[OWASP-South Africa] Membership survey results and more

Jordan Forssman jordanforssman at gmail.com
Fri Jun 6 03:35:21 UTC 2014


Howdy,

As a follow up, it seems there's a new OpenSSL advisory:
http://www.openssl.org/news/secadv_20140605.txt

Cheers,

Jordan


On Fri, May 30, 2014 at 1:55 PM, Jordan Forssman <jordanforssman at gmail.com>
wrote:

> Heartbleed was a vulnerability specific to OpenSSL which is rarely
> used in the financial services industry. So you would pretty much be
> safe if your systems are not using it.
>
> That being said, identifying whether or not you have any systems using
> OpenSSL is a larger task. You can start here: http://heartbleed.com.
> If you have any systems integrated with 3rd party solutions, you'll
> also want to check the status of those parties. Most organizations
> have long since published their status but you can always ask.
>
> Here's another handy resource: https://filippo.io/Heartbleed/
>
> I remember the hack against the police website. If I recall correctly
> it was executed proof of concept style (allegedly) in an attempt to
> expose the site's insecurity.
>
> Other than that, I have only seen details surrounding more
> consumer-targeted attacks. General phishing campaigns targeting some
> of the banks and LOTS of malware, but the latter is often independent
> of geolocation.
>
> In terms of trends, there is a real emergence of "Threat Groups" that
> include state-sponsored actors, organized crime groups, hacktivists,
> and "APT for hire" (basically out of work engineers & security folks
> who have turned to the dark side.)
>
> The organized crime groups are generally more involved with less
> targeted, broad-based attacks aimed at harvesting financial details
> and installing ransomware.
>
> The remaining groups are less obvious & generally more focused. It
> would be interesting to try understand the impact in South Africa.
> Often these groups are after intellectual property, code, trade
> secrets, etc. With the emergence of China & India as the biggest
> competitors to South African companies in the new scramble for entry
> into Africa's emerging markets, this is likely to become an area of
> concern.
>
> What we are likely to see with these types of groups, focusing on SA
> companies, is access to information regarding business operations,
> financing, customers, logistical operations, etc, for the purposes of
> gaining competitive advantage.
>
> It would be very interesting to see the footprint of these types of
> activities in South Africa. Unfortunately, a Google search for "honey
> pot South Africa" only pulls up a list of B&Bs! Perhaps this would be
> a good starter project for the refreshed OWASP SA Chapter?
>
> I was recently reviewing the status of Information Protection laws in
> SA, in the context of the financial services as I was recently shocked
> to find some providers had little-zero protection policies. I found
> that the Protection of Personal Information (POPI) Act was signed into
> law on Nov 27th last year and, pending the announcement, companies
> will have 1 year to comply.
>
> I think this will be a tough challenge for a lot of SA companies
> initially, but will provide the impetus for a more consolidated
> security industry and perhaps result in the development of a more
> open-platform for security folks in SA to share their experiences and
> facilitate knowledge-transfer within the industry.
>
>
> Jordan
>
> > On May 29, 2014, at 19:58, timogoosen <timogoosen at runbox.com> wrote:
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > What makes you think that you havn't been affected by heartbleed?
> >
> > Hack reports of South Africa: At some point somebody hacked the SA
> > Police's website. I think it happened last year.  They stole the
> > personal information of thousands of people apparently.
> >
> > Hack attempts happen all the time in South Africa.  You might just not
> > always be aware of it.  South Africa is made up mostly of small
> > businesses as opposed to the USA for example which is made up of
