|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: The SANS Institute (NewsBites
sans.org)
Date: Fri Feb 29 2008 - 14:09:53 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
If you are relying on full disk encryption, see the last story for
pointers to all the vendor white papers on how they are dealing with the
attack. Before you fully trust their assurances you may find value in
reading the Swa Frantzen's Internet Storm Center entry on this topic at
http://isc.sans.org/diary.html?storyid=4043 . Also, we have scheduled
a web cast on what to do about the cold boot problem: next Thursday
(March 6). In fact, take a look at the list of webcasts at the end of
this issue - they are much more useful than most of the security web
casts being promoted by the publishing companies.
Note for people planning to attend security training this spring: The
deadline for savings on SANS08 in Orlando is next Wednesday, March 5.
More information: http://www.sans.org/sans2008,
Safer Web Applications: If you are buying or building any important web
applications, there's a special class in Orlando that enables your
developers to ensure they have mastered the essentials of secure coding
in Java. It's the only prep course so far for the now-mandatory GSSP
secure programming examination for developers. We are offering a 35%
discount on that course (April 22- 25) if the person agrees to give us
detailed feedback on how to improve the course further. Email
ccalhounsans.org for the discount code.
Alan
*************************************************************************
SANS NewsBites February 29, 2008 Vol. 10, Num. 17
*************************************************************************
TOP OF THE NEWS
Google Health Privacy Concerns
German Court Overrules Blanket Covert PC Surveillance
Alaska House Passes Personal Information Protection Act
THE REST OF THE WEEK'S NEWS
LEGAL MATTERS
Civil Liberties Groups Come to Wikileaks Defense
HOMELAND SECURITY & GOVERNMENT SYSTEMS SECURITY
Home Office Disk Found Hidden in Laptop Sold on eBay
WORMS, ACTIVE EXPLOITS, VULNERABILITIES & PATCHES
Mozilla Releases Thunderbird Update
US-CERT Warns of Windows CE Trojan
ATTACKS, INTRUSIONS, DATA THEFT & LOSS
FTP Database Contains Thousands of Account Credentials
STATISTICS, STUDIES & SURVEYS
More Than 50% of Companies Have Fired Workers for eMail and Internet
Misuse
MISCELLANEOUS
ICO: Lost Laptop with Irish Blood Donor Info Not a DPA Breach
Experts Weigh in on Cold Boot Attack Defenses
LIST OF UPCOMING FREE SANS WEBCASTS
*********** Sponsored By Digital Persona Inc. ***********
Free Fingerprint Biometrics Test Drive - DigitalPersona's fingerprint
authentication links actual people to individual actions. You know for
sure, who does what, where and when. Implement strong security policies
and make you and your users' lives easier. Eliminate password pain,
simplify compliance and make auditors happy with DigitalPersona's
fingerprint authentication. Get started:
http://www.sans.org/info/24893
*************************************************************************
TRAINING UPDATE
Where can you find the newest Penetration Testing techniques,
Application Pen Testing, Hacker Exploits, Secure Web Application
Development, Security Essentials, Forensics, Wireless, Auditing, CISSP,
and SANS' other top-rated courses?
- - SANS 2008 in Orlando (4/18-4/25) SANS' biggest program with myriad
bonus sessions and a huge exhibition of security products:
http://www.sans.org/sans2008
- - Washington DC (Tyson's) 3/24-3/31 http://www.sans.org/tysonscorner08
- - San Diego (5/9-5/16) http://www.sans.org/securitywest08
- - Toronto (5/10-5/16) http://www.sans.org/toronto08
- - and in 100 other cites and on line any-time: www.sans.org
--German Court Overrules Blanket Covert PC Surveillance
(February 28, 2008)
Germany's Federal Constitutional Court, which reviews laws passed in
that country, has overruled provisions of the State of North
Rhine-Westphalia's Constitutional Protection Act that allowed
investigators to conduct covert searches of PCs over the Internet. The
judges found that the blanket searches severely violated privacy, and
restricted covert PC surveillance to instances when "there is evidence
that an important overriding right would otherwise be violated."
