Are you the publisher? Claim or contact us about this channel


Embed this content in your HTML

Search

Report adult content:

click to rate:

Account: (login)

More Channels


Channel Catalog


Channel Description:

Hackers for hire

older | 1 | (Page 2) | 3 | newer

    0 0

    ITWeb Security Summit 2012 - JHB, South Africa


    Telspace Systems will be sponsoring and exhibiting at the ITWeb Security Summit 2012 during May 2012. We invite you to come meet us at our stand, catch up with us and discuss information security trends. The 7th annual ITWeb Security Summit brings together key industry experts in IT security and related industries who will focus on the issue of trust, and the need to re-assess the standard approaches to IT security. More information can be found at http://tiny.cc/iphvcw .

    TakeDownCon - Dallas, USA


    After a successful 2011 training session(including training up the Canadian Defence Force), Telspace Systems will be presenting training again at TakeDownCon - Dallas, USA during May 2012. The TakeDownCon security conference is a place to take the technical aspect of infosec conversations and bring them to the forefront in a highly technical forum that allows you to participate in and experience training and presentations that will hit home with issues that you will face in your every day life as an IT Security Professional.  More information can be found at http://tiny.cc/lrhvcw .

    TakeDownCon Dallas will highlight the many ways your critical infrastructure can be compromised; how your security systems are being breached and what methods are being deployed to hijack or steal your assets!

    0 0
  • 07/31/12--00:38: Telspace Talk at ISSA 2012


  • Telspace presented at the ISSA conference last year when our CEO, Dino Covotsos, did a fantastic presentation titled: Sailing the Lulz Boat. The talk centred around one of the most controversial hacking networks in recent times and what they did and how they did it. This will be my first presentation at the ISSA, and my first for Telspace too.


    I will be continuing on Dino’s great presentation by discussing how the LulzSec network got caught and prosecuted and also why this sort of activity is not a good idea. Prosecuting cyber-criminals is a very difficult task as there are jurisdiction difficulties and we will have a look at some of the internet laws involved, and the tactics used to capture the LulzSec group.


    Following from this we will also look at the requirements of many compliance and legislative acts that speak to risk mitigation, not only operational, but reputational, that organisations should be employing with respect to their industries to reduce these risks. It has been a passion of mine in an ever more connected world to speak about this as with more connectivity comes more risk. This is not just through the direct connectivity organisations employ themselves, but the interconnectivity they practice with other stakeholders, such as vendors and suppliers and customers that expose themselves to risk through a need to increase their own productivity.


    It should be a fun talk, and I am really looking forward to it! See you all at the ISSA Conference in August 2012! 


    0 0
  • 10/30/12--03:34: We are hiring!


  • Job Description - Web Application Security Analyst

    As a penetration tester, you would be expected to conduct formal tests on web-based applications, networks, and other types of computer systems on a regular basis. Along with these tests and assessments, you'll be conducting regular security audits from both a logical/theoretical standpoint and a technical/hands-on standpoint. This specific job requires in depth understanding of web application security, secure coding and deep knowledge of web application security overall.

    Tasks include:
    • Performing application penetration testing and application source code review against custom built software applications
    • Conduct vulnerability assessments and penetration testing on Internet-facing and internal client systems
    • Exploit vulnerabilities to gain access, and expand access to remote systems
    • Document technical issues identified during security assessments
    • Assist with building recommendations for hardening, and maintaining systems used for penetration testing
    • Research cutting edge security topics and new attack vectors

    Desired Skills & Experience

    • At least 3 years experience as a security analyst or relevent experience as a penetration tester.
    • Bachelor’s degree in Computer Science an extra benefit.
    • Advanced Security Certifications required. 
    • Good technical, analytical, interpersonal, communication and writing skills.
    • Excellent self management skills
    • Ability to work both independently and as team lead on individual assessments.
    You can apply at www.linkedin.com/jobs?viewJob=&jobId=4056697&srchIndex=5 or send us your CV's if you are interested. We currently have 2 positions open as per the above!

    0 0


    Job Description: National Sales Manager

    Manage all sales related activities including:

    • Generating sales leads, qualifiying new prospects, and developing new customers.
    • Manage pricing and sales proposal processes to ensure optimum profitability and growth.
    • Work closely with services and analysts to cultivate and close new opportunities.
    • Maintain account information and pipeline reports.
    • Consistently hitting and exceeding designated target.
    • Setting targets for sales associates and managing a smaller team of sales associates in the future.

    Desired Skills and Experience:

    • 3+ years selling security consulting services, specifically Penetration Testing, Vulnerability Assessments and Information Security Training to new clients and closing additional/followup work with existing clients.
    • Sufficient technical knowledge of Penetration Testing, Web application security and training services to be able to address customer issues and queries.
    • Significant contacts and relationships with CISOs and other decision makers
    • Superior negotiating skills
    • Consistent record of being above quota.
    • Ability to create presentations, proposals and SOW documents.
    • Bachelors degree preferred
    • Self motivated, dedicated and hard working sales person.

