 |
Security News Shootout!
At the end of each month, two consultants from Matta put forward three of their favourite stories in information security and invite a guest judge to pick the best story.
There's no prizes, only fame or shame.
This month, January, Rob Connolly will be seeing if he can come up trumps again against the dethroned ex-champion Nick Baskett.
 Nick
First story
So it's not just us regular citizens that get our phone service cut off for not paying the bills on time. Apparently the FBI has the same problem when paying for phone tapping services. You gotta smile.
http://apnews.myway.com//article/20080110/D8U35C500.html
Second Story
14 year old kid modifies his TV remote to hack trams in poland. Making the worlds largest personal train set.
http://www.theregister.co.uk/2008/01/11/tram_hack/
Third Story
Why go to all the bother of tediously writing trojans, when walking in to the bank and asking for $500,000 works just as well! social engineering par excellance.
http://www.washingtonpost.com/wp-dyn/content/article/2008/01/11/AR2008011103785.html
Rob
First story
The story that most cought my eye this month was that the UK plans to introduce legislation banning the posession of "hacking" tools, in much that same way that Germany did last year. Although guidelines are being put in place to try to protect security professionals and the tools we use, the usual misunderstandings between politics and technology can only spell a somewhat unsure future.
http://www.theregister.co.uk/2008/01/02/hacker_toll_ban_guidance/
Second Story
Jeremy Clarkson's attempt to downplay the relevence of security breaches such as the Child Benefit database leak backfires in a humourous way.
http://news.bbc.co.uk/2/hi/entertainment/7174760.stm
Third Story
Internet browsing from your plane seat could put flight computers at risk.
http://www.wired.com/politics/security/news/2008/01/dreamliner_security
The Result!
This month the judging was done by Chris Keogh-ly, head of information security at Nomura International.
And the winner is.... Nick with his story on the non-technical social engineering:
"The winner though has to be the simple, non technical social engineer(s) who netted $850,000 by having the spheres to just walk in and ask for the money - . We are constantly having to comply with this or that new regulation or directive, most of which involves expensive re-working of technical systems and processes, each being audited multiple times a year. Control failures can happen without computers."
http://www.washingtonpost.com/wp-dyn/content/article/2008/01/11/AR2008011103785.html
|
|