http://www.heise.de/english/newsticker/news/print/104196
http://www.nytimes.com/2008/02/28/world/europe/28germany.html?_r=1&oref=slogin&ref=world&pagewanted=print
--Alaska House Passes Personal Information Protection Act
(February 28, 2008)
With a vote of 35-0, Alaska's House of Representatives has passed HB 65,
the Personal Information Protection Act. The bill would require
organizations to notify citizens when their personal data are
compromised in a security breach. Other provisions in the bill include
banning the sale and disclosure of Social Security numbers (SSNs), and
allowing consumers to freeze their credit reports. The bill now goes
to the Senate. If the legislation passes, Alaska will become the 31st
state to have an identity theft law.
http://www.forbes.com/feeds/ap/2008/02/28/ap4710415.html
http://www.govtech.com/gt/268060?topic=117688
*************************************************************************
TOP OF THE NEWS
--Google Health Privacy Concerns
(February 27 & 28, 2008)
The emergence of personal health record management services has raised
privacy concerns. Google is piloting one such product - Google Health
- - with the Cleveland Clinic. While the online dossiers offer the
convenience of being able to merge health data, they are controlled by
consumers, not physicians, and are therefore not protected by the Health
Insurance Portability and Accountability Act (HIPAA). Although Google
and other entities developing similar products maintain they will offer
even more stringent protections than HIPAA's, "the very existence of a
detailed health dossier accessible in an instant can make control
difficult."
http://www.washingtonpost.com/wp-dyn/content/article/2008/02/26/AR2008022602993.html
http://www.usatoday.com/tech/webguide/2008-02-28-google-health_N.htm?csp=34
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206900841
[Editor's Note (Schultz): The issue described in this news item
introduces a new dimension to data security protection woes. Count on
the fact that if users are in the loop, security risk will skyrocket.
(Pescatore): It is not a given that there will be huge demand from
consumers for these personal heath records, as the financial information
aggregation services that are the finance record equivalent of this
really didn't explode. However, it is inevitable that some consumers
will want to aggregate and control their own medical information to have
some increased level of control of their medical care and some increased
leverage in reducing costs through competition and second opinions and
the like. The real key issues here are (1) making sure that all such
services have external security audits and (2) *most importantly* that
they be required to make any and all third party use of consumer health
be purely opt-in with full audit and accountability. It is one thing for
the Googles and the Microsofts or others to make some money by selling
advertising around medical record access; it's a whole different issue
to be able to resell medical-related information, even if it is only
at the aggregate or metadata level.]
************************** Sponsored Links: ***************************
) Full Disk without the Risk
Full Data Encryption2: tighter security without compromising IT
operations. Protect what matters. Download overview.
http://www.sans.org/info/24898
2) Come to the Penetration Testing and Ethical Hacking Summit June 2-3
- - Las Vegas. Come hear what works.
http://www.sans.org/info/24903
3) How can I address Application Security? Find out at the Application
Security Summit June 2-3 in Las Vegas.
http://www.sans.org/info/24908
*************************************************************************
THE REST OF THE WEEK'S NEWS
LEGAL MATTERS
--Civil Liberties Groups Come to Wikileaks Defense
(February 28, 2008)
The American Civil Liberties Union, the Electronic Frontier Foundation,
the Project on Government Oversight (POGO) and a Wikileaks.org user are
seeking permission to intervene in a case in which a judge ordered the
whistleblower site shut down. The groups maintain the judge's ruling
violated the First Amendment right to receive information and ideas. In
addition, Harvard law School's Berkman Center for Internet & Society's
Citizen Media Law Project has filed an amicus brief asking that the
court reverse its decision.
http://news.bbc.co.uk/2/hi/technology/7268581.stm
http://www.nytimes.com/idg/IDG_002570DE00740E18002573FD005AB476.html?ref=technology&pagewanted=print
[Editor's Note (Grefer): Even though the court has barred Wikileaks from
using the wikileaks.org domain name, the site is still alive, both at
its IP address http://88.80.13.160 and via various other top level
domain extensions listed at
http://en.wikipedia.org/wiki/Wikileaks#External_links]
HOMELAND SECURITY & GOVERNMENT SYSTEMS SECURITY
--Home Office Disk Found Hidden in Laptop Sold on eBay
(February 28 & 29, 2008)
A laptop computer purchased on eBay contained a surprise - a disk hidden
beneath the keyboard and labeled "Home Office" and "Confidential." The
disk was discovered when the buyer took it to a repair shop; both the
disk and the computer were encrypted. The Home Office has launched an
investigation into the matter.