    You can apply at http://www.linkedin.com/jobs?viewJob=&jobId=5118390&trk=job_nov or send us your CV's if you are interested. We currently have 2 positions open as per the above!

    0 0

    Information security services and training company, Telspace Systems, will be establishing an EU-based office during the Infosecurity Europe event at the end of April this year.

    Telspace Systems has been successfully operating in Johannesburg, South Africa, since 2002. The company offers information security services including attack and penetration testing, web application assessments, vulnerability assessments, and security consulting. Telspace Systems also has a training division which offers practical courses such as the highly-anticipated Ethical Hacking 101, and the popular Wireless & Bluetooth Hacking. These courses are often presented at high-level government and internationally-recognised security conferences. 

    The new office, which will be situated in central London in the UK, will provide much the same services as the Johannesburg-based office, although the company is always developing new training courses and services into its existing portfolio.  

    Says Shaun Levy, Sales and Recruitment Director at Telspace Systems, "For the past few years we have been extensively servicing companies globally. We feel it is the right time to have a physical presence in Europe for our customers, especially since we have already seen a number of parties interested in investing in our European operations."

    Telspace Systems currently services clients across Europe, Africa, Malaysia, UAE and America. "We already have an extensive base of EU clients," explains Levy.

    "The information security industry is growing at a rapid rate and as a result, many organisations are demanding our top quality services," according to Telspace Systems CEO Dino Covotsos. "Our decision to establish an EU footprint gives us the opportunity to expand on a global scale, which has always been a part of our corporate mission."

    Levy adds, "Having an office in the EU enables us to hire more technically-aligned staff, which benefits our South African clients by providing them with a carefully-selected team of top international analysts."

    The company is currently in the final stages of interviewing for the management position at its soon-to-be-launched EU office. "We thought a good time to officially open our EU office would be during Infosecurity Europe at which we will be exhibiting," explains Levy.

    Infosecurity Europe is taking place at Earl Court in UK this year, between 23-25 April 2013, and is considered to be the top information security event in Europe. 

    "Based on the success of our EU-based office, Telspace Systems plans to establish new offices in other countries, to even further expand our global reach," Covotsos concludes.



    0 0

    ITWeb’s Security Summit is taking place at the Sandton Convention Centre this year between 7 and 9 May, and we hope you’ll be joining us there.

    Telspace Systems has been involved with this event almost since its inception in 2005. Initially, we presented talks on topics such as Bluetooth Hacking to the local and international delegates, and more recently, we've been involved as sponsors and exhibitors.

    A few years ago, as some of you might remember, we were involved in a very successful charity drive for renowned computer security expert Johnny Long’s (j0hnnyhax) Hackers For Charity initiative.

    Whatever our involvement, though, one thing has stayed the same - Telspace Systems always has a lot of fun at ITWeb’s Security Summits. Not only that, but we find the event to be a great place for us to keep up-to-date with the local IT security community and to get in touch with our customers face-to-face. It also always gives us the opportunity to discuss industry issues and solutions in-depth, which helps us better figure out what our clients want from us on a service level.

    According to the website, at ITWeb’s eighth annual Security Summit, “We take a stand, and assert that while some battles have been lost, we need not lose the war. With informed strategy, and effective tactics, as well as a better understanding of the enemy, we may yet turn the tide of the growing cyber security threat.”

    This year’s international keynote speaker will be Misha Glenny, investigative journalist and leading expert on cybercrime and on global mafia networks, and he will be contextualising the current information security challenges faced by organisations across the globe.

    Other speakers include: Richard Bejtlich, chief security officer at MANDIANT; Adam Ely, founder and chief operations officer of Bluebox; Runa Sandvik, developer, security researcher, and translation co-ordinator, at The Tor Project; Ben Gatti, independent software hacker; and Robert Weiss, founder of Password Crackers.

    The event will not only showcase expert insights, but will also feature interactive workshops, valuable networking opportunities, sought-after SANS training, and practical solutions.

    With less than a week to go, we hope you’ve registered and are gearing up to attend this top-level local event. But most importantly, we hope you are as excited as we are!  

    Come visit us at Stand 2, it would be great to catch up with you all!

    0 0


    Last month, Telspace Systems made a very important trip to the UK. On the one hand, we went to showcase the company among the other 350+ exhibitors at Infosecurity Europe, but just as importantly, we officially launched our EU-based office in central London.


    Infosecurity Europe, considered to be Europe’s number one Information Security event, took place between 23-25 April, at Earl’s Court, London this year.


    Although this event has been successfully running for 18 consecutive years, this was Telspace’s first time exhibiting there, and it proved to be the perfect opportunity to coincide with our local office opening.




