[OWASP-South Africa] Membership survey results and more

timogoosen timogoosen at runbox.com
Thu May 29 11:58:10 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

What makes you think that you havn't been affected by heartbleed?

Hack reports of South Africa: At some point somebody hacked the SA
Police's website. I think it happened last year.  They stole the
personal information of thousands of people apparently.

Hack attempts happen all the time in South Africa.  You might just not
always be aware of it.  South Africa is made up mostly of small
businesses as opposed to the USA for example which is made up of
mostly big corporations.  Small businesses are big targets for hackers
with financial gain in mind and they will be very subtle when attacking.
Very few companies in South Africa monitor their logs of their servers.

Monitoring logs is a difficult thing to do. Interesting presentation
which is somewhat related: www.youtube.com/watch?v=RmHUO4EZ4_0

On 05/25/2014 06:33 PM, Brett Russell wrote:
> Hi All,
> 
> I have been back from a nice long break for 2 weeks now, so I am
> finally up to date with my emails, time to catch up on OWASP as
> well.
> 
> To those that completed the membership survey, thank you, here are
> the results: https://www.surveymonkey.com/results/SM-WK6DCNP/
> 
> If you would like to complete the survey still, here is the link: 
> https://www.surveymonkey.com/s/695PDWN. 
> <https://www.surveymonkey.com/s/695PDWN>
> 
> It has been a busy couple of weeks from a security perspective.
> eBay made the news for the wrong reasons with a hack exposing 145
> million (yes million) users names, passwords, address's etc.  There
> is still some fallout from the Heartbleed incident going around to
> this day as well, and will continue for a while. If you don't think
> web security is important for your company, just ask Gregg
> Steinhafel, former CEO of Target who lost his job over a similar
> security breach (maybe he should have joined OWASP, he might still
> have his job).
> 
> What is not clear to me at the moment is what South Africa is like?
> We (Paycorp Group) were not effected by Heartbleed at all, and
> thankfully, haven't been the target of any major hack attempts (I
> am holding my wooden desk as I say this). So I have 2 questions:
> 
> 1. Does anyone know of a reliable source of hacking attempts or
> hack reports in South Africa?
> 
> 2. Does anyone have any personal experience of a hack attempt 
> (successful or not) that they would be willing to share so we can
> start to get a better picture of what is happening here. Otherwise,
> if you were for example affected by the Heartbleed bug, what was
> the impact and fallout?
> 
> Last thing, the mail robots have done their thing and the mailing
> list has been pruned to only active address's, so please feel free
> to send emails to the OWASP South Africa mailing address 
> (owasp-southafrica at lists.owasp.org 
> <mailto:owasp-southafrica at lists.owasp.org>) or simply reply to this
> email.
> 
> Kind Regards, Brett Russell OWASP South Africa Chapter Leader
> 
> 
> _______________________________________________ OWASP-SouthAfrica
> mailing list OWASP-SouthAfrica at lists.owasp.org 
> https://lists.owasp.org/mailman/listinfo/owasp-southafrica
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJThyDSAAoJEPkt8pHwuyDLR0AP/3RZzSyTO8rOIjxyTILXsJH/
NThSyI/WrPSTPuzBWVsSgi/3yyGxXwfjsuWdggbEHkY6Nrb9Ffvf8Q+gofzytaMg
5JqS475tq/RavZwDfMdBUlDK/b9yWuhpd9yopPbO28Mg+w6OWUveCmerIdMpuDSO
p8S1f0G2FywfJZRQmsJm/uH3yVksEgzB9v0+x7sHB7tijzNtpLgRx1ucVJTBqlmp
MdFDalSe0ykmnwdkU6c1q34Uq+tv/cdouNQzIf26f/0D9iohs+dg/Cv9gFBCsP8g
BxHFLEloi3kKGLJRhglLSOuUr8bI9ERlTJ5KDaet7T5KpdM5pe+E40LiMSn0JCyP
kVhmEUaAijWLWFBamlybCkEK/5ilYjHfzVaa+W5PCu+Goyhk34NAES7kqTrTjaXY
si8li0Klrm5hKy8YbMDVMKQKEqgGFm8ST9Mwy4iBCV0x/KTa0JkzD2rJ7AFKqRuY
pIetgb1kxX2upKPbiZ9gkBkLfhd/5OxUm0CRaYN1tQ7lhNb9gfLWt3i0v6+b5xYl
rJU9CJoM3uK8xAzR+rocSqKPFJo+Jc74ovQYciYfw3xfb6YUIB07/ThNGNJS/c0G
zexKgS1nvz5tbAkgzQoUeTULfnnUPG9iEtP3svMqOYwZ0SNo6OeUjzcWrH5fvJE4
QL9HBNKUaGSPxQUsd7DF
=yG6r
-----END PGP SIGNATURE-----


More information about the OWASP-SouthAfrica mailing list