[Editor's Note (Pescatore): This is an oddball one (I've never even
*seen* a laptop where you could hide something under the keyboard) but
it is very common to see sensitive business information show on
computers and PDAs (and likely smartphones in the future) on eBay or
other sites where decommissioned business IT gear is resold. Businesses
should have a policy and process for cleansing all memory and storage
before surplussing IT equipment, or have services built into surplussing
contracts that make sure it happens.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9065480&source=rss_topic17
http://thelede.blogs.nytimes.com/2008/02/28/an-ebay-surprise-lost-diskful-of-data-on-britons/?hp
http://www.securecomputing.net.au/news/71107,uk-home-office-disc-wedged-in-laptop-sold-on-ebay.aspx
WORMS, ACTIVE EXPLOITS, VULNERABILITIES & PATCHES
--Mozilla Releases Thunderbird Update
(February 27, 2008)
Mozilla has released an updated version of its Thunderbird email client,
Thunderbird 2.0.0.12, to address several flaws that could be exploited
to take control of vulnerable computers. The most serious of the flaws
is a critical heap buffer overflow vulnerability in external MIME bodies
that could allow remote code execution with current user privileges.
The flaw affects Windows and Linux versions of Thunderbird. The other
flaws include information disclosure, directory traversal, privilege
escalation, cross-site scripting, and remote code execution. Users are
urged to upgrade as soon as possible.
http://www.eweek.com/c/a/Security/Code-Execution-Flaw-Haunts-Mozilla-Thunderbird/
http://www.heise-online.co.uk/security/Five-security-vulnerabilities-patched-in-Thunderbird--/news/110201
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird2.0.0.12
--US-CERT Warns of Windows CE Trojan
(February 26, 2008)
The US Computer Emergency Readiness Team (US-CERT) has issued a warning
about malware that attacks devices running Microsoft Windows CE. The
WinCE/InfoJack Trojan horse program steals mobile devices' serial
numbers, operating system information and other data and uploads them
to a website controlled by the attacker. It also disables Windows
Mobile application installation security to allow other malware to be
loaded onto the infected device without the user's knowledge.
http://www.eweek.com/index2.php?option=content&task=view&id=46639&pop=1&hide_ads=1&page=0&hide_js=1
http://www.us-cert.gov/current/index.html#microsoft_wince_trojan
[Editor's Note (Grefer): Given that WinCE has become quite prevalent in
various hospital and other medical settings, this is not good news for
patients' safety and wellbeing.]
ATTACKS, INTRUSIONS, DATA THEFT & LOSS
--FTP Database Contains Thousands of Account Credentials
(February 27, 28 & 29, 2008)
Finjan says it has discovered a database of 8,700 FTP (file transfer
protocol) server credentials that are being sold online. The
information can be used to attack computer systems. The credentials
belong to thousands of companies around the world, including many top
level domains.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9065038&intsrc=hm_list
http://www.eweek.com/c/a/Security/Finjan-Finds-Database-of-8700-Stolen-FTP-Credentials/
http://www.securecomputing.net.au/news/71072,hackers-set-up-stolen-ftp-account-trading-floor.aspx
http://arstechnica.com/news.ars/post/20080228-malware-writers-exploring-software-as-a-service-model.html
[Editor's Note (Grefer): Regular FTP, SMTP-Auth, POP3, IMAP and Telnet
credentials can easily be intercepted in transit, because they are clear
text transmissions. Whenever possible, use their respective secure
equivalents or establish a secure tunnel to protect the data in
transit.]
STATISTICS, STUDIES & SURVEYS
--More Than 50% of Companies Have Fired Workers for eMail and
Internet Misuse
(February 28, 2008)
More than half of 304 US companies surveyed said they had fired
employees for email and Internet misuse. Of those managers who fired
employees for Internet misuse, 84 percent said the employees were
viewing inappropriate content, and 34 percent said they had fired people
for excessive personal use of the Internet on the job. Of managers who
fired workers for email misuse, 64 percent said workers had violated
company policy and 62 percent said the emails contained inappropriate
or offensive language. Twenty-two percent said they fired people for
breaching confidentiality rules in email, and more than 25 percent said
they had fired workers for excessive personal use of email.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9065659&source=rss_topic17
MISCELLANEOUS
--Irish Data Commissioner: Lost Laptop with Irish Blood Donor Info Not a DPA Breach
(February 27, 2008)
Following an investigation, the Irish Data Protection Commissioner has
determined that the theft of a laptop computer containing personal
information belonging to approximately 175,000 Irish citizens was not a
violation of the Data Protection Act. The laptop computer was stolen
in New York from an employee of a company that had been hired by the
Irish Blood transfusion Service (IBTS) to develop a query tool. The
encryption used to protect the data was determined to be sufficient, as
the key was not stored on the laptop itself.