    With over 17 000 registered attendees, we were kept very busy interacting with all the delegates at our stand. We gained a lot of international exposure and met a lot of key industry players, including many competitors. Overall it increased our market presence and also provided us with the opportunity to service new clients.


    We managed to collect many great leads, of which we had a large amount of callbacks. Some of the top most contacted clients from the exhibition include UK, Italy, USA, Germany, and Spain. The event also proved to be a great platform for us to present our highly-talented EU-based security engineers to potential international clients.


    We were very impressed with how professionally the event was organised and executed. During the whole time we were there, we never ran into any problems. We were amazed by the massive networking opportunities the event offered and we enjoyed the chance to compete in the EU market. The interest and knowledge presented about our industry was huge and it was very exciting to see where we are heading.



    Overall, it was a great experience and everyone was very welcoming. We were proud to represent South Africa at an international level and hope to attract even more customers in 2014. We've already booked a stand for next year in the main exhibitor zone!


    Check out these links for more information about our EU office launch:



    0 0


    Following its defacement to the Massachusetts Institute of Technology (MIT) website (mit.edu) in January earlier this year, hacker group Hack the Planet (HTP) have once again done damage to the organisation.

    Earlier this year, the group not only performed an anti-Anonymous troll defacement on the MIT homepage, but they managed to intercept and gain full control of the Institute’s incoming and outgoing e-mail by compromising its domain. Although this claim was initially denied by MIT spokespeople, a later statement proved it to be accurate.   
    Since then, the hacktivists have managed to maintain access to MIT’s EDUCAUSE domain and have, according to one of their previous newsletters (HTP Zine 5), “entrusted the login credentials of nearly every EDU domain to hackers worldwide”. Links to downloadable ZIP files of the login credentials were also made available in the newsletter.
    As it stands, HTP claims to still have active access to MIT’s information, although they have not disclosed any details as to the techniques they used to do so.
    The above incident is one of many examples attributable to a steady rise in hacktivism. Up until a few years ago, hacking existed very much as means to procure illicit funds as part of a growing “underground economy”. Almost all cybercriminal incidences were centred around monetary gain.
    However, nowadays with the likes of LulzSec, Anonymous and as illustrated above HTP, hacktivist groups are cropping up in growing numbers, their sole purpose being to cause damage via targetted attacks. Much of the time, these attacks are in accordance with some political agenda, but in many cases, these groups are gaining access to high profile organisations for their own enjoyment or, as many of them claim, to teach the target “a lesson in security”.
    On the one hand, the rise in popularity of these types of attacks have had a positive influence in the industry, as they have forced many organisations to increase their corporate information security tenfold, something that security companies have been urging them to do for years.
    On the other hand, damages to some organisations’ reputations have been irreversible and members of the public are increasingly showing distrust towards the companies that handle their online transactions and information.
    To safeguard yourself and your company from damage caused by hacktivist groups such as HTP, we believe it is extremely important to take proactive steps in protecting all facets of your network on a continual basis. This will ensure peace of mind that your organisation is protected from even obscure attacks such as this one.


    0 0
  • 05/28/13--01:22: MML Injections

  • In a recent penetration test we came across a Huawei device that used a Tomcat frontend to send certain parameters to a separate interface or to the command line. At the time we were not sure where the parameters were being sent, but it did seem to give strange returns when playing around with it. Upon further inspection we noticed an error code commented within the page when an error was generated.


    After a bit of googlin’ we discovered it was Man-Machine language (MML). According to the wikipedia page:

    A man-machine language or MML is a specification language. MML typically are defined to standardize the interfaces for managing a telecommunications or network device from a console.”

    And;

    “Man-Machine Language (MML) is the industry standard command line language used to manage telecommunications network elements.”

    We won’t be getting into the technical stuff on MML and TL1, there is already a lot of information out there on it. We will just be focusing on web portals that use parameters to feed into a query. Essentially our attack was an injection attack. We had a predefined command with our supplied value inserted into one of the properties and the command was run. This may be common on quite a few telecom devices with a web frontend.

    A simple query may look like: 

    Function{ PARAM1=”Value”, PARAM2=”$user_supplied_value”, PARAM3=”predefinedValue” }

    Let’s say we are able to specify the value for ‘value2’ and the other values are already set and we want to redefine the value for ‘PARAM3’ our input may look like:

    Anything”, PARAM3=”our new value”};

    This will overwrite the PARAM3 value with ours, the semicolon acts as a comment to comment out the remaining part of the query containing the initial value for PARAM3. 

    Unfortunately it is not currently possible to redefine a value if it is declared before our input. This will generate an error stating duplicate values exist. 

    Another trick that can be used is to escape prefixes to our supplied value is to use a colon(:) this can be used to specify multiple values for an input.

    Let’s say the following query has a prefix on our value:

    Function{ PARAM1=”Value”, PARAM2=”PREFIX_$user_supplied_value”, PARAM3=”predefinedValue” }

    We could supply the following to escape the prefix:

    Anything” : “noPrefix

    This will supply the extra value without a prefix.

