of SMS messages – both highly unlikely for a media player. Currently, the trojan is being distributed via Russian adult websites.
Hacking popular among students
N
early a quarter of UK college students have indulged in hacking IT systems, according to a survey conducted by Tufin Technologies and supported by the Association of Chief Police Officers (ACPO).
Encouragingly, 84% said they know that hacking is wrong, although 32% said it is cool. That means there is some degree of overlap where they feel it is both wrong and cool. Of the hackers, a third do it for fun, 22% out of curiosity and just 15% to make money. The practice is split evenly between males and females. The main hacking activity involves getting into other people’s email and social networking accounts – nearly half the students had themselves fallen victim to this.
EVENTS CALENDAR 9 October 2010 ZaCon community hacker conference Location: University of Johannesburg, South Africa Website: http://zacon.org.za
21 October 2010 MALWARE 2010 – 5th International Conference on Malicious and Unwanted Software Location: Grand Hotel de la Reine, Marlboro, MA, US Website: www.malware2010.org
25-30 October 2010 SANS Chicago 2010 Location: Chicago, US Website: www.sans.org/info/61188
27 October 2010 The 3rd Regional Conference on Criminal Law and Challenges of Fighting Cybercrime Location: Casablanca, Morocco Website: Cybercrime-fr.org/index.pl/ maroc2010
3 November 2010 Cyber Security Readiness Summit Location: Arlington, Virginia, US Website: www.wbresearch.com/cybersecurity/
7 November 2010 SANS San Francisco 2010 Location: San Francisco, California, US Website: www.sans.org/info/61308
8 November 2010 5th International Conference for Internet Technology and Secured Transactions (ICITST-2010) Location: London, UK Website: www.icitst.org
September 2010