|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: The SANS Institute (NewsBites
sans.org)
Date: Fri Aug 15 2008 - 13:47:09 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The US and European consensus procurement specifications for control
systems security have been updated to include wireless security
in addition to all the other aspects of control systems and SCADA
security that are already included. These are great specifications.
Any organization buying control systems that doesn't use the consensus
specifications is probably leaving the front and back doors open.
All the major control systems vendors are being briefed on how to
adapt to the new specifications on September 7th in Amsterdam at
the beginning of the European SCADA Security Summit and users will
be briefed on the vulnerabilities and specifications during the
Summit. If you would like an invitation to the free vendor briefing
or information on the entire Summit, email me (with a description of
would like and where you work) at apallersans.org. Also, see the
second story below for more on the upcoming Summit.
Alan
*************************************************************************
SANS NewsBites August
15, 2008 Vol. 10, Num. 64
*************************************************************************
TOP OF THE NEWS
US Power Grid Better Equipped to Deal With Problems That Led to 2003
Outage
Top Government Official To Lay Out New Strategy For Protecting
Systems
That Control Power and Oil & Gas and Other Critical Industries
Federal CISOs Lack Budgetary and Management Enforcement Authority
Prevalent Use of Behavioral Tracking by ISPs May Lead to Digital
Privacy Legislation
Jobs Acknowledges Application Kill "Lever" for iPhones
THE REST OF THE WEEK'S NEWS
LEGAL ISSUES
Judge Lets Gag Order Stand Against MIT Students AOL Spammer Draws
Seven-Year Sentence European Court May Hear McKinnon Appeal
VULNERABILITIES
Man Hopes to Fund Start-up by Charging for Vulnerability Details
Mandiant Team Wins Race to Zero Contest
UPDATES AND PATCHES
August's Patch Tuesday Offers 11 Security Bulletins Microsoft
Issues Updates for Mac Office
DATA LOSS
Hospital Manager Loses Job Over Stolen Laptop
STUDIES AND STATISTICS
Software Security Market Looks Strong
MISCELLANEOUS
Howard Schmidt Appointed Information Security Forum President
***************** OWASP NYC AppSEC 008 Conference *********************
Our friends at OWASP have put together a focused event September
24-25 in New York City. OWASP (www.owasp.org) is a not-for-profit
community organization that does a lot of good in getting attention and
developing solutions for the growing web application security issue.
Proceeds from the event help fund many related projects and grants.
You will see lots of familiar faces like Jeremiah Grossman, Howard
Schmidt, Robert 'RSnake' Hansen and Jeff Williams. To learn more
http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference.
*************************************************************************
TRAINING UPDATE
- - NETWORK SECURITY 2008: Las Vegas (9/28-10/6) 50 courses; big tools
expo; lot's of evening sessions: http://www.sans.org/ns2008
- - Boston (8/9-8/16) http://www.sans.org/boston08/
- - Virginia Beach (8/21-8/29): http://www.sans.org/vabeach08/
- - Chicago (9/3-9/10) http://www.sans.org/chicago08 AUDIT & COMPLIANCE
- - and in 100 other cites and on line any time: http://www.sans.org/index.php
*************************************************************************
TOP OF THE NEWS
--US Power Grid Better Equipped to Deal With Problems That Led to 2003 Outage
(August 12, 2008)
Although the US power grid is better able to withstand an event like
the one that caused a major outage in August 2003, federal officials,
power grid operators and consultants still have some serious concerns.
New standards and systems are in place to maintain and monitor
the power grid. However, the US is behind in the number of power
plants and transmission lines needed to meet the growing demand for
power. In addition, cyberterrorism threats focused against the power
grid need to be prevented without making the counter measures taken
public knowledge.
http://www.usatoday.com/money/industries/energy/2008-08-12-blackout-power-outage_N.htm
[Editor's Note (Ranum): So, how do we respond if some kids from a
university decide to publish a paper at DEFCON outlining how to mess
with the power grid? That is a legitimate question.]
-- Top Government Official To Lay Out New Strategy For Protecting
Systems That Control Power and Oil & Gas and Other Critical Industries
(August 15, 2008)
In his keynote presentation at the European SCADA Security Summit,
Roger Cumming, Deputy Director of the UK's Centre for the Protection
of. National Infrastructure, will outline a five-part strategy
by which government and industry can move to protect the critical
infrastructures on which all industrial societies depend for survival.