    So that’s it for now, hopefully this helps someone out there, please feel free to add extra info or other attack methods in the discussion.

    Cheers, Charlton

    0 0

    Telspace Systems is very excited to announce we will soon be moving to our new offices in Hyde Park. The new offices are custom decorated by Luca Designs (www.lucadesigns.co.za) and come complete with stylish décor in a hacker-type setting.
    The decision to move comes largely after an unfortunate break-in we had last year at our previous workplace, but with the new arrangement offering our growing local and international staff a better working environment, we like to see it as a blessing in disguise :)
    We would also like to welcome our newest employee, Adam Hollins. Adam came to us with a lot of customer-facing experience and an understanding of client relationship building. At Telspace, Adam will mostly be acting as liaison between our security analysts and our clients during penetration testing projects and web application assessments to ensure everyone remains on the same page. He will also be involved in and head many of our current and upcoming training sessions.
    So by welcoming Adam to our growing team and with moving to funky new offices, June 2013 marks a very exciting month for Telspace Systems!
    Once we’re well settled into our new space in a few weeks time, we’ll take some cool pics to post on our blog. So watch this space...

    0 0
  • 07/23/13--05:00: Telspace talks steganography
  • Last week, our very own Technical Director, Charlton Smith, gave a presentation on Steganography among a panel of experts at Webber Wentzel in Illovo.

    The event was sponsored by Camargue Underwriting Managers and Webber Wentzel in alliance with Linklaters and took place on the 18th of July between 10:30 and 12:00. Telspace Systems was invited to attend the panel of experts as Camargue’s preferred penetration testing partners.

    The panel was asked to discuss the realities of cybercrime in South Africa in the context of the upcoming POPI Act. Specifically, the discussion included cyber risk management and risk transfer strategies.

    The informative and very funny presentation was delivered to around 20 attendees, both technical and non-technical, who all seemed impressed with both Charlie’s knowledge on the topic and his ability to add humour to the subject.

    According to Charlie, he chose to talk about steganography because it is relatively low-level and he wanted to include the non-technical audience as well as the techies. He also believes, in the context of the POPI Act, steganography is very relevant as it allows for new techniques of transferring information, without setting off any alarms.

    In brief, here are some of the highlights of Charlie’s presentation, entitled Steganography 101:

    - The word steganography is of Greek origin and means "concealed writing".

    - Steganography is not the same as cryptography, although they supplement each other.

    - Early uses of this technique include hidden messages within wax tablets and there was even a story told by Herodotus of a message tattooed on the shaved head of a slave.

    - Modern technology allows for a number of new techniques to be used in steganography, including injection techniques, bit substitution, spam, PGP, and even the game of Sudoku.

    - Common carrier objects include images (.PNG .JPG .JPEG etc.), audio (Any sound clips .mp3 etc.), emails, and PDFs.

    - Injection involves embedding the secret message directly into the carrier object and almost all programs today (web browsers, Microsoft Office programs, etc) have methods of placing data in a file that will be ignored or not displayed to the user.


    New Junior Marketing Manager needed!

    As an aside, Telspace Systems is currently looking for a Junior Marketing Manager to join our exciting team. If you think you have what it takes, please email adam[@]telspace.co.za for more information. Good luck!


    0 0

    Earlier this month, American President Barack Obama gave a press conference regarding issues surrounding the PRISM spying controversy.
    Back in May, he defended a revelation by Edward Snowden that the National Security Agency (NSA) has been intercepting and collecting phone and electronic communications since the reign of former president George W. Bush.

    Since then, news sources have reported that the NSA had obtained a court order to collect phone records from Verizon Wireless customers, and discussed the existence of PRISM, a program launched in 2007,which tracks information from well-known US-based Internet companies including Microsoft, Yahoo, Google, Facebook, AOL, YouTube, Apple, PalTalk and Skype.

    In response to this, Obama stated that the programs are essential to combating terrorist threats claiming, "They may identify potential leads with respect to folks who might engage in terrorism.”

    He also argued that the impact of the programs has been overstated. "Some of the hype we've been hearing over the past day or so - nobody has listened to the content of people's phone calls," he explained.

    At his most recent press conference, Obama once again addressed the issue of privacy in this regard explaining, “As I said at the National Defense University back in May, in meeting those threats we have to strike the right balance between protecting our security and preserving our freedoms. And as part of this rebalancing, I called for a review of our surveillance programs.”

    The decision to initiate a review came after various security breach incidents. As Obama stated, “Unfortunately, rather than an orderly and lawful process to debate these issues and come up with appropriate reforms, repeated leaks of classified information have initiated the debate in a very passionate, but not always fully informed way.”

    To conclude his speech, Obama listed a series of four steps that will be taken shortly to ensure the security issues are dealt with. In brief, these are:

    1. Pursuing appropriate reforms to the program that collects telephone records.

    2. Working to improve the public’s confidence in the oversight conducted by the Foreign Intelligence Surveillance Court, known as the FISC.