http://www.siliconrepublic.com/news/news.nv?storyid=single10391
--Experts Weigh in on Cold Boot Attack Defenses
(February 22, 2008)
In response to the recently published research paper describing how
encryption key algorithms can be extracted from DRAM chips for a period
even after PCs have been powered off, encryption experts have come
forward to say that the attack can be thwarted by holding keys in
hardware instead of software and fully deploying the Trusted Platform
Module (TPM) authentication specification.
Internet Storm Center Entries:
http://isc.sans.org/diary.html?storyid=4043 (read this before you talk with your full disk encryption vendor)
http://isc.sans.org/diary.html?storyid=4024
http://isc.sans.org/diary.html?storyid=4006
http://www.scmagazineus.com/Hard-encryption-keys-TPM-thwart-cold-boot-theft-Experts/PrintArticle/107192/
[Editor's Note (Frantzen): Any cryptographic software can lose control
of its keys in this manner, not just full disk encryption.
(Cole): The cold boot attack has a cool factor to it, but remember that
full disk encryption will protect a system only if it has a strong
password (two factor recommended) and if the system is completely turned
off. Use of a USB token stops the attack. If you turn your system
completely off (and hold on to it for more than 5 seconds) the attack
is not successful. If you do not follow either of these rules, than
full disk encryption can potentially be broken even without this
attack.]
Cold Boot Attack Response
The following vendors have responded with URLs to their position papers
on the Cold Boot crypto attack. If you see a vendor position paper on
this topic, please forward the URL to stephensans.edu:
http://www.guardianedge.com/news/in-the-news/february-25-2008.php
https://www.trustedcomputinggroup.org/news/press/TCG_statement_on_Princeton_Feb_paper_Feb_26.pdf
http://www.utimaco.de/C12570CF0030C00A/vwContentByKey/W26K9MQA301OBELEN
http://www.pgp.com/newsroom/cold_boot_attack_response.html
(it has been updated since last week)
http://www.mobilearmor.com/coldboot.php
http://www.mobilearmor.com/press_022508.php
http://www.winmagic.com/support/Cooled_RAM_Attack_20080222.pdf
http://blogs.msdn.com/windowsvistasecurity/archive/2008/02/22/disk-encryption-balancing-security-usability-and-risk-assessment.aspx
http://blogs.msdn.com/si_team/archive/2008/02/25/protecting-bitLocker-from-cold-attacks-and-other-threats.aspx
http://www.microsoft.com/technet/security/guidance/clientsecurity/dataencryption/analysis/4e6ce820-fcac-495a-9f23-73d65d846638.mspx
https://forums.checkpoint.com/forums/servlet/JiveServlet/download/32-5443-14636-567/cold_boot_attack%20doc.pdf
http://www.bitarmor.com/prevent-cold-boot-attacks/
http://www.bitarmor.com/news/BitArmor_Defeats_Cold_Boot_Attacks.php
http://www.jetico.com/bestcrypt_faq.htm#2_6
- ---end---
LIST OF UPCOMING FREE SANS WEBCASTS
SANS Special Webcast: How to Win Friends and Influence People (for
Penetration Testers)
WHEN: Tuesday, March 4, 2008 at 1:00 PM EST (1800 UTC/GMT)
FEATURING: Lenny Zeltser
http://www.sans.org/info/22984
Sponsored By: Core Security
The success of a security test is often determined in the planning
stage, when the "human element" plays a critical role. This is
especially true for penetration testing projects, which sometimes
encounter political hurdles before they even begin.
Please join us to learn how, with a little transparency and tact, you
can not only get approval for pen testing projects but also help
colleagues use the results to improve your overall security.
Tool Talk Webcast: The ABC's of Dealing with Unique Network Security Risks
in a World of Open Campus Networks
WHEN: Wednesday, March 5, 2008 at 1:00 PM EST (1800 UTC/GMT)
FEATURING: Brian Mehlman
http://www.sans.org/info/22979
Sponsored By: Q1 Labs
Universities continue to face a challenge in the balancing act of two
diametrically opposed networking requirements. On one hand, IT services
have must meet the requirements of delivering an open campus network
with minimal restriction on use. And, on the other hand, you have
networks and systems that maintain sensitive information that requires
tight security controls, often under the scrutiny of specific regulatory
mandates.
