Site Network: Beskerming.com | Skiifwrald.com | Jongsma & Jongsma

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at Sûnnet Beskerming.

Username: | Password: Contact us to request an account

Commentary & Insight From Sûnnet Beskerming

Covering news on emerging threats, advice on good security practices, analysis, explanation of technical news items, and brief, accurate, non-biased synopsis of security-focussed technology trends, Sûnnet Beskerming commentary is many things.

Whether you call it a blog, online journalism, or commentary on events, this is where you can find and search all relevant articles published by Sûnnet Beskerming.

All articles will eventually be made available free of charge, however some content is initially only available to paying subscribers.

Available entries
How the Online Trust Model is Broken - The Bank of India.com attack
Posted in: Information Security
Thanks to the team at Sunbelt Software comes news of a serious hack perpetrated on the website for the Bank of India at http://www.bankofindia.com (non clicky for those who aren't reading closely).

While attacks and public defacements on websites are regular occurrences and can be seen at Zone-h,....
Posted: 31 August 2007 15:28

Aussie Telco Silently Shifts Staff Offshore
Posted in: Information Security
The Australian IT is reporting on the move by major Australian telco Telstra to move 500 jobs to the Philippines, at least temporarily. While offhsoring of jobs is not normally all that notworthy, the move by one of Australia's largetst IT employers could be a sign of things to come as part of the ....
Posted: 30 August 2007 14:46

Costly Cyberslacking
Posted in: Information Security
Google may have been onto something more than free R&D when it decided to allow employees to have one day per week of time where they could work on their own projects, if recent research being reported on is anything to go by.

If people are spending up to 20% of their time engaged in non-work act....
Posted: 30 August 2007 14:16

Windows Vista SP 1 Slips to 2008
Posted in: Information Security
After initially reporting that Service Pack 1 for Vista was due before the end of 2007, Microsoft now say that the Service Pack will not be due out until the first quarter of 2008. Actually, what they say is that they are 'targeting' the first quarter of 2008 for the release, so the actual release ....
Posted: 30 August 2007 13:44

German Government Hoist on Their own Petard
Posted in: Information Security
It took less than a month after the restrictive German Computer Security laws came into effect for a major German Information Security embarrassment to be reported. From just one of the many news sources to carry the news about repeated system penetration at the heart of the German government is co....
Posted: 27 August 2007 22:13

Wild Speculation = ID Theft Doom
Posted in: Information Security
Gartner, which has a ho-hum reputation for its analysis, can apparently guarantee that information theft, data loss, and the holy grail - of Personal Identification data theft, is taking place in Australia, and that it may be much worse in Australia than in other countries.

The reason for all thi....
Posted: 27 August 2007 21:35

Listen to SIP Phones Even When They are on the Hook
Posted in: Information Security
Recently disclosed information suggests that it is a relatively simple matter to remotely eavesdrop on a broad range of SIP-enabled devices. For readers who aren't aware of what SIP-enabled devices are, SIP (Session Initiation Protocol) is a protocol that is used by a lot of VoIP software and assoc....
Posted: 24 August 2007 00:14

Growing Concern Over User-Space Worms
Posted in: Information Security
Almost every antimalware and antivirus vendor has been running at full speed over the last few weeks, trying to keep pace with the rapidly evolving Zhelatin / Storm worm. Not only have the worm variants been modifying their downloaded executable files in a largely-successful attempt to bypass anti....
Posted: 23 August 2007 23:45

When Partial Disclosure Hurts
Posted in: Information Security
Less than 24 hours after iDefense released information onto multiple security mailing lists about discovered vulnerabilities in Trend Micro's ServerProtect software it appears that there is significant attention being focussed on finding systems that have yet to be patched.

According to the infor....
Posted: 23 August 2007 23:29

Skype and Microsoft - What Happened?
Posted in: Information Security
After rumours and speculation that the recent outage experienced by the Skype VoIP network was caused by Russian hackers or Microsoft's monthly Security Patch release, Skype have provided analysis of what it was that caused the outage.

Whenever gaps appear in the available Skype network and route....
Posted: 22 August 2007 07:44

Rumours of eEye's Death Greatly Exaggerated
Posted in: Information Security
After recent rumours of the possible imminent demise of eEye (covered here), the CEO of eEye has come out on record as saying that eEye is quite happily continuing along their current path and they are not looking to be bought out or otherwise cease operating in their current format.

Several of t....
Posted: 22 August 2007 07:29

When There's Nothing else to do, Argue
Posted in: Information Security
It has been an odd week in Information Security. Not only did Microsoft release nine patches as part of the August Security Patch Release (which some consider all to be Critical), but the popular VoIP platform, Skype, encountered system-wide outages and difficulties. While the official reason for ....
Posted: 20 August 2007 21:56

The Difficulty of Validating Systems and Users
Posted in: Information Security
One of the issues plaguing Identity management and online authentication systems is how to accurately validate the identity of the system or user connecting to a service.