> > mostly big corporations.  Small businesses are big targets for hackers
> > with financial gain in mind and they will be very subtle when attacking.
> > Very few companies in South Africa monitor their logs of their servers.
> >
> > Monitoring logs is a difficult thing to do. Interesting presentation
> > which is somewhat related: www.youtube.com/watch?v=RmHUO4EZ4_0
> >
> >> On 05/25/2014 06:33 PM, Brett Russell wrote:
> >> Hi All,
> >>
> >> I have been back from a nice long break for 2 weeks now, so I am
> >> finally up to date with my emails, time to catch up on OWASP as
> >> well.
> >>
> >> To those that completed the membership survey, thank you, here are
> >> the results: https://www.surveymonkey.com/results/SM-WK6DCNP/
> >>
> >> If you would like to complete the survey still, here is the link:
> >> https://www.surveymonkey.com/s/695PDWN.
> >> <https://www.surveymonkey.com/s/695PDWN>
> >>
> >> It has been a busy couple of weeks from a security perspective.
> >> eBay made the news for the wrong reasons with a hack exposing 145
> >> million (yes million) users names, passwords, address's etc.  There
> >> is still some fallout from the Heartbleed incident going around to
> >> this day as well, and will continue for a while. If you don't think
> >> web security is important for your company, just ask Gregg
> >> Steinhafel, former CEO of Target who lost his job over a similar
> >> security breach (maybe he should have joined OWASP, he might still
> >> have his job).
> >>
> >> What is not clear to me at the moment is what South Africa is like?
> >> We (Paycorp Group) were not effected by Heartbleed at all, and
> >> thankfully, haven't been the target of any major hack attempts (I
> >> am holding my wooden desk as I say this). So I have 2 questions:
> >>
> >> 1. Does anyone know of a reliable source of hacking attempts or
> >> hack reports in South Africa?
> >>
> >> 2. Does anyone have any personal experience of a hack attempt
> >> (successful or not) that they would be willing to share so we can
> >> start to get a better picture of what is happening here. Otherwise,
> >> if you were for example affected by the Heartbleed bug, what was
> >> the impact and fallout?
> >>
> >> Last thing, the mail robots have done their thing and the mailing
> >> list has been pruned to only active address's, so please feel free
> >> to send emails to the OWASP South Africa mailing address
> >> (owasp-southafrica at lists.owasp.org
> >> <mailto:owasp-southafrica at lists.owasp.org>) or simply reply to this
> >> email.
> >>
> >> Kind Regards, Brett Russell OWASP South Africa Chapter Leader
> >>
> >>
> >> _______________________________________________ OWASP-SouthAfrica
> >> mailing list OWASP-SouthAfrica at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-southafrica
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.11 (GNU/Linux)
> > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
> >
> > iQIcBAEBAgAGBQJThyDSAAoJEPkt8pHwuyDLR0AP/3RZzSyTO8rOIjxyTILXsJH/
> > NThSyI/WrPSTPuzBWVsSgi/3yyGxXwfjsuWdggbEHkY6Nrb9Ffvf8Q+gofzytaMg
> > 5JqS475tq/RavZwDfMdBUlDK/b9yWuhpd9yopPbO28Mg+w6OWUveCmerIdMpuDSO
> > p8S1f0G2FywfJZRQmsJm/uH3yVksEgzB9v0+x7sHB7tijzNtpLgRx1ucVJTBqlmp
> > MdFDalSe0ykmnwdkU6c1q34Uq+tv/cdouNQzIf26f/0D9iohs+dg/Cv9gFBCsP8g
> > BxHFLEloi3kKGLJRhglLSOuUr8bI9ERlTJ5KDaet7T5KpdM5pe+E40LiMSn0JCyP
> > kVhmEUaAijWLWFBamlybCkEK/5ilYjHfzVaa+W5PCu+Goyhk34NAES7kqTrTjaXY
> > si8li0Klrm5hKy8YbMDVMKQKEqgGFm8ST9Mwy4iBCV0x/KTa0JkzD2rJ7AFKqRuY
> > pIetgb1kxX2upKPbiZ9gkBkLfhd/5OxUm0CRaYN1tQ7lhNb9gfLWt3i0v6+b5xYl
> > rJU9CJoM3uK8xAzR+rocSqKPFJo+Jc74ovQYciYfw3xfb6YUIB07/ThNGNJS/c0G
> > zexKgS1nvz5tbAkgzQoUeTULfnnUPG9iEtP3svMqOYwZ0SNo6OeUjzcWrH5fvJE4
> > QL9HBNKUaGSPxQUsd7DF
> > =yG6r
> > -----END PGP SIGNATURE-----
> > _______________________________________________
> > OWASP-SouthAfrica mailing list
> > OWASP-SouthAfrica at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-southafrica
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-southafrica/attachments/20140606/9654b6c1/attachment.html>


More information about the OWASP-SouthAfrica mailing list