SANS Special Webcast: The Little Hybrid Web Worm That Could
WHEN: Thursday, March 6, 2008 at 1:00 PM EST (1800 UTC/GMT)
FEATURING: Billy Hoffman
http://www.sans.org/info/24614
Sponsored By: HP
The past year has seen several wed worm attacks agasint various online
applications. While these worms have gotten more sophisticated and made
us of additional technologies like Flash and media formats, they all
have had some basic limitations such as infecting new domains and
injection methods. These worms are fairly easily detected using
signatures and these limitations have made web worms annoying, but
ultimately controllable. Ths paper examines the possibility of hybrid
web worms which use several methods to overcome the limitations of
current web worms. Specifically the authors examine how a hybrid web
worm: mutates itself to evade defenses; updates itself with neew attack
vectors while in the wild; and finds and exploits targets regardless of
whether they are cliet web browsers or web servers.
SANS Special Webcast: A Response to the "Cold Boot Attack" Announcement
WHEN: Thursday, March 6, 2008 at 1:00 PM EST (1800 UTC/GMT)
https://www.sans.org/webcasts/show.php?webcastid=91884
A certified SANS instructor will host this webcast and provide attendees
with actionable advice on how to reduce their organization's risk
against the Cold Boot Attack using encryption tools and real-world best
practices. Hear responses from leading providers in the encryption
market to gain better understanding of how these solutions can help
mitigate or avoid the vulnerabilities associated with the Cold Boot
Attack. Attendees will walk away with actionable advice on how this
vulnerability can impact their organization and which encryption
solutions can provide best-in-class protection from this and other
security risks.
ISC Threat Update: March 2008
WHEN: Wednesday, March 12, 2008 at 1:00 PM EDT (1700 UTC/GMT) FEATURED
SPEAKERS: Johaness Ullrich and Tony Magallanez
http://www.sans.org/info/24623
Sponsored By: F-Secure
The SANS Internet Storm Center (ISC) uses advanced data correlation and
visualization techniques to analyze data collected from thousands of
sensors in over sixty countries. Experienced analysts constantly monitor
the Storm Center data feeds searching for trends and anomalies in order
to identify potential threats. When a threat is identified, the team
immediately begins an intensive investigation to gauge the threat's
severity and impact. This monthly webcast discusses recent threats
observed by the Internet Storm Center, and discusses new software
vulnerabilities or system exposures that were disclosed over the past
month. The general format is about 30 minutes of presentation by senior
ISC staff, followed by a question and answer period.
WhatWorks Webcast: PaulDotCom's Penetration Testing Dojo: Core IMPACT Style
WHEN: Tuesday, March 18, 2008 at 1:00 PM EDT (1700 UTC/GMT) FEATURED
SPEAKERS: Alan Paller and Paul Asadoorian
http://www.sans.org/info/24628
Sponsored By: Core Security Technologies
When beginning a security process at a consortium of non-profits, a
senior network security engineer began looking for a penetration testing
tool that did web application assessments and aided in automated social
engineering attacks. The tool he purchased is low on manpower use, is
mostly self-maintaining and reliably proves the existence of network
vulnerabilities.
SANS Special Webcast: Monthly Series: Security Insights with Dr. Eric Cole
This Month's Topic: Encryption
WHEN: Wednesday, March 19, 2008 at 1:00 PM EDT (1700 UTC/GMT)
http://www.sans.org/info/24633
Based on first-hand experience, this talk will look at areas where
encryption should be used and how to avoid common mistakes. Dr. Cole
will also identify areas where encryption should not be deployed.
Overall, this talk will provide expert knowledge of the landscape of
encryption, proper uses and common pitfalls. Register now for this free
webcast!
Ask the Expert: Malcode Analysis and Response: Proficiency vs. Complexity
WHEN: Thursday, March 20, 2008 at 1:00 PM EDT (1700 UTC/GMT) FEATURED
SPEAKERS: Matt Allen and Russ McRee
http://www.sans.org/info/24639
Sponsored By: Norman Data Defense Systems
The threat landscape changes constantly, driven in part by the "bot
economy" and changing malcode techniques. In response, incident handler
techniques must keep pace. This presentation will cover the use of
RAPIER, a security tool built to facilitate first response procedures
for incident handling. It is designed to acquire commonly requested
information and samples during an information security event, incident,
or investigation. RAPIER automates the entire process of data collection
and delivers the results directly to the hands of a skilled security
analyst. From detection and discovery, capture and containment, count
on a useful discussion meant to further your incident response
practices.