    3. Be more transparent.

    4. Forming a high-level group of outside experts to review America’s entire intelligence and communications technologies.

    After reading news articles, forum posts, twitter feeds and blogs debating Obama’s above ‘solution’, it becomes clear that nobody in the security industry really thinks the US president dealt with this situation properly.

    We at Telspace Systems firmly believe in the importance of being proactive, rather than reactive, when it comes to security in general. The US presidency should’ve been much more transparent with America’s citizens even before the monitoring started. Because they chose to conceal their spying tactics, they now sit with a country full of very angry, suspicious and sceptical people.

    It is important to remember that US citizens are not being affected by this alone. Even us, in as far away as South Africa, have had our phone records collected and electronic communications monitored as the above affects all international traffic flowing through any US pipes... and this includes Gmail and Facebook.

    Even on a local front, we are not safe from government spying operations. Currently, we are seriously lacking from a legislative standpoint and we are far behind other countries when it comes to our state security.

    We are hoping in the next few years, the implementation of the Protection of Personal Information (POPI) Act raises enough awareness within companies and government departments regarding certain issues such as information monitoring and establishes practical ethical rules for them to follow and live by.

    However, in the meantime, the best rule of thumb is just to assume everything is being monitored - and work backwards from there.


    0 0
  • 08/22/13--01:55: We are hiring!
  • Telspace Systems is looking to hire security analysts in South Africa, preferably Gauteng as the office is based in JHB. The analyst should be competent in a combination of the following skills:

    Web application security, attack and penetration testing, network security, source code reviews, mobile security. Along with these tests and assessments, you'll be conducting regular security audits from both a logical/theoretical standpoint and a technical/hands-on standpoint.

    If you are interested in the below, apply via http://www.careerjunction.co.za/jobs/1545049 , email us your cv or get in touch via www.telspace.co.za !


    Tasks include:

    · Performing application penetration testing and application source code review against software applications
    · Conduct vulnerability assessments and penetration testing on Internet-facing and internal client systems
    · Exploit known and unknown vulnerabilities and discover logic flaws.
    · Document technical issues identified during security assessments.
    · Assist with building recommendations for hardening, and maintaining systems used for penetration testing
    · Research cutting edge security topics and new attack vectors

    Desired Skills & Experience:

    · At least 3 years experience as a security analyst or relevant experience as a penetration tester.
    · Good technical, analytical, interpersonal, communication and writing skills.
    · Good understanding of attack and defence techniques
    · Excellent self management skills
    · Ability to work both independently and as team lead on individual assessments.

    0 0

    Telspace Systems’ newly launched Health Check service combines various security tools and hands-on analysis to identify web application or network vulnerabilities - at more affordable rates.

    According to the company’s CEO Dino Covotsos, this service is aimed at companies that may not have an extensive budget for a full-scale assessment.

    “Our health checks are perfect for organisations that would like to improve the security of their websites or networks against potential threats, but are affected by budgetary constraints,” he says.

    Telspace Systems offers two different types of assessments as part of its health check service, namely web application health checks and network infrastructure health checks.

    The web application health checks cater for companies with smaller budgets, and are ideal for companies in need of security assessments, but without a full blackbox or whitebox application evaluation. The pricing structure is set and is the same irrespective of the size of the application.

    This service reports vulnerabilities such as Sql injection, cross-site scripting, command injection, blind command injection, local file inclusions and arbitrary file reading, remote file inclusions, remote code injection / evaluation, CRLF / HTTP header injection / response splitting, open redirection, frame Injection, and many more.

    Network infrastructure

    The network infrastructure health check is an automated vulnerability assessment tool that is priced on a per-IP basis.

    “This service is for companies that require managed vulnerability scanning to identify common vulnerabilities on their infrastructure on a month-to-month basis. It can, however, be done on a once off basis as well,” explains Covotsos.

    The company’s automated software is a combination of toolsets to provide the best possible overview of a network from a vulnerability perspective.

    Assessment deliverables include executive reports, technical reports, remediation reports, and network overview reports. PCI compliance reports can also be completed upon request.

    “Although these health checks can assist companies with some peace of mind, it is important to note that they do not act as a replacement for a full-scale web application or network infrastructure assessment,” concludes Covotsos.

    More information can be found at http://www.telspace.co.za/healthchecks.php .

    0 0

    After a successful training material revamp throughout 2013 we are happy to announce 2 new training sessions during November 2013.

    Telspace Systems will be presenting Ethical Hacking 101& Wireless Hacking 101. Both courses are intensive 2 day training courses and offer a highly practical approach to learning about the techniques and tactics used by hackers to attack your networks.

    More information can be found at http://telspace.co.za/Nov-Training.pdf


     We look forward to seeing you there!