The new strategy ranges from how vulnerabilities will be disclosed
and mitigated to how top executives of power and other critical
industries will be engaged in the process. The meeting will also show
how these systems are being penetrated, how to prioritize defenses,
and how to buy control systems with security baked-in. A large number
of corporate users will be there along with leaders from other nations
to discuss the new strategies. The meeting is open to all IT security
and control systems managers from critical industries, government
officials responsible for critical infrastructure protection, and
service providers who can help secure these systems. The full agenda
will be published early next week. In the mean time, registration
information can be found at http://www.sans.org/euscada08_summit/
--Federal CISOs Lack Budgetary and Management Enforcement Authority
(August 11, 2008)
Chief Information Security Officers (CISOs) at US government
agencies lack the budgetary and enforcement authority to make the
changes they know would improve their agencies' information security
posture. CISO responsibilities lean toward policy and compliance
reporting rather than network testing and monitoring. Mandates and
legislation place the responsibility for security failures squarely
on the shoulders of the CISO, yet they lack "a comprehensive view of
their IT infrastructure," making it difficult for them to pinpoint
areas of concern. The CISO "has little authority because each office
within an agency claims ownership over its IT systems and data, making
it hard for the CISO to require security standards and policies."
One former federal CISO notes that making sure agencies are compliant
with "mandates and regulations and laws and requirements ... takes
[them] down a path toward compliance for the sake of compliance,
not overall improved security."
http://www.govexec.com/story_page_pf.cfm?articleid=40700&printerfriendlyvers=1
[Editor's Note (Schultz): The amount of influence and recognition
information security managers in government circles so often have
after they leave their positions, despite their obvious lack of
influence and power when they were in their government positions,
puzzles me to no end.
(Weatherford): At the risk of engendering disapproval from some of my
federal colleagues, I have many thoughts related to this article but
will only share two. We all understand the bureaucracy that exists
in federal government, but why would ANYONE work at a job where
they had no authority, no control, and "don't feel empowered to make
decisions?" Seriously! There are a lot of good security jobs available
so why spend your time employed in such a depressing environment?
Second, a huge chunk of a CISO's time is spent communicating and
I believe that when my boss doesn't share my sense of urgency about
security issues it's for one of two reasons: 1) It's my fault because
I haven't effectively communicated or 2) She/he has higher priorities
that I'm not aware of. That doesn't however change my responsibility
as the head security guy and, if all else fails, nothing gets the
boss's attention like a big security incident. Of course that might
cost the CISO his/her job, but if they had no authority, control,
or empowerment in the first place maybe ...]
--Prevalent Use of Behavioral Tracking by ISPs May Lead to
Digital Privacy Legislation
(August 12 & 13, 2008)
Written responses to questions from the US House of Representatives
Committee on Energy and Commerce indicate that nearly all of
the 33 Internet providers contacted have gathered and analyzed
data about customers' Internet usage without their permission
and used the information for targeted advertising. Rep. Ed Markey
(D-Mass.) says this is reason enough to "create a law that ... includes
a set of legal guarantees that customers have with regard to their
information." Markey says that consumers should be able to opt-in to
online behavioral tracking rather than having to opt-out or be subject
to undisclosed tracking. Some companies that tested deep packet
inspection technology to target online advertising said they did so
without the explicit consent of their customers. Providers' Responses:
http://energycommerce.house.gov/Press_110/080108.ResponsesDataCollectionLetter.shtml
http://www.washingtonpost.com/wp-dyn/content/article/2008/08/11/AR2008081102270_pf.html
http://www.heise-online.co.uk/news/US-House-of-Representatives-warms-to-online-privacy-law--/111305
[Editor's Note (Grefer): A European-style data-protection law
stipulating an "opt-in" rather than the current US industry
practice of an "opt-out" would be quite beneficial to privacy. The
same would hold true for an equivalent of the European Union
"Directive 95/46/EC on the protection of individuals with regard
to the processign of personal data and on the free movement of
such data" which specifies that data may only be used for the
purpose it was collected for; any other use of the data requires
the explicit consent of the data subject, i.e. the individual.
http://en.wikipedia.org/wiki/Directive_95/46/EC_on_the_protection_of_personal_data]
--Jobs Acknowledges Application Kill "Lever" for iPhones
(August 11, 2008)
Steve Jobs has confirmed that Apple has in place a mechanism to remove
software from the iPhone. Jobs said the technology is necessary in
case the company allowed an application to be sold through the App
Store that was later discovered to be malicious. The discovery of
this particular technology on the iPhone has raised privacy concerns
among bloggers; the individual who found it has managed to disable
the deactivation functionality. Apple has also met with recent
criticism for removing certain applications from its App Store with
no explanation provided.
