[SecurityRatty] tag: singapore

Southeast Asia: Perspectives on Compliance

Tue, 02 Sep 2008 20:00:00 +0000

This past weekend, I left Southeast Asia after a week-long trip to Bangkok, Singapore and Manila. The week was spent in back-to-back meetings with customers and our local sales teams, and the majority of our discussions centered on PCI DSS and compliance in general. One clear takeaway: Compliance is one of THE growing areas of concern for businesses in the region.

I found the degree to which customers in the region were concerned about compliance to be a bit of a surprise. I say 'surprise' because I often hear that compliance isn't as much of an issue outside of the U.S. From what we're seeing, though, the regulatory environment in non-U.S. geos, including Southeast Asia, is becoming more complicated...

Wee-Fi: Zen X-Fi, Apple iPod/iPhone Remote, Bullet Train-Fi, St. Louis-Fi

Thu, 10 Jul 2008 10:40:15 +0000

Creative unveils ZEN X-Fi: The handheld music player, one of the first to have what appears to have real flair without being an iPod ripoff, can stream music from a local collection over Wi-Fi. It also includes a Secure Digital slot, instant messaging (via Yahoo and MSN), an FM tuner, and a wide LCD scree. The unit is on sale in Singapore for about $170 for an 8GB model without Wi-Fi; a Wi-Fi-enabled model is $250 for $16 GB and $300 for 32 GB. They're due in the US "soon."

iPhone, iPod touch now Wi-Fi remote control (see screen capture at right): The iPhone 2.0 software was soft released today, with a download available from Apple that's not yet being pushed via iTunes software when users' systems check for updates. The free Remote software, downloadable from the new App Store on the iPhone or Applications area in the iTunes Store, controls copies of iTunes on the local network once you've used a simple pairing technique. The same is true for the Apple TV with a free 2.1 software update for the digital box that's available now. (Also, you can snap screen shots in iPhone 2.0: Hold down the Home button and then press the top button. The capture is stored in your photo roll.)

Japanese bullet train gets Wi-Fi by next March: This was first announced in 2006; it's still on track, pun intended. The line runs from Tokyo to Osaka.

Network 1 expands its service St. Louis area: The company will offer service in 8 additional cities for a total of 15 in the St. Louis, Mo., area. The network provider is building out a neighborhood at a time using ostensibly commodity equipment. They charge $20 to $50 per month for service, and are focused on residential, rather than outdoor cloud access.

Security Briefing: May 28th

Wed, 28 May 2008 08:49:50 +0000

Insert pithy note about how much fun I’m having and how I enjoy the struggle of reading/collating/loving the links at 0-early-thirty in the frakkin morning. Thanks to all of our new subscribers that joined us yesterday. Welcome! And bunnies. Magic Bunnies!

Click here to subscribe to Liquidmatrix Security Digest!

And now, the news…

Man Allegedly takes a penny from the cup belonging to E-Trade and Schwab then gives the money back to Lumberg just before Milton burns the place to the ground.
Get Kraken on your botnet You want the original title or the funny title?
Haberdashery! Or, how to tell an Aitel fanboi from a mile away
HP SPIs SaaS appsec glory hey - if you think you’re so much smarter than me - comment! (not you CJ, you’re scary)
Singapore firm claims to own patent on clicking an image to go to a different site does prior art from 1993 count against a patent issued in 2004?
And the Gold goes to RFID - Olympic Tickets to contain details on legitimate holder What is the relevance of the Olympics these days anyways?
Flash Pants! - Flash 0day vuln pwns you
Consumer Alert - you’re keeping too much data in your phone Your drinking phone should look like you’re at a retro party
Prepare for ~~Jesus-Net~~ Family-friendly broadband - Nanny-state sez free-Wifi is walled garden

Tags: News, Daily Links, Security Blog, Information Security, Security News

RBN's Fake Account Suspended Notices

Tue, 15 Jan 2008 16:07:34 +0000

In the last quarter of 2007, under the public pressure put on the Russian Business Network's malicious practices, the RBN started faking the removal of malicious domains from its network by placing fake account suspended notices, but continuing the malware and exploit serving campaigns on them. And since I constantly monitor RBN activity, in particular their relationship with the New Media Malware Gang and Storm Worm, a relationship that I've in fact established several times before, a recently assessed malicious domain further expands their underground ecosystem. Let the data speak for itself :

dev.aero4.cn/adpack/index.php (195.5.116.244) once deobfuscated loads dev.aero4.cn/adpack/load.php :

Detection rate : 11/32 (34.38%)
File size: 6656 bytes
MD5: 5eb0ee32613d8a611b6dc848050f3871
SHA1: 55c0448645a8ed2e14e6826fae25f8f9c868be30