    0 0
  • 10/03/13--01:18: Learn about hacking!
  • Telspace Systems is offering two introductory training courses later this month, namely Ethical Hacking 101 and Wireless Hacking 101 (which includes Bluetooth) for all hacking enthusiasts.

    Each comprehensive course will run over two days at the FNB Conference Centre in Sandton, Johannesburg, South Africa.

    WIRELESS HACKING 101

    Telspace’s popular Wireless Hacking 101 course will take place on the 12th and 13th of November 2013. This two-day course aims to demystify wireless network security and teach attendees how to improve wireless LAN and Bluetooth security.

    The course is divided up into theoretical and practical sections. Attendees will first obtain detailed theoretical analysis of different wireless security schemas, and then receive hands-on experience on how the attacks are performed.

    The topics to be covered in these sessions include: wireless and its use in technology, wireless protocols and architecture, network mapping and methodology for securing wireless networks, discovery of wireless networks, introduction to Bluetooth, and introduction to Bluetooth security.

    ETHICAL HACKING 101

    Telspace’s introductory Ethical Hacking course will take place between the 14th and 15th of November 2013. This comprehensive course will be taught from both a defense and attack perspective, and will address both the ethical and Black Hat viewpoints.

    The topics to be covered include: what ethical hacking is, penetration testing methodologies, information gathering, mapping vulnerabilities, social engineering, exploiting mapped vulnerabilities, privilege escalation, and maintaining access and pivoting.

    PRICING AND CONTACT DETAILS

    Each two-day course is offered at R14 000.00 excl VAT per student. Currently, we have a special offer running which includes an iPad with retina display for each student.

    For further info and bookings please visit our website (www.telspace.co.za) or contact us:

    Email: sales@telspace.co.za
    Tel: +27 11 517 1419
    Facebook: www.facebook.com/telspacesystems
    Twitter: @telspacesystems


    0 0

    Last week, hacktivist groups were seen holding worldwide protests to mark what has now become a tradition on Guy Fawkes Day.

    On November 5th, members and fans of Anonymous, WikiLeaks, The Pirate Party, Occupy Wall Street and other hacktivist movements marched on political landmarks and institutions around the world. For example, in US capitol Washington, DC, demonstrators partook in what they called the “Million Mask March” outside the White House. In the UK, actor Russell Brand became the face of the Anonymous protest, acting as leader for the revolt.

    Guy Fawkes Day commemorates the failed attempt to blow up British Parliament in 1605 - although Fawkes was not the mastermind behind the attack, he was the one holding the explosives. Anonymous begun using the Guy Fawkes mask as a symbol, which was made famous in Alan Moore's ‘V for Vendetta’ comic published in the early 1980s and subsequently made into a 2005 film adaptation.

    Anonymous has a history of conducting operations and protests on 5 November, including a threat to “kill Facebook” in 2011, and has come to use the day as a rallying call.

    On the day, Anonymous tweeted the popular Guy Fawkes commemoration rhyme, “Remember, remember the 5th of November”.

    Understandably, many political and other organisations spent the day on edge, expecting to become targets of hacktivist attacks. This was especially true for the Singapore government who had been threatened with a Nov 5 attack by Anonymous in the event that they failed to roll back regulations imposed on media publications earlier this year.

    Luckily for all, Nov 5 came and went with very little happening on the hacker front. It seems for all involved the day was more focused on peaceful protest rallies than actual damage.

    This year, it is said a total of 400 cities around the world, including Johannesburg, took part in the demonstration.



    0 0

    Wow - can you believe another year is almost over? And what a great year it has been! We at Telspace Systems saw a great many turning points this year - both for our business and for the security industry at large.

    In April, we had the successful opening of our EU offices, which took place alongside InfoSec Europe. In May, we were back on local shores in time for ITWeb’s Security Summit. In June, we moved to stylishly decorated new SA offices, personalised to our business vision and personality by Luca Designs. 

    In July, our own Charlton Smith presented a very interesting talk on steganography, which was so well-received it even appeared in Cover magazine.

    In September, we launched our first-ever Healthchecks service, catered towards smaller companies, or those with budgetary constraints. Finally, just last month, Telspace Systems introduced its Wireless Hacking 101 training course material revamp and began offering a brand new course, Ethical Hacking 101.

    Furthermore, this year saw the addition of four new employees to the Telspace team, namely Adam Hollins as Project Manager, Rhys Mossom as Security Analyst, Dimitri Fousekis as Team Leader – Security Analysts as well as a new Senior Security Analyst & Business Development Manager. 

    A huge thanks goes to the entire Telspace Systems Team for making this a year to remember. Without each of you working so hard as a family, we would not be where we are today. 
     
    Looking back, 2013 was definitely a very successful and exciting year for the company and we thank all of our loyal customers and friends who shared it with us. From the whole team at Telspace Systems, happy holidays and all the best for the New Year!
     
    To roundup the year, we have put together a list of the top 5 most prolific threats for 2013. Enjoy and stay safe.