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=210002116
[Editor's Note (Pescatore): From a pure security perspective, having
someone push a button and remove any malicious app is a great thing -
as long as you trust whoever gets to push the button. What if Apple
decides a competing application to iTunes is malicious? What if the
kill mechanism, or (more likely) the process that leads to a kill
decision has flaws and can be spoofed? If Apple fails to kill a
malicious app and I suffer damage, will they cover my costs?
(Ranum): If it bothers you, buy a different phone.
(Skoudis): I've gotten a dozen e-mails from friends this week who
wonder if this functionality could be combined with Dan Kaminsky's DNS
poisoning to cause iPhones that rely on a given DNS server to kill all
their apps. Although the kill URL uses SSL, it's not clear how the
kill functionality works and whether/how the iPhone checks the cert.
Still, the idea of combining this kill function with DNS poisoning
seems to have popped into a lot of people's heads at the same time.
(Northcutt): Maybe the first step is to quit calling these computers
phones. If it runs applications it is a computer right? How would
we feel about Microsoft or Ubuntu being able to remove or add an
application from our laptops without our express permission? ]
*************************************************************************
THE REST OF THE WEEK'S NEWS
LEGAL ISSUES
--Judge Lets Gag Order Stand Against MIT Students
(August 14, 2008)
US District Judge George O'Toole Jr. has let stand a temporary
restraining order that prevented three Massachusetts Institute
of Technology (MIT) students from revealing their research on the
security of payment cards used by the Massachusetts Bay Transit
Authority (MBTA). The MBTA sought the order to allow it time
to address the vulnerabilities before the specifics of the flaws
are disclosed. A hearing has been scheduled for Tuesday, when the
temporary order expires; at that time, a decision will be made as to
whether the order will be lifted altogether or amended to cover only
"nonpublic" information. Some of the information has been available
on the Internet for a while and some was made available to conference
goers prior to the scheduled presentation.
http://www.usatoday.com/tech/news/computersecurity/hacking/2008-08-14-subway-mit-subways_N.htm?csp=34
http://news.cnet.com/8301-1009_3-10017438-83.html?part=rss&subj=news&tag=2547-1009_3-0-20
http://www.theregister.co.uk/2008/08/14/mbta_gag_order_remains/print.html
[Editor's Note (Ranum): The effectiveness of the gag order
appears to be minimal. Of course, the Internet's making it easy
to flout a gag order does not mean that it protects you from any
consequences. It took me very little time to find the slides here:
http://www-tech.mit.edu/V128/N30/subway/Defcon_Presentation.pdf ]
--AOL Spammer Draws Seven-Year Sentence
(August 13 & 14, 2008)
Michael Dolan has received a seven year prison sentence for his role
in a phishing scheme that targeted AOL members. Dolan and his cohorts
used tools to harvest AOL screen names from chat rooms; those names
were then targeted with phishing emails that appeared to be online
greeting cards, but actually contained malware that ultimately led
users to a site run by Dolan and others where the users were asked
to provide information that included credit card and Social Security
numbers (SSNs). Users were also directed to the site with emails
that claimed to be from AOL's billing office. The scheme ran for
more than four years, during which time prosecutors estimate the gang
stole US $400,000 from 250 victims. Dolan pleaded guilty to fraud
and aggravated identity theft last year.
http://www.theregister.co.uk/2008/08/14/aol_phisher_jailed/print.html
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9112579&source=rss_topic17
--European Court May Hear McKinnon Appeal
(August 9, 12 & 13, 2008)
The European Court of Human Rights has granted Gary McKinnon a
two-week stay of extradition while it decides whether or not to
hear his appeal. The ECHR is McKinnon's last hope for avoiding
extradition to the US to face hacking charges. McKinnon has admitted
that he gained unauthorized access to US government computer systems,
but says he was just trying to find information about UFOs. The US
government said the intrusions carried the hallmarks of a terrorist
attack. Reports are mixed about the length of the sentence McKinnon
would face if and when he is tried in the US.
