Hi all, First off apologies for the rather dormant blog lately. Things have again gotten pretty chaotic on our side. The good kind of chaos though. We however are going to keep more posts coming your way.
For the year ahead we have already got a couple trips to Dubai and possibly Amsterdam planned. Although Dino might make me sign a few more NDAs before we head there. We also have a number of projects lined up which we will do our best to keep everyone up to date on. We wish you all the best for the year ahead.
Tuesday, February 2, 2010
Wednesday, September 9, 2009
A new addition to our team
Telspace Systems would like to congratulate and welcome Andries Burger. Andries beat some stiff competition and he has come on board the infosec team as a Junior Security Analyst. We wish you a warm welcome!
For our clients this new addition to our dedicated team brings some new knowledge and better service delivery to our clients.
Telspace Systems is always looking out for new talent and we are currently in the process of hiring even more analysts, if you think you make the cut please contact us.
For our clients this new addition to our dedicated team brings some new knowledge and better service delivery to our clients.
Telspace Systems is always looking out for new talent and we are currently in the process of hiring even more analysts, if you think you make the cut please contact us.
1995 all over again.
Last night an exploit was released affecting all Windows7 and Vista(Fully patched) servers. We have also confirmed in our lab that this exploit also works against windows server 2008.
The exploit allows for remote denial of service attacks against any of these server.
The bug lies in the SMB2.0. ( http://securityreason.com/exploitalert/7138 )
Microsoft has recommended that that the SMB port(445) be blocked until Microsoft releases a patch.
More can be read here: http://www.microsoft.com/technet/security/advisory/975497.mspx
The exploit allows for remote denial of service attacks against any of these server.
The bug lies in the SMB2.0. ( http://securityreason.com/exploitalert/7138 )
Microsoft has recommended that that the SMB port(445) be blocked until Microsoft releases a patch.
More can be read here: http://www.microsoft.com/technet/security/advisory/975497.mspx
Friday, July 24, 2009
Telspace to present at Itex - Botswana
Telspace CEO Dino Covotsos and Senior Security Analyst Charlton Smith will be keynote speakers at this premier IT conference in Botswana which takes place between the 30th of July and 1st of August 2009.
About Itex
The new-world economy is based on globally networked information systems. Information today is the currency for a knowledge economy geared towards development.The Information Technology Exhibition (ITEX) is prudently crafted for exhibitors to showcase the latest technologies in the areas of Business Solutions, Telecommunication, Communication and Consumer Electronics. It also avails an opportunity for descision makers to learn about current technologies.
Monday, June 15, 2009
Green Dam hackers.
The Chinese government has mandated that all computers in the country must have the screening software installed.
This obviously bring about many security issues, such as - if the applications installed are not secure? This could leave the whole of China exposed to being compromised.
Security doesn't seem to phase the government too much. We have already seen an exploit released for one of the applications to be installed(released 2009-06-12) Green Dam.
The Green Dam software filters content by blocking URLs and Web site images and by monitoring text in other applications.
From Exploit:
"Green Dam is a software used for monitoring and anti-pornography, popularizing by Chinese goverment. After July 1st, it will be forced to install on all new Chinese PCs. Now it already has 50 million copies in China.
In order to monitor the URL that user is exploring, Green Dam injected the browser process. When Green Dam is trying to handle a long URL, a stack overflow will occur in the browser process.
This exploit can be used for exploitation on IE, on those computers installed Green Dam. I used the .net binary to deploy shellcode, for it`s more stable than Heap Spray, and able to bypass DEP and ASLR on Vista."
*sigh*
In other News Dino and I will be going through to Botswana next month, to keynote at a conference. We will provide you with more information soon.
Take care.
This obviously bring about many security issues, such as - if the applications installed are not secure? This could leave the whole of China exposed to being compromised.
Security doesn't seem to phase the government too much. We have already seen an exploit released for one of the applications to be installed(released 2009-06-12) Green Dam.
The Green Dam software filters content by blocking URLs and Web site images and by monitoring text in other applications.
From Exploit:
"Green Dam is a software used for monitoring and anti-pornography, popularizing by Chinese goverment. After July 1st, it will be forced to install on all new Chinese PCs. Now it already has 50 million copies in China.
In order to monitor the URL that user is exploring, Green Dam injected the browser process. When Green Dam is trying to handle a long URL, a stack overflow will occur in the browser process.
This exploit can be used for exploitation on IE, on those computers installed Green Dam. I used the .net binary to deploy shellcode, for it`s more stable than Heap Spray, and able to bypass DEP and ASLR on Vista."
*sigh*
In other News Dino and I will be going through to Botswana next month, to keynote at a conference. We will provide you with more information soon.
Take care.
Monday, May 18, 2009
About time!
First off, apologies for not updating the blog in a while. Things have been rather hectic here :)
Dino Covotsos and Daniella Kafouris recently presented at Crawford college. They presented on various social networking issues. The talk was aimed at making parents more aware as to what threats their children are faced with when using social networks. From Mxit to Facebook. The presentation was well received by Crawford college. Telspace Systems will also be presenting on Clickjacking at the Security Summit 2009 on day 2, so if you are going to the summit try catch our talk.
On the security side, quite a few exploits have been released this month, the more dangerous ones being 'Linux Kernel 2.6.x ptrace_attach Local Privilege Escalation Exploit' and 'Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Vulnerability' so please apply the relevant patches and updates as soon as possible.
Till the next post be safe and take care.
Dino Covotsos and Daniella Kafouris recently presented at Crawford college. They presented on various social networking issues. The talk was aimed at making parents more aware as to what threats their children are faced with when using social networks. From Mxit to Facebook. The presentation was well received by Crawford college. Telspace Systems will also be presenting on Clickjacking at the Security Summit 2009 on day 2, so if you are going to the summit try catch our talk.
On the security side, quite a few exploits have been released this month, the more dangerous ones being 'Linux Kernel 2.6.x ptrace_attach Local Privilege Escalation Exploit' and 'Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Vulnerability' so please apply the relevant patches and updates as soon as possible.
Till the next post be safe and take care.
Friday, February 13, 2009
Twitters falls victim to ClickJack attack
Twitter put an end to a clickjacking attack yesterday that got users to click on a link labelled “Don’t Click”.
In an attempt to satisfy their curiosity (or simply do what they were told not to do) thousands of users clicked on the link.
Whether they clicked on the link or not, a link would appear on their Twitter page with the same link and message as they originally received.
"We patched the "don't click" clickjacking attack 10 minutes ago. Problem should be gone," John Adams, aka Netik, an operations engineer at Twitter, tweeted around 11 am PST.
Although annoying, the clickjacking seems to be harmless and just propagated itself.
More on this attack can be found here.
In an attempt to satisfy their curiosity (or simply do what they were told not to do) thousands of users clicked on the link.
Whether they clicked on the link or not, a link would appear on their Twitter page with the same link and message as they originally received.
"We patched the "don't click" clickjacking attack 10 minutes ago. Problem should be gone," John Adams, aka Netik, an operations engineer at Twitter, tweeted around 11 am PST.
Although annoying, the clickjacking seems to be harmless and just propagated itself.
More on this attack can be found here.
Subscribe to:
Posts (Atom)