    1.  Botnets and DDOS
    We saw many companies and government departments falling victim to DDOS attacks over the duration of 2013.

    2.   BYOD Nightmares
    Because of the explosion of “always-on” laptops, tablets and smartphones, sensitive and classified information on these devices are targets for exploitation.

    3.   Web application security issues continue
    Throughout 2013 we saw extensive issues in Web application security and attacks such as SQL injection are still very common. More complex, sophisticated attacks via Web applications are utilised to obtain confidential information such as company databases.

    4.   Zero day browser attacks, Java zero-day attacks and other client side attacks
    These types of attacks were a huge problem during 2013. Zero-day attacks have always been a massive risk to organisations, this year being a significantly bad year for many large organisations.

    5.   Ransomware
    Although ransomware is not a new attack vector, we saw a significant spike in the amount of ransomware this year. Today’s ransomware is usually conducted via poisoned Webpages, social engineering and various other methods.

    0 0

    Happy New Year everyone! To welcome in the new year, Telspace asked two of its Security Analysts what they think the top security predictions for this year are. Here are their responses:

    Dimitri Fousekis, Security Analyst / Team Lead

    1. Increase in financial security breaches

    For a while, things seemed relatively quiet on the credit card and financial data breach front. However, 2013 ended with a bang when Target was hacked and over 150 million of its clients’ credit card details were stolen. 

    I believe this trend will continue into 2014, but will take on a new approach as focus is shifted to electronic currencies such as Bitcoin. With the opening of new and more secure Bitcoin repositories (as well as insurance policies for Bitcoin), there will be increased attention from attackers. However, credit cards will definitely not escape attackers’ attention and payment gateways (such as Paypal) will come under fire as well.

    2. Backdoors and spying – let the games begin!

    With so much recent focus on the NSA and its rather questionable tactics for obtaining data, ascertaining just how far and how deep their reach goes will be highlighted in the coming year. The increased probing will no doubt reveal other spying entities and more backdoors we did not know existed, which will further pressure governments and corporates to take measures in protecting users and their data.

    Additionally, it will be the year where corporates will either begin aligning themselves with government agencies by defending them – or drawing very clear lines to distinguish themselves from them. Both strategies will yield interesting and varied results.

    3. Malware anyone?

    Malware saw its fair share of growth in 2013, but 2014 will be the year we see an increase of malware into embedded systems and consumer hardware. 

    There are already reports of malware on USB devices, SD cards, etc. and this will continue to grow this year – expanding the realm of where and how malware operates. This will be influenced by both government agency backdoors as well as by increased consumer data and credit card theft as malware moves into the retail/point-of-sale arena.

    4. The year of encryption

    Again, being driven by the global focus on government spying and countries prying into user data, 2014 will see definite changes in encryption technology, as well as where (and how) encryption is used. It will now become necessary to encrypt data that did not previously require encryption. The introduction of new methods and algorithms into the encryption realm will bode well for the security industry, but this phase will not be free of initial hiccups, resulting in the odd breach, as less mature solutions are implemented initially. Either way, 2014 will see a significant increase in how people protect their data, what data they choose to protect, and who they trust to handle it.

    5. Cloud computing – bitter, sweet, and maybe salty

    Cloud computing uptake will no doubt increase exponentially this year. The buzzword still has much life in it with regards to what it can offer and companies will drive hard to deliver cloud computing methods in 2014. However, adopting cloud systems comes with its share of obstacles - the new technology will be plagued by new privacy rules, general users will experience a lack of faith due to data being hosted in other countries and territories, and there will be a plethora of new targeted attacks as cybercriminals fight to gain access to these large repositories of profitable, centrally-stored data. 

    Rhys Mossom, Security Analyst

    1. Malware/Ransomware

    According to the McAfee Q3 Malware report 2013 there was a staggering 50 million newly identified virus signatures added to their databases. Specifically, there has been an increase in so-called Ransomware, a further rise in botnets, and a higher number of malware targeting Bitcoin wallets. 2014 will see a continued rise in malware development and detection.

    Some notable examples are:
    • Pony Botnet - Botnet and bitcoin thief
    • Prison Locker - Ransomware

    2. Mobile devices

    With the new culture of Bring Your Own Device (BYOD) comes a myriad of security concerns that are currently being faced and addressed. The RSA Europe conference last year postulated that there would be a dramatic rise in Ransomware infecting mobile phones, and a more recent announcement by McAfee reiterated this claim. 

    Additionally, companies are now faced with the problem of company personnel bringing in personal cellular access points, often bypassing company security policies and transmitting sensitive data over an unsecured, out-of-band channel. This adds to the list of vectors an attacker could pursue. 