http://news.cnet.com/8301-1009_3-10015221-83.html?part=rss&subj=news&tag=2547-1_3-0-20
http://www.theregister.co.uk/2008/08/09/mckinnon_ufo_cyberterror_analysis/print.html
http://news.bbc.co.uk/2/hi/uk_news/7556374.stm
http://www.heise-online.co.uk/news/Hacker-McKinnon-extradition-delayed--/111302
VULNERABILITIES
--Man Hopes to Fund Start-up by Charging for Vulnerability Details
(August 11, 12 & 13, 2008)
A man who claims to have found a number of vulnerabilities in
the Java technology used on some Nokia handsets wants Nokia
and Sun Microsystems to pay 20,000 euros (US $29,597) for a
report that details the specifics of the flaws and includes two
proof-of-concept exploits. Adam Gowdiak rejects the notion that
he is blackmailing the companies, instead viewing his decision to charge for
the information a means of gathering money to fund his start-up
security research company. Gowdiak has briefed both companies about
the vulnerabilities, so they are aware of the nature of the flaws.
http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=210002897
http://www.theregister.co.uk/2008/08/11/s40_security_issues/print.html
http://www.zdnetasia.com/news/security/0,39044215,62044807,00.htm
[Editor's Note (Skoudis): A few times a year, I get asked by someone
who has discovered a security flaw about how they can sell their
discovery details to the vendor without looking like an ambulance
chaser or extortionist. I regretfully respond that I just don't
think there's a way of making that business model work from an
ethical perspective. I encourage them to get funding *in advance*
to look for flaws by building a reputation the old fashioned way --
delivering excellent service to their customers.
(Ullrich): Has been done a few times in the past with mixed
success. There are well established (legal) vulnerability
buyers. However, holding back a vulnerability and demanding cash
is wrong.
(Honan): This use of vulnerability "research" is sickening. This is
not fund raising for a company it is blackmail pure and simple.
The security industry should take a stance against this type of
activity by boycotting companies that follow such practices.
(Northcutt): Almost certainly Gowdiak is using fuzzing style testing
tools and Nokia needs to do more of that; word on the street is this
isn't the first time a researcher has reported problems to them. The
next couple years are going to have a lot of this sort of stuff. The
good news is that software will be better for it all when we emerge
from the tunnel two to four years hence.]
--Mandiant Team Wins Race to Zero Contest
(August 11, 2008)
A trio of consultants from Mandiant won the Race to Zero contest. While
they did not finish first, Nick Harbour, Steve Davis and Pete Silberman
"managed to sneak all 10 virus and exploit samples past major antivirus
scanners." The three said they participated in the contest to draw
attention to the fact that organizations should not depend solely
on antivirus tools to protect their systems. Harbour created
obfuscation software that he and his team used in the contest.
Another team brought custom packing software that allowed them to
finish first, in just two hours and 25 minutes; the Mandiant team
took just over six hours to complete the contest. Race to Zero is
run by New Zealand security researcher Simon Howard. The contest
was conducted on a closed network not connected to the Internet.
http://www.securityfocus.com/brief/795?ref=rss
http://www.securityfocus.com/print/news/11531
[Editor's Note (Skoudis): I saw Nick Harbour present at Defcon,
and found his research fascinating. The way he slices and dices
executables to make them difficult or impossible to detect is
quite impressive and scary. Based on his work and the work of many
others, I believe the AV vendors will have to turn more and more
to behavior-based detection. Signatures were cool fifteen, ten,
and arguably five years ago. We shouldn't ditch them, but realize
that we really need to augment them.
(Northcutt): The day of anti-virus products has passed; they had a
good run. Save the money, run ClamAV to keep the auditors off your
back and vigorously investigate one of the white list solutions. We
did a webcast on this basic problem, but you don't need to invest the
time to listen to the webcast. The powerpoint is posted with notes:
https://www.sans.org/webcasts/show.php?webcastid=91963 ]
UPDATES AND PATCHES
--VMware Fixes Bug in ESX and ESXi 3.5 Update 2
(August 13, 2008)
VMware has released a patch for a bug in Update 2 for the ESX 3.5
hypervisor that prevented users from starting up ESX and ESXi 3.5
virtual machines earlier this week. VMware is also working on a fix
for the Update 2 software which should be released soon. The problem
was due to a license limitation that caused use of the code to expire
at 12:00 am on Tuesday, August 12. Machines running continuously
did not shut down, but those that had been in suspension mode were
unable to be brought out of that mode.
