InfoSec Philippines

Information Security, Technology News and Opinions

Posts Tagged ‘ISACA’

Much ado about Conficker

Posted by Jaime Raphael Licauco, CISSP, GSEC on March 31, 2009

There’s been much hullabaloo about the Conficker worm lately, especially since it’s supposed to phone home to around 500 servers (from a possible 50,000) this coming April 1st. So much so that even the New York Institute of Photography has sent an e-mail warning and telling photographers to back up their files just in case. Microsoft started a group called Conficker Cabal around mid last month that has unfortunately only had partial success, since on March 5th, around a fifth of infected machines updated themselves from variant B to variant C.

I doubt that typical users will get affected by it that much… BUT if you’re an Admin that wasn’t able to patch soon, then you may be in for a long day.

Researchers from the Honeynet Project have released a proof of concept (PoC) to detect the worm by using network scanners. The PoC code can be found at the Computer Science site of the University of Bonn.

Nmap has released 4.85 Beta 5 which contains the Conficker detection logic, and so have Qualys and nCircle.

You can also check out Dan Kaminsky’s personal blog for more info. By the way, his blog has a cool little tool that may detect if your DNS is vulnerable to what he discovered last year (check out this illustrated guide to the vulnerability).

Other Conficker News:
(Computerworld) Researchers exploit Conficker flaw to find infected PCs
(Security Focus) Researchers find way to detect Conficker
(The H Security) German researchers develop network scan for Conficker worm
(SC Magazine UK) Malware expert believes that Conficker author will create a new variant
(SC Magazine US) Conficker detection tool released as D-Day nears


Seminars and Conventions
ISACA Manila will be holding their annual conference with the theme, “IT Governance: Solving the Puzzle” this coming April 14 and 15 at the Renaissance Hotel, Makati City. The conference will have a plenary session on IT Governance topics such as IT Management, IT Security, IT Auditing and IT Risk Management. For more info, check out the ISACA Manila Conference Website, call the Secretariat at (+632) 894-2533, (+63919) 288-4410, or email them at secretariat@isaca-manila.org.


Posted in News, Philippines, seminars | Tagged: , , , , , , , , , , , , , | Leave a Comment »

Getting funding for Security Initiatives by ENISA

Posted by Jaime Raphael Licauco, CISSP, GSEC on November 8, 2008

In my last seminar for ISACA Manila on Introduction to ISMS, I was asked a question on how to get approval for funding for security projects. I answered that Awareness was key. Upper level management have to have an idea what the risks are to their organization, and the possible consequences. Because coming up with the solution would not matter if there doesn’t seem to be a problem. I then said that a report by ENISA (European Network and Information Security Agency) might help. The report I was talking about was, “Obtaining support and funding from senior management.”

The report talks about five areas identified as being crucial in obtaining corporate security investments:

  1. Define the investment rationale and the stakeholders.
  2. Build a persuasive business case to make senior management better understand the value of the investment.
  3. Estimation of costs: allows organisations to identify the most common expenses which they may incur and make rough estimates.
  4. Linking business benefits to information security initiative, define and calculate performance metrics.
  5. Detail a typical path to face a corporate executive in a senior management briefing. Effective communication is critical: the right information should be delivered at the right time, in the right manner, preferably 6-12 months ahead the project.

For more information and where you can download the report, click here. And since we’re talking about awareness and awareness is the best control for social engineering, ENISA also has a whitepaper on “How to avoid on-line manipulation.”

Another good article that talks about different approaches that can help influence management for their approval is, ISMS Implementation – The bottom-Up approach.


Updated Links

I updated the Security Awareness and Training Links to include Microsoft’s Technet on Security Awareness. The free 120 MB zip file includes, Security Awareness Program Development Guidance, Sample Awareness Materials, Sample Training Materials, and the following sample templates:
* Brochure Templates
* E-Mail Invite Template
* Fact Sheet Templates
* FAQs
* Newsletter Template
* Poster Templates
* PowerPoint Templates
* Quick Reference Card

I also added a Philippine Tech Blogs links page.

Posted in Awareness, ISMS, Whitepapers | Tagged: , , , , , , , | 1 Comment »