[OWASP-South Africa] Membership survey results and more

Brett Russell brett.russell at owasp.org
Thu Jul 17 08:15:25 UTC 2014


Hi Tim,

It's an isc2 event in johannesburg. I am presenting "The value of
application security to the enterprise". I put a link on the OWASP ZA
homepage, check it out. How was the bsides event in Cape Town? Where is it
advertised etc, I would like to know more about it.

Regards,
Brett

On Friday, 20 June 2014, timogoosen <timogoosen at runbox.com> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> This is a bit of a late reply so I'm not replying in the list. What is
> this Secure Johannesburg event? I went to Bsides Cape Town a few weeks
> ago. Could you perhaps send me more info on this event. What is the
> topic for your presentation?
>
> Regards.
>
> On 06/12/2014 07:08 AM, Brett Russell wrote:
> > Hi All,
> >
> > Thanks to those of you that replied on the Heartbleed bug (but
> > please send your replies to the list for the benefit of all and not
> > directly to me in future). Tim made an excellent point which I
> > would like to share:
> >
> > /"Hack reports of South Africa: At some point somebody hacked the
> > SA Police's website. I think it happened last year.  They stole
> > the personal information of thousands of people apparently.
> >
> > Hack attempts happen all the time in South Africa.  You might just
> > not always be aware of it.  South Africa is made up mostly of
> > small businesses as opposed to the USA for example which is made up
> > of mostly big corporations.  Small businesses are big targets for
> > hackers with financial gain in mind and they will be very subtle
> > when attacking. Very few companies in South Africa monitor their
> > logs of their servers."/
> >
> > Two things that stand out for me from this: 1. Even if your website
> > is not hacked, that does not mean you are not effected. We live in
> > a global and online community and it is only through community
> > based organizations like OWASP and others that we can truly tackle
> > security and privacy issues. It is no longer good enough to just
> > protect our own back yards as we have a vested interest in
> > protecting our neighbours yard as well. 2. South Africa (and Africa
> > in general) is different in the way we live and work, and so we
> > need to tackle the issues that we see here differently as well.
> > Exactly how we can achieve this, I am not entirely sure yet, but
> > that is why we need to have the conversations.
> >
> > On a related note, Secure Johannesburg will be held on the 23rd of
> > September, and I suggested to ISC2 that we (OWASP) join the event
> > as partners. I am speaking at the event anyway, and I think it
> > would help to get more exposure to the local OWASP chapter. I would
> > like your opinions please so let me know if there are any
> > objections.
> >
> > Kind regards, Brett
> >
> > OWASP South Africa
> >
> >
> > On Sun, May 25, 2014 at 8:33 PM, Brett Russell
> > <brett.russell at owasp.org <javascript:;> <mailto:brett.russell at owasp.org
> <javascript:;>>> wrote:
> >
> > Hi All,
> >
> > I have been back from a nice long break for 2 weeks now, so I am
> > finally up to date with my emails, time to catch up on OWASP as
> > well.
> >
> > To those that completed the membership survey, thank you, here are
> > the results: https://www.surveymonkey.com/results/SM-WK6DCNP/
> >
> > If you would like to complete the survey still, here is the link:
> > https://www.surveymonkey.com/s/695PDWN.
> > <https://www.surveymonkey.com/s/695PDWN>
> >
> > It has been a busy couple of weeks from a security perspective.
> > eBay made the news for the wrong reasons with a hack exposing 145
> > million (yes million) users names, passwords, address's etc.  There
> > is still some fallout from the Heartbleed incident going around to
> > this day as well, and will continue for a while. If you don't think
> > web security is important for your company, just ask Gregg
> > Steinhafel, former CEO of Target who lost his job over a similar
> > security breach (maybe he should have joined OWASP, he might still
> > have his job).
> >
> > What is not clear to me at the moment is what South Africa is
> > like? We (Paycorp Group) were not effected by Heartbleed at all,
> > and thankfully, haven't been the target of any major hack attempts
> > (I am holding my wooden desk as I say this). So I have 2
> > questions:
> >
> > 1. Does anyone know of a reliable source of hacking attempts or
> > hack reports in South Africa?
> >
> > 2. Does anyone have any personal experience of a hack attempt
> > (successful or not) that they would be willing to share so we can
> > start to get a better picture of what is happening here.
> > Otherwise, if you were for example affected by the Heartbleed bug,
> > what was the impact and fallout?
> >
> > Last thing, the mail robots have done their thing and the mailing
> > list has been pruned to only active address's, so please feel free
> > to send emails to the OWASP South Africa mailing address
> > (owasp-southafrica at lists.owasp.org <javascript:;>
> > <mailto:owasp-southafrica at lists.owasp.org <javascript:;>>) or simply
> reply to
> > this email.
> >
> > Kind Regards, Brett Russell OWASP South Africa Chapter Leader
> >
> >
> >
> >
> > --
> >
> > Kind Regards, Brett Russell OWASP South Africa Chapter Leader
> >
> >
> > _______________________________________________ OWASP-SouthAfrica
> > mailing list OWASP-SouthAfrica at lists.owasp.org <javascript:;>
> > https://lists.owasp.org/mailman/listinfo/owasp-southafrica
> >
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIcBAEBAgAGBQJTpDBbAAoJEPkt8pHwuyDLqxMQAL2HLqh4sU8dyH8nh2pSxZ25
> BM7aujwvQqR+yFucArwVh/GcZO+2AYQez6RLcTTeo3I63H+9F1NtCvKG7sgtdyjk
> oeF6Nx4hpE62MSFqyuZiP//IbzgP596l9GtUltduHlKJJkvtTUzjsz4MqV2Izjju
> R0iia0h3mdR+XtcIy0l5d8/N2CnPS07zrmwGzt7TNtQpNaaKaChwrUiCGv0vlak6
> v0heeIHjKs9I0YxG8naQkF9Cu/lkf+mxRLXkx98t9Gbg5xVYR76j1SoKjefI1YQX
> /2T0uvepewJdkwLOVmy3jl90MdhSFD+nNzbTtDBwtwIFLCkka0Nj/noamU3k4GFp
> vXwDHSgPY34mLAhhACt8ld7cY7l0GN0sJH0pXo81l4/RDyUXR7a/zfPcu+qB29xz
> czrujawN2hExzNvWFErsdIuCkjJRijDOdEBvJexYCVUV4lzPq24kSLQQIO3h4w9y
> cRUMS84/VdVzpZg7+alUM7PLlKL3JI6CtI1LtBjhcIYp4r6nrGF0EoCla717z6jw
> yYBpmDRDBIPra2SL4+Ui079kZ2BRaU37vbn+Ys7lz00AxS7f+Z2Lto09mEF8N81w
> S+iJQymjanDTD6FsHVfi0gNhOqdC6JIgBKL9S47DU80pVI0DhIFacaDuXzKi9zM0
> 6TXMbkViHPynVK7BZF9m
> =U/Re
> -----END PGP SIGNATURE-----
>


-- 

Kind Regards,
Brett Russell
OWASP South Africa Chapter Leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-southafrica/attachments/20140717/bb848701/attachment.html>


More information about the OWASP-SouthAfrica mailing list