It gets even more interesting as the downloader attempts to download the following :

88.255.94.250/s2/200.exe
88.255.94.250/s2/m.exe
88.255.94.250/s2/d.exe
88.255.94.250/s2/un.php

And as I've already pointed out in a previous post, 88.255.94.250 is the New Media Malware Gang. Moreover, next to m.exe and d.exe with an over 50% detection rates, 200.exe is impressively detected by one anti virus vendor only :

Detection rate : 1/32 (3.13%)
File size: 33280 bytes
MD5: 9bf9265df5dea81135355d161f3522be
SHA1: 44cdcaf5e8791e10506e3343d73a2993511fa91f

Further continuing this assessment, firewalllab.cn (203.117.111.106) also responds to aero4.cn, and is hosted at AS4657 STARHUBINTERNET AS Starhub Internet Pte Ltd 31, Kaki Bukit Rd 3 SINGAPORE (previously known as CyberWay Pte Ltd). Even more interesting is the fact that 203.117.111.106 is also responding to known New Media Malware Gang domains :

businesswr.cn
fileuploader.cn
firewalllab.cn
otmoroski.cn
otmoroski.info
security4u.cn
tdds.ru
traffshop.ru
x-victory.ru

Furthermore, 203.117.111.106 seems to have made an appearance at otrix.ru, where in between the obfuscation an IFRAME loads to 58.65.233.97/forum.php, where two more get loaded 4qobj63z.tarog.us/tds/in.cgi?14; 4qobj63z.tarog.us/tds/in.cgi?15. Deja vu, again, again and again - 4qobj63z.tarog.us was among the domains used in the malware embedded attack again the French government's site related to Lybia, and there I made the connection with the New Media Malware Gang for yet another time.

There's indeed a connection between the RBN, Storm Worm and the The New Media malware gang. The malware gang is either a customer of the RBN, partners with the RBN sharing know-how in exchange for infrastructure on behalf of the RBN, or RBN's actual operational department. Piece by piece and an ugly puzzle picture appears thanks to everyone monitoring the RBN that is still 100% operational.

What's your data worth? More importantly, to whom?

Thu, 25 Oct 2007 02:49:21 +0000

This week, I'm attending and spoke at a cybercrime conference in Singapore. One of the presenters made a very good point, and I want to share it with you.

When considering how to protect your data, don't consider how valuable it might be to an attacker. Always, instead, consider how valuable it is to you.

I know, it seems so simple when you see it in print. But, surprisingly, many people take the opposite approach. "We don't have anything of value to anyone else, we don't need security." There's no more dangerous statement than this. Resist the urge to think about its value to the bad guys when deciding how to secure your data, because if you think your data isn't valuable to anyone else, then you'll probably get the security wrong (that is, you won't have enough).

If you've got data accessible online, it's valuable to someone -- you! Why else would you put it up? It's logical, then, that it might be valuable to someone else, even if you can't imagine how. So think about your data's value to your organization: how much is it worth, and what is your exposure if the data is stolen, compromised, or lost. When you take this approach, you'll get the security right, and your decisions will reflect the true value of your data.

Modelling Financial Risk Seminar

Mon, 31 Jul 2006 22:13:00 +0000

Just got an invitation through email to participate in a class offered by Macquire University's Advanced Finance Centre and PRMIA. It is a course designed for Risk Management Professionals. It involves lectures by Dr. Elizabeth Sheedy and some computer workshops after each topic.

Topics for Discussion

Introduction
Measuring Risk Under the Normal Distribution
Historical Simulations for Measuring Risk
Monte Carlo Simulations for Measuring Risk
Stress Testing
VaR in the Absence of Normality
Liquidity Risk
Model Risk
Maximum Likelihood Estimation

Course Schedule

Thursday 17 August 2006 - 5:30pm to 8:30pm
Friday 18 August 2006 - 5:30pm to 8:30pm
Saturday 19 August 2006 - 9:00am to 5:00pm
Sunday 20 August 2006 - 9:00am to 5:00pm

Fees

SGD 1785 (includes GST) - per person
SGD 1575 (includes GST) - per person from the same entity

Venue

School of Financial Services and Risk Management, Singapore Human Resources Institute, Singapore Conference Hall, 7 Shenton Way #01-02 Singapore 068810

Contacts

65 6438 0012
shortcourses@mafc.mq.edu.au

An outline is available at this link.

I'm quite knowledgeable in risk measurement so the initial topics are just the same old stuff. The latter topics though are quite interesting. Too bad I'm not in Singapore.

Tags: finance risk risk management seminars courses