One possible means for identification that has attracted attention recently is finding and identifying a 'MachineID', some for....
Posted: 20 August 2007 21:46

When InfoSec Companies are Targeted
Posted in: Information Security
One of the perils of being an Information Security company is that they become targets of the individuals and groups that produce malware and engage in illegal online activity. Antivirus and antimalware vendors have been targets of this sort of activity for a long time, with a high percentage of cu....
Posted: 16 August 2007 12:32

Microsoft August 2007 Security Patch Release
Posted in: Information Security
24 hours ago Microsoft released the August batch of Security patches for the Windows Operating System and other important Microsoft software.

As expected, based on the advanced notification, Microsoft released nine patches, which addressed 14 serious vulnerabilities affecting Windows, Office, Vir....
Posted: 16 August 2007 06:44

A Lesson in Courtesy
Posted in: Information Security
Anybody who spends time analysing news sources reporting on the same subject will soon be able to identify when different reporters are using a common source for their articles, even if it is being paraphrased by different reporters. Over time it is possible to trace how a story has evolved and fil....
Posted: 15 August 2007 01:19

German Security Professionals in the Mist
Posted in: Information Security
German Information Security professionals were hopeful after proposed changes to the UK Computer Misuse Act Police and Justice Act amendments were suspended due to the fact that if certain clauses were enacted, it would effectively make the entire Information Security industry in the UK criminals. ....
Posted: 12 August 2007 16:04

Microsoft August 2007 Security Patch Advance Notification
Posted in: Information Security
With the Thursday before the second Tuesday of the month having just gone, Microsoft have released information about the Security patches that they are expecting to release next Tuesday.

With August's release, Microsoft are planning on releasing nine security bulletins. Six of the bulletins will....
Posted: 11 August 2007 00:21

Protecting Aussie Internet Users for $190 Million
Posted in: Information Security
Within the last 24 hours the Australian Commonwealth Government announced that they would be spending $189 million Australian dollars ($162 million USD) on a range of packages and programs designed to protect Australian Internet users against all that the Internet has to offer, under the name Netale....
Posted: 10 August 2007 21:26

Complete Control of the iPhone Steps Closer
Posted in: Information Security
After a period of relatively light Information Security news (everybody must have been sleeping off Black Hat and DefCon), disclosure and the publication of new research has ramped up in intensity again.

One of the projects that has attracted a lot of attention over the last month has been the ef....
Posted: 10 August 2007 18:53

Lame Duck or Low Profile?
Posted in: Information Security
An interesting claim has been made about well-known Information Security firm eEye, that they may be rapidly heading out of their prominent position. Even though the claim is made based on speculation and rumour (the dangers of which are well known), there has been enough taking place with the com....
Posted: 7 August 2007 03:06

Bad Debt and the Power of Rumour
Posted in: Information Security
Significant changes on major global stock markets are guaranteed to have flow on effects to almost all markets. One such move that appears to be playing out on the US markets is the collapse of the 'sub-prime' mortgage market, which is effectively the issuing of debt to borrowers who are regarded a....
Posted: 7 August 2007 02:49

Black Hat Results
Posted in: Information Security
With the formal side of Black Hat USA winding down and DefCon starting to warm up, many attendees are beginning to discuss their impressions of the conference and the material presented at it. All of the presentations and whitepapers have now been made available online across a number of sites allo....
Posted: 4 August 2007 15:55

Firewall Vendor Steps up After BlackICE Discontinued
Posted in: Information Security
After security vendor ISS was purchased by IBM, many thought that their popular software firewall BlackICE would continue as a leading product, especially with the resources of IBM to help sustain development and support of the software.

That situation has now changed, with IBM Internet Security ....
Posted: 3 August 2007 23:43

The Trials of Being a Bank
Posted in: Information Security
Being a bank and maintaining a secure online presence when there are many people out to defraud you and your customers is somewhat difficult, at least that is what some people would have you believe. Whether it is attackers trying to actively hack into sensitive systems, phishing attacks against ac....
Posted: 3 August 2007 23:18

Beneficial Worm or Digital Menace?
Posted in: Information Security
Via the team at GNUCitizen comes news of a newly discovered AJAX-based worm that targets Wordpress blogs. An independent researcher, beNi, discovered several vulnerabilities that affect the current version of the Wordpress blogging platform.

Ranging from Cross Site Scripting (XSS), including per....
Posted: 2 August 2007 15:01

Worm Threat Forces Apple to Disable Software?
Posted in: Information Security
When an online identity (group of identities) known as InfoSec Sellout made grand claims of a proof of concept worm, dubbed Rape.osx, that targets OS X, it led to a lot of heated argument and drama - including anonymous death threats and an accidental deletion of their blog. While there has still b....
Posted: 2 August 2007 11:39

How has the iPhone Update Affected Research into the Device?
Posted in: Information Security
Apple's recent update for the iPhone has had some implications for those who are seeking to dig around inside the system. As reported by the team responsible for the most progress to date (#iphone @ irc.osx86.hu), the iPhone update does have an effect on what has been achieved to this point. It is....
Posted: 2 August 2007 10:26

Security Expert Turned Away for Wrong Visa
Posted in: Information Security
When a country turns away a visitor for carrying the wrong visa it doesn't normally make the news. This isn't the case with a recent incident where there has been a lot of coverage across technical news sites about the United States turning away one of the key presenters at the current Black Hat se....
Posted: 1 August 2007 11:10

Posts from September, 2017.