    3. Cloud storage 

    There has been a great rise in companies opting for the use of cloud storage solutions, as they require less maintenance and generally give the impression of being more secure. However, one of the consequences of businesses moving away from centralised data storage is often that less energy is spent ensuring the client side is secure. For this reason I believe we will be seeing more attacks on both cloud storage centres, and an escalation of man-in-the-middle attacks on the client side.

    4. Irresponsible disclosure

    Within the last four years we have had some pretty notable irresponsible disclosures of vulnerabilities. Within the industry of ethical hacking and cyber security in general there is a lack of public understanding as to what ‘responsible’ disclosure should entail. To name some of the recent debacles that have resulted due to the act of irresponsible disclosure in chronological order:

    • Julian Assange – WikiLeaks
    • Edward Snowden – NSA
    • Moe1 - E-Toll System
    • A recent disclosure by a reputable firm of ethically suspect hacking ‘how-tos’ that relate directly to financial and government institutions.


    5.Greater migration of users to decentralised web content

    Even with the recent bust of Ross William Ulbricht from the infamous Silk Road (an online store where a customer would be able to trade illicit drugs globally or even hire the use of professional hitmen), the idea of a decentralised anonymous internet certainly appeals to many people and shall continue to attract illicit and depraved activity.

    Well thats it from our 2 analysts, on behalf of everyone at Telspace Systems we hope you have a great 2014 year!

    0 0

    Security cameras have been the first step of defense for many organizations, governments, school & colleges. When it comes to defending against crime. This trend has been around for many years and using a security camera is still at the top of the list.  According to research carried out by the urban institute, it shows that indeed there is a drop in the crime rates when such cameras are installed and used in the “Right way”. Now let us emphasize the words “Right Way”. Nowadays the traditional close circuit TV’s (CCTV) have been replaced by IP based security cameras and these give the great functionality of anytime anywhere viewing to its customers. While many customers may think that it is an advantage to them, it is actually of just as much benefit to those committing crime.


    Now you may wonder why we say so.


    In the case of CCTV, all the data, images etc. would remain ”secured”. Whilst on the other hand in the case of IP based cameras all the data is transmitted and available on the World Wide Web.





    Figure -1 Funny camera sticker


    It is quite easy to forget the threats that these IP based cameras could pose. A simple google search would answer all the queries regarding the threat scenario of implementing an unsecured IP based camera.


    IP based security cameras will have all the vulnerabilities that any other data networks possess. The issue arises when anyone is able to install the camera, but not everyone is aware of the vulnerabilities associated with this installation.  As these are easily available over the internet a lot of privacy issues arise and sensitive information can be accessed. Apart from these vulnerabilities, the important thing to look at is that many of these cameras run internal webservers on unsecured channels rather than a secure channel i.e. https. This enables credentials to be transmitted in clear text over the network.


    Another such issue is that these cameras also run unsecure file transfer protocol sessions instead of more secure sessions i.e. SSH. Running a secure session would enable image transfer between the client and the server in an encrypted format. However, in most cases the data is not encrypted and is sent over LAN, MAN or WAN, where unauthorized users can gain access to sensitive information pertaining to the organization. This information that is collected can then be used to attack more networks in the organization.


    This unauthorized access to cameras is useful for people who are interested in cam spying. The manufactures of cameras use a consistent URL string to access the camera, therefore, allowing anyone with capabilities of using google the ability to access them. If you Google “inurl :/view/index.shtml” you will find thousands of such insecure IP based camera. If you are unaware of the search terms to use there are several websites available that already have a list of terms that can be used.


    The criminals can watch all these while sitting in a coffee shop or sitting in their living room. They would have ample time to plan their attack and take notes regarding the layout, dimensions, etc. What is even scarier is that most of these cameras have features such as pan and tilt which aid the criminal in pointing towards a specific location and gathering more detailed information regarding the location. These can also be used to divert the camera view to another location when an attack is being performed.



    Figure-2 Camera in office.
          

     Figure-3 Camera in a zoo.


    As this information is available from a simple google search. Business entities have a legal and ethical responsibility of not exposing access to such data to the public. Thus, the entities should take measures on implementing a security procedure. These procedures should focus on areas such as: only authorized personnel are allowed to have access to the data that is on the server.


    Also as pointed out earlier one of the problems is the level of knowledge of the person installing the surveillance equipment. All such equipment has built in password functionality and some of the more advanced equipment have facilities such as data encryption. It is the responsibility of the entities to research and select the equipment which is best suited to the organization according to their needs. Selecting the equipment is only half the job, as the organization / installation company with proper installation knowledge is the other half of the job that needs to be verified.


    The installer who generally has limited knowledge will install a system with all the default settings or will leave a weak password i.e. less than 8 characters and not having upper, lower and special characters. Again by this we return to the point originally raised i.e. “Right way” of installation. The installation of such devices has to be combined with network security in order to truly secure the business.


    That’s it for the first part of this blog spot in the second part we would be diving into detailed as to how network intrusion is to be prevented from such devices.                                                               




older | 1 | (Page 2) | 3 | newer