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=210003652
http://www.vnunet.com/vnunet/news/2223784/bug-shuts-vmware-servers
http://www.deploylinux.net/matt/2008/08/all-your-vms-belong-to-us.html
http://www.ntpro.nl/blog/archives/584-ESX-3.5-U2-license-expires-on-August-12.htmls
[Editor's Note (Skoudis): Imagine your critical infrastructure devices
all having a timebomb in them, ticking away the seconds to some
date that you don't know about because your vendor never told you.
I could understand this functionality if it were associated with a
given enterprise license, but this issue was hard coded into their
product, regardless of the license status or its expiration date.
That's really bad software implementation, in my book, in software
that supposedly is very carefully audited.]
--August's Patch Tuesday Offers 11 Security Bulletins
(August 12, 2008)
On Tuesday, August 12, Microsoft issued 11 security bulletins;
six were rated critical and five were rated important. All six
of the critical bulletins address remote code execution flaws;
affected software includes Microsoft Windows, Internet Explorer and
Microsoft Office. Two of the three important bulletins address remote
code execution flaws; the other three address information disclosure
flaws. Affected software includes Microsoft Windows, Outlook Express,
Windows Mail, Windows Messenger and Microsoft Office. Microsoft also
released an updated version of its Windows Malicious Software Removal
Tool.
http://www.microsoft.com/technet/security/bulletin/ms08-aug.mspx
http://news.cnet.com/8301-1009_3-10015517-83.html?part=rss&subj=news&tag=2547-1009_3-0-20
--Microsoft Issues Updates for Mac Office (August 14, 2008)
Microsoft has released updates for Mac Office 2004
and Mac Office 2008. The Office 2008 update addresses
five remote code execution vulnerabilities in Excel as
well as a number of stability and performance issues; the
Office 2004 update fixes four Excel flaws and one stability issue.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9112637&source=rss_topic17
http://support.microsoft.com/kb/956344
http://support.microsoft.com/kb/956343
http://www.microsoft.com/technet/security/bulletin/ms08-043.mspx
http://www.microsoft.com/technet/security/bulletin/ms08-051.mspx
[Editor's Note (Veltsos): Several patches did not make it
in the current round, including some vulnerabilities that
were initially reported more than 200 days ago - lightyears
in terms of IT security. A critical vulnerability in Windows
Media Player was delayed due to quality concerns. Details at:
http://blogs.zdnet.com/security/?p=1708&tag=nl.e539 ]
DATA LOSS
--Hospital Manager Loses Job Over Stolen Laptop
(August 12, 2008)
A Colchester University Hospital manager has been dismissed following
a disciplinary hearing regarding a stolen laptop. The computer was
stolen from the manager's car while he was on holiday; the data,
which include personal information and medical treatment plans, were
not encrypted. The Colchester Hospital University NHS Foundation
Trust is compiling a list of organizations to perform an external
evaluation of laptop security.
http://www.theregister.co.uk/2008/08/12/hospital_manager_lost_laptop_dismissal/print.html
http://www.gazette-news.co.uk/news/3592313.Colchester_hospital__new_focus_on_laptop_security/
http://news.scotsman.com/uk/Hospital-chief--sacked-as.4389857.jp
http://www.colchesterhospital.nhs.uk/press_releases/pr_110808.pdf
[Eitor's Note (Pescatore): There are a lot of potential security
violations the manager could have committed, but we don't know
the hospital's particular policies. The sacking may be justified,
but corporate laptops without encryption installed by corporate are
like data centers with policies prohibiting access rather than having
locked doors.]
STUDIES AND STATISTICS
--Software Security Market Looks Strong
(August 11, 2008)
According to statistics compiled by Gary McGraw, the overall software
security market for tools and services in 2007 was between US $275
million and US $300 million; application firewalls added an additional
US $50 million. In the area of tools, the black box space was
flat, while the source code analysis tools space grew significantly,
indicating that companies are increasingly "looking to fix problems,
not just identify them from the operations side."
http://www.informit.com/articles/article.aspx?p=1237978
[Editor's Note (Ullrich): Sadly, these stats seem to suggest that
the solution to software security is purchasing a few black boxes and
development tools. They are a part of it, but the real change has to
happen in developers' brains, and they have to start using existing
as well as new tools.]
