Category Archives: Conferences

VB Seminar 2010

I spoke at the VB 2010 Seminar in London on ways that Social Engineering can affect your business’ users.

During the talk, I used some links for demos (many thanks to my good friend Dave Marcus for originally showing me a few of these). For those that are interested, here are the links:

 

Andrew Lee
AVIEN CEO

AVIEN Sponsors VB 2010

Virus Bulletin 2010

In honour of our 10th Anniversary here at AVIEN, we’re sponsoring the pre-dinner drinks reception at the 20th Virus Bulletin Conference in Vancouver next week. In case you didn’t know AVIEN was formed out of conversations held at Virus Bulletin in 2000, and the relationship has been a long and friendly one between the two companies. We’re proud to help bring a part of the conference to the attendees.

Andrew Lee
AVIEN CEO / CTO K7 Computing

Virus Bulletin Seminar Announced

Virus Bulletin have announced the first in a new series of Seminars. Aimed towards the corporate IT Admins and security practitioners, the day long seminar will look at protecting organisations in the modern age of Internet enabled crime.

Speakers include

  • Bryan Littlefair, Vodafone Group
  • Bob Burls, Police Central e-Crime Unit
  • Graham Cluley, Sophos
  • Alex Shipp
  • David Evans, Information Commissioner’s Office
  • Andrew Lee, K7 Computing
  • Martin Overton, IBM
  • Richard Martin, UK Payments Administration

http://www.virusbtn.com/seminar/index.xml

There’s an early bird price available, and seats are likely to fill up fast, so get in early!

Andrew Lee CISSP
AVIEN CEO / CTO K7 Computing

Human Factors in Information Security

Not sure I can get funding to go to the inaugural conference (22-24 February in London) and it may, in any case, be too close to another meeting that isn’t set in stone yet. Nonetheless, it looks like being a more than usually interesting conference. Or is that just because my academic background is awkwardly poised between social sciences and computer science?

http://www.humanfactorsinsecurity.com/index.asp

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://dharley.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/

Security, security, security

This is my first attempt to blog using my iPhone, so forgive any inadvertent typos. I go to a lot of security conferences, and often I feel like I’ve walked into a different world when attending some. No I’m not talking about a preponderance of black sloganised T-Shirts or a penchant for colored hair amongst the attendees (though those do seem to be part of the tribal uniform for security conformistas), rather I’m talking about the way that security has become fragmented into isolated silos of knowledge. In many cases there is total ignorance of the wider security field, and issues are discussed as if they are discrete and unrelated to a wider and more complex picture. It would be nice to have a more generalist family of security professionals, but I guess the field is now so wide that specialism is almost a must. However, I would encourage other security pros to attend different conferences outside of your own specialist area. You will gain a wider view of the world, and you will surely see some funny T-Shirts too.

Andrew Lee CISSP
AVIEN CEO

iPhone worm hits Jailbroken phones

By now the media machine has moved into action and all sorts of nonsense has been spouted about the creation of a worm that spreads on jailbroken iPhones, written by a guy called ‘ikee’. The facts are these,

  1. It ONLY affects jailbroken phones – if your iPhone is not jailbroken then you are not vulnerable
  2. It ONLY affects jailbroken phones that have OpenSSH installed (This involves you having consciously installed OpenSSH)
  3. If you have changed the default passwords for the ‘root‘ and ‘mobile‘ accounts subsequent to installation, you will not be vulnerable to this worm.

It’s tempting to say ‘I told you so’ on this one, as, I actually did state this fact 2 days before the worm was released. On a panel at the AVAR2009 Conference discussing vendor future strategy, someone brought up the idea that the iPhone will be a desirable platform for exploitation. This is true, but as I pointed out, the biggest risk is not so much to users who are using the default OS provided by Apple, because they are in a strictly controlled environment, with Apple as the benevolent dictator, as it is to those users who have jailbroken phones, at which point – you’re on your own.The whole thing does highlight the potential though, there’s no reason why any platform is automagically protected from malware, so it’s no real surprise to anyone that this sort of thing has happened. David Harley (among others) has written more on this subject here, and as always, it’s worth reading.

Andrew Lee CISSP
AVIEN CEO

The Kyoto Protocol

Over the next few days, many of the Anti-malware industry’s researchers will be gathered in Kyoto Japan, for the 12th Annual AVAR conference (http://www.aavar.org/avar2009/). Apart from being a beautiful place, in a wonderful country, I hope it will be an occasion for interesting discussion and the opening of new ideas. There are topics as wide as system virtualisation and cloud computing, packers and obfuscation, social networking and information security policy. Quite a few AVIEN members, including me and David Harley will be speaking at the conference. We’ll blog the best bits here 😉

Andrew Lee CISSP
AVIEN CEO

Twarfing: the not so sweet tweet…

There has been a lot of interest recently in the methods used by malicious actors to compromise Social Networking sites for malicious purposes. Indeed, Lysa Myers from WestCoast Labs and I wrote a paper together discussing various issues with SN sites, particularly focussed on Faceboook. However, one very interesting issue has become a hot topic in recent weeks, the posting of malicious URL’s via twitter. The issue here is that often URL shortening services are used (as Tweets are restricted to 140 characters to be compatible with SMS on mobile phones), so the true destination of a URL is easily obscured. Two eminent Anti-malware researchers, Costin Raiu and Morton Swimmer have been particularly involved in examining this threat, and their presentation at Virus Bulletin 2009 in Geneva lasst month was definitely worth seeing, for those who weren’t able to be there, or who missed it, the slides presented by Morton Swimmer of TrendMicro and Costin Raiu of Kaspersky to the conference are available online here http://www.slideshare.net/craiu/twarfing-malicious-tweets.

Andrew Lee CISSP
AVIEN CEO