Security

Beef Up your Internal Control Attend the Digital forensic Investigation Platform

Bitstop Network Services, Inc — Mon, 17 Mar 2008 11:42:00 GMT

MgDelxis in Singapore is now accepting registrations for their Digital Forensics Investigations Platform (Workshop) to be held on May 8 and 9, 2008 in Kuala Lumpur, Malaysia.

The facilitator of the event is Mr Seamus E. Byrne, COO eDiscovery Tools. He is a lawyer with extensive forensic technology and electronic discovery experience.

Participants of the platform will gain usefull skills and best practices to beef up their internal audit procedures. This will help them manage their digital information assets better. Interested parties are urged to email sales-dfi[at]mgdelxis.com for the more information.

Hacking Unpatched IEs

Bitstop Network Services, Inc — Wed, 27 Feb 2008 10:02:00 GMT

This cool hacking video tutorial shows how a hacker could put malware into a webserver and then use it to infect unpatched IE (Internet explorer) browsers to load the exploit code into victim units. The hacking tool will then connect to the IRC channel and await further commands from its 'master'.

This video is courtesy of Ian Wate. Visit his security blog.

The lesson here is to always patch your systems. This attack would not work on systems that are fully patched. Get anti-virus software as an added measure of protection as well.

Microsoft Partner Readiness Program

Bitstop Network Services, Inc — Fri, 22 Feb 2008 15:35:00 GMT

Bitstop Inc is sending two of our marketing staff to attend the Partner Readiness program organized by Microsoft on Feb 27, 2008 at Microsoft Offices in Makati, Metro Manila. The event is targetted at Sales Representatives and product managers

8:30-9:00 Breakfast & Pre Exam
9:00-12:00
Opening & Welcome
People Ready Business
Growing your Business with Annuity
IO & RPV
World Class Selling

12:00 - 1:00 Lunch
1:00 -2:00 WAVE Launch
2:00 -2:45 Microsoft in Battle
2:45 -3:15 Value of Genuine Software
3:15 - 3:30 Break
3:30-3:45 The Latest on Windows Client
3:45-4:00 Whats up with IW?
4:00-4:15 Security
4:15-4:30 Customer & Partner Experience
4:30-5:00 Kaakbay - The Evolution
5:00-5:15 Closing

Microsoft Partner Readiness Program

Bitstop Network Services, Inc — Fri, 22 Feb 2008 15:35:00 GMT

8:30-9:00 Breakfast & Pre Exam
9:00-12:00
Opening & Welcome
People Ready Business
Growing your Business with Annuity
IO & RPV
World Class Selling

In house training for System Admin

Bitstop Network Services, Inc — Sat, 15 Sep 2007 20:17:00 GMT

Bitstop Inc has engaged Mr Francis Vidal to conduct an inhouse system administration training for our support staff. The event will be on Sept 22-23, 2007. The system admin course will be intensive, hands on and will cover unix system administration, security procedures, maintainance and other critical skills needed in support on Medium to Large installations.

ISSSP Manila Con 2007 archived webcast

Bitstop Network Services, Inc — Thu, 13 Sep 2007 08:46:00 GMT

Here are the initial video coverage of the some of the sessions of ManilaCon 2007. Day 1 Part 1, and Day 1 part 2.

ManilaCon 2k7

Bitstop Network Services, Inc — Thu, 30 Aug 2007 13:04:00 GMT

This year’s "ManilaCon 2k7:world@risk” conference and exhibit is organized by the Information Systems Security Society of the Philippines (ISSSP), in cooperation with the Commission on Information and Communications Technology (CICT) and the National Security Council (NSC) towards the development and implementation of a National Cyber Security Strategy. We need one to ensure the integration of public and private efforts to counter threats and institutionalize the protection of national and local cyber infrastructures and businesses.

For registration or more information, please call Ellen at the ISSSP Secretariat telefax no. 750-3742 or mobile 0920-2413954. Or send email to isssphil@yahoo.com. You may also visit www.isssp.org.ph for other details of this conference and exhibit and/or to register online.

Aanval Snort based Intrusion and Correlation Software

Bitstop Network Services, Inc — Fri, 10 Aug 2007 09:37:00 GMT

Aanval was introduced to me by Francis Vidal. (Thanks Pran!)

“Aanval (pronounced: "anvil") is an advanced data management, correlation and analysis console designed specifically for Snort and Syslog data. Aanval is a complete web-based software solution designed to manage and correlate snort intrusion detection data and / or syslog device data. Aanval is available in a free, downloadable single sensor version in addition to a commercially licensed and supported version“

I am seriously thinking of getting the FULL training. It cost 800 USD, but it allows for 5 web participants. Anybody interested to chip in and learn this software, please reply to this post here.

Internet Voting in Singapore

Bitstop Network Services, Inc — Mon, 23 Jul 2007 11:30:00 GMT

Picture shows Comelec Chairman Abalos with Ambassador Belen at the conference room of the Philippine Embassy where the former answered questions about the voting system.

Also shown in picture is the representative of Syctl which developed the online application.

Also, Commissioner Tuazon did confirm that they have invited the Pinoy IT community to test the security of the system. At the forum, it was also clarified, that Commission Tuazon was misquoted. He did not refer to the Pinoy IT community in Singapore as "Hackers". This may have lead to some concerns as the press had inaccurately reported Comm Tuazon as referring to the 6,000 Pinoy IT experts in Singapore as "Hackers".

Panda Bot Warning: Barracuda.A bot

Bitstop Network Services, Inc — Fri, 18 May 2007 13:04:00 GMT

PandaLabs has discovered a network of almost 15,000 computers infected with the new Barracuda.A bot. This malicious code is designed to allow its creators to launch distributed denial of service (DDoS) attacks from each computer infected. A DDoS attack consists of launching a denial of service attack from several computers simultaneously to crash other computers. This could prevent users from, say, accessing a certain website.

“Distributed denial of service attacks are an excellent source of economic benefit for cyber-crooks. A network like this can be used to blackmail companies that use the Internet for business. Hackers demand huge amounts of money to not launch an attack that could crash the target company’s computers”, explains Luis Corrons, Technical Director of PandaLabs.

On some occasions, the Barracuda.A bot can also use the infected computer as a proxy. As a result, a hacker could perform other types of attacks anonymously (send spam, access other computers illegally, etc.), using the affected PC as a cover. “This way, cyber-crooks can hide their tracks on the Web. They can use the IP addresses of kidnapped computers to store confidential data on a certain FTP server or transfer money from illegal activities from one account to another, so that, should their criminal actions be uncovered, there is no way to track them down.”, explains Corrons.