MISCELLANEOUS
--Howard Schmidt Appointed Information Security Forum President
(August 12, 2008)
Professor Howard A. Schmidt has been appointed the first President
of the Information Security Forum. "The ISF is an independent,
not-for-profit association of some 300 of the world's largest
corporations and public sector bodies that harness their knowledge
and experiences to resolve information security and risk management
issues." Among Schmidt's previous roles in the information security
world are White House IT security advisor, chief security strategist
at eBay and chief security officer at Microsoft.
https://www.securityforum.org/index.htm
http://www.computing.co.uk/itweek/news/2223743/schmidt-head-isf
*************************************
The Editorial Board of SANS NewsBites
Eugene Schultz, Ph.D., CISM, CISSP is CTO of High Tower Software and
the author/co-author of books on Unix security, Internet security,
Windows NT/2000 security, incident response, and intrusion detection
and prevention. He was also the co-founder and original project manager
of the Department of Energy's Computer Incident Advisory Capability
(CIAC).
John Pescastore is Vice President at Gartner Inc.; he has worked in
computer and network security since 1978.
Stephen Northcutt founded the GIAC certification and currently serves
as President of the SANS Technology Institute, a post graduate level
IT Security College, www.sans.edu.
Johannes Ullrich is Chief Technology Officer of the Internet Storm
Center.
Howard A. Schmidt served as CSO for Microsoft and eBay and as
Vice-Chair of the President's Critical Infrastructure Protection Board.
Ed Skoudis is co-founder of Intelguardians, a security research and
consulting firm, and author and lead instructor of the SANS Hacker
Exploits and Incident Handling course.
Tom Liston is a Senior Security Consultant and Malware Analyst for
Intelguardians, a handler for the SANS Institute's Internet Storm
Center, and co-author of the book Counter Hack Reloaded.
Dr. Eric Cole is an instructor, author and fellow with The SANS
Institute. He has written five books, including Insider Threat and
he is a senior Lockheed Martin Fellow.
Bruce Schneier has authored eight books -- including BEYOND
FEAR and SECRETS AND LIES -- and dozens of articles and academic
papers. Schneier has regularly appeared on television and radio, has
testified before Congress, and is a frequent writer and lecturer on
issues surrounding security and privacy.
Mason Brown is one of a very small number of people in the information
security field who have held a top management position in a Fortune
50 company (Alcoa). He is leading SANS' global initiative to improve
application security.
Marcus J. Ranum built the first firewall for the White House and
is widely recognized as a security products designer and industry
innovator.
Mark Weatherford, CISSP, CISM, is Executive Officer of the California
Office of Information Security and Privacy Protection.
Alan Paller is director of research at the SANS Institute
Clint Kreitner is the founding President and CEO of The Center for
Internet Security.
Rohit Dhamankar is the Lead Security Architect at TippingPoint, a
division of 3Com, and authors the critical vulnerabilities section
of the weekly SANS Institute's RISK newsletter and is the project
manager for the SANS Top20 2005 and the Top 20 Quarterly updates.
Koon Yaw Tan is Assistant Director at Monetary Authority of Singapore
(MAS) and a handler for the SANS Institute's Internet Storm Center.
Gal Shpantzer is a trusted advisor to several successful IT outsourcing
companies and was involved in multiple SANS projects, such as the
E-Warfare course and the Business Continuity Step-by-Step Guide.
Brian Honan is an independent security consultant based in Dublin,
Ireland.
Dr. Christophe Veltsos, CISSP, CISA, GCFA teaches Information Security
courses at Minnesota State University, Mankato. He is the President of
Prudent Security LLC and also serves as the President of the Mankato
Chapter ISSA.
Roland Grefer is an independent consultant based in Clearwater,
Florida.
Please feel free to share this with interested parties via email,
but no posting is allowed on web sites. For a free subscription,
(and for free posters) or to update a current subscription, visit
http://portal.sans.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFIpcth+LUG5KFpTkYRAsrqAJwJEd3o5jOCNEk+1Bf0rNFTS5N5owCghFBm
iM5JnLCMMaQpduPmPnuUeaw=
=NS/O
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]