A Django site.
October 22, 2009

Inside Security News
is about »
» e-Crime Wales Summit 2009

The e-Crime Wales 2009 Summithttp://www.ecrimewales.com/ held at Llandudno, Wales is over and a number of great speakers attended. Our own Prof. Andrew Blyth presented our findings on the installation of 15 IDS sensors in Welsh SME's around Wales. Hopefully the attendees (business owners etc) would have come into contact with a number of security professionals and brought upto date on how to protect their businesses or at least where to go from here.

The few that I did see at least, from the live feed, all pointed out the need to be aware of the security implications of using online resources and complacency should not an option, even though most people choose it. There is always one question that that needs to be answered before deciding to got (or watch the live feed) one of these events, 'What information will I walk away with?' . I think that it is a great opportunity to be exposed to the horror stories that the speakers have to offer through their experience and you can always pickup and relate to them at some point or hope not to.

Check out the twitter feed here [http://twitter.com/ecrimewales] with some questions and answers and a general overview of the speakers key points.

A picture of Prof. Andrew Blyth, Ed Gibson & Chris Corcoran http://bit.ly/3drSUL

A great service provided by SpamHaus are the advisory lists they provide (i.e., Spamhaus Block List, Exploits Block List and Policy Block List ). Check them out at http://www.spamhaus.org/.

e-Crime Wales also have a blog at http://ecrimewales.posterous.com/

Update (@11:20): We got a mention in the Welsh Daily Post: "E-crime costs Welsh companies hundreds of millions of pounds annually" - Oct 22 2009 - Daily Post - http://www.dailypost.co.uk/business-news/business-news/2009/10/22/e-crime-costs-welsh-companies-hundreds-of-millions-of-pounds-annually-55578-24989506/

May 7, 2009

Inside Security News
is about »
» Disk Study 2008-2009

We do the disk study every year and really look forward to what might pop up. It is a bit like the feeling you get when unwrapping gifts at a birthday or Christmas. This year[1-7] we had some very interesting drives come our way. As Prof. Andrew Blyth said “While it's not getting worse, its not getting any better either” which is really worrying.

Let me take this opportunity to mention also that we use AccessData as our analysis tool and that the drives provided were all randomly and blindly delivered to us.

We had two drives containing data from the Scottish NHS hospital with confidential patient data and a disk from the German embassy in Paris (France) containing interesting security logs.

The case that has made the headlines is that of a drive found in America by the partnering University (Longwood University) contained test launch procedures etc. I also think that the drive involving a US-based consultant, formerly with a US-based weapons manufacture, that revealed account numbers and details of proposals and $50bn in currency exchange was as equally interesting.

Details from the following companies are included in [5], they are Laura Ashley, Lanarkshire NHS, Ford Motor Company, Swindon Council and Nokia.
Updated content and links at 16:32

Full coverage can be found at:

[1] http://news.bbc.co.uk/1/hi/wales/8036324.stm

[2] http://www.theregister.co.uk/2009/05/07/data_destruction_survey/

[3] http://www.telegraph.co.uk/news/worldnews/northamerica/usa/5289638/Sensitive-US-missile-defence-data-found-on-computer-disk-bought-on-eBay.html

[4] http://www.dailymail.co.uk/news/article-1178239/Computer-hard-drive-sold-eBay-details-secret-U-S-missile-defence-system.html

[5] http://www.channel4.com/news/articles/science_technology/sensitive+data+on+ebay+computers/3129857

[6] http://www.guardian.co.uk/technology/2009/may/07/data-loss-hard-drives

[7] http://www.guardian.co.uk/technology/2009/may/06/data-loss-lockheed-missile-defence

May 5, 2009

Inside Security News
is about »
» Infosec 2009

Infosec 2009 has come and gone. We met and networked with a lot of people and explained to many our research and projects. I can say it was a lot of fun overall. Certainly standing and talking to people all day can be very tiring. Especially over a period of three days. Don't forget the unpacking and packing! Finally we have some pictures to show.

We have Huw Read and Gareth Davies at stand K47 getting ready to welcome the visitors and any inquisitive minds.

Prof. Andrew Blyth at the stand making sure that all lollies and apples are in order for handing out with a complimentary pen.

Iain Sutherland and Huw Read were at hand for any further questions.

The Information Security Research Group in a group photo with Phil Zimmerman at Infosec 2009.

Exactly opposite from our stand was GData who had a "Back to the Future" like DeLorean on show.

April 27, 2009

Inside Security News
is about »
» The ISRG @ Infosec 2009

The Information Security Research Group (ISRG) is going to Infosec 2009 (Infosecurity Europe, 28-30 April 2009, Earls Court, London http://www.infosec.co.uk). Come by and have a chat with one of our representatives. See what courses and consultancy the group has to offer.

You can find us at Stand K47 (http://www.infosec.co.uk/page.cfm/action=Exhib/ExhibID=00890).