Tool Talk Webcast: Are You Naked? Why virtualization and service processors
are leaving traditional log management customers naked.
WHEN: Tuesday, March 25, 2008 at 1:00 PM EDT (1700 UTC/GMT) FEATURED
SPEAKER: Bill Johnson
http://www.sans.org/info/24644
Sponsored By: Tdi
Virtualization and on board service processors are making log management
systems obsolete and opening their customers to huge compliance issues.
All existing log management systems are based on an 'inside out' agent
based, SYSLOG and SNMP architecture. This model is obsolete in today's
datacenter. Traditional log management systems do not log all events or
watch the data center all the time, opening the door to Sarbanes Oxley,
HIPAA and other compliance risks.
********************************************************************
The Editorial Board of SANS NewsBites
Eugene Schultz, Ph.D., CISM, CISSP is CTO of High Tower Software and the
author/co-author of books on Unix security, Internet security, Windows
NT/2000 security, incident response, and intrusion detection and
prevention. He was also the co-founder and original project manager of
the Department of Energy's Computer Incident Advisory Capability (CIAC).
John Pescatore is Vice President at Gartner Inc.; he has worked in
computer and network security since 1978.
Stephen Northcutt founded the GIAC certification and currently serves
as President of the SANS Technology Institute, a post graduate level IT
Security College, www.sans.edu.
Johannes Ullrich is Chief Technology Officer of the Internet Storm
Center.
Howard A. Schmidt served as CSO for Microsoft and eBay and as Vice-Chair
of the President's Critical Infrastructure Protection Board.
Ed Skoudis is co-founder of Intelguardians, a security research and
consulting firm, and author and lead instructor of the SANS Hacker
Exploits and Incident Handling course.
Tom Liston is a Senior Security Consultant and Malware Analyst for
Intelguardians, a handler for the SANS Institute's Internet Storm
Center, and co-author of the book Counter Hack Reloaded.
Dr. Eric Cole is an instructor, author and fellow with The SANS
Institute. He has written five books, including Insider Threat and he
is a senior Lockheed Martin Fellow.
Bruce Schneier has authored eight books -- including BEYOND FEAR and
SECRETS AND LIES -- and dozens of articles and academic papers. Schneier
has regularly appeared on television and radio, has testified before
Congress, and is a frequent writer and lecturer on issues surrounding
security and privacy.
Mason Brown is one of a very small number of people in the information
security field who have held a top management position in a Fortune 50
company (Alcoa). He is leading SANS' global initiative to improve
application security.
Marcus J. Ranum built the first firewall for the White House and is
widely recognized as a security products designer and industry
innovator.
Mark Weatherford, CISSP, CISM, is the Chief Information Security Officer
for the State of Colorado.
Alan Paller is director of research at the SANS Institute
Clint Kreitner is the founding President and CEO of The Center for
Internet Security.
Rohit Dhamankar is the Lead Security Architect at TippingPoint, a
division of 3Com, and authors the critical vulnerabilities section of
the weekly SANS Institute's RISK newsletter and is the project manager
for the SANS Top20 2005 and the Top 20 Quarterly updates.
Koon Yaw Tan is Assistant Director at Monetary Authority of Singapore
(MAS) and a handler for the SANS Institute's Internet Storm Center.
Gal Shpantzer is a trusted advisor to several successful IT outsourcing
companies and was involved in multiple SANS projects, such as the
E-Warfare course and the Business Continuity Step-by-Step Guide.
Brian Honan is an independent security consultant based in Dublin,
Ireland.
Roland Grefer is an independent consultant based in Clearwater, Florida.
Please feel free to share this with interested parties via email, but
no posting is allowed on web sites. For a free subscription, (and for
free posters) or to update a current subscription, visit
http://portal.sans.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
iEYEARECAAYFAkfIVHEACgkQ+LUG5KFpTkZ88QCfeL/2xpI26dDjAkVDFBgVZJo5
r1EAoJHra13sJ2pdYleTWGE+JR9SoIJV
=A/6e
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]