2008 the insecurity of finance and IT

Norms are for those you believe in them, and the same counts for the results of the audits that are based on them. Meanwhile incidents show us now and than that the finance industry is no different from others and that much work still needs to be done, financial crisis or not.

16/10/08 16:22 US SEC didn't in fact do its job : oversight and control 
30/09/08 15:00 ING online banking was open for creating any new account on the account of anyone 
10/04/08 22:29 Brussels Financial Crime Section is a Titanic of paper 
10/04/08 22:01 Auditors are there for the show..... 
01/02/08 23:12 Beurs.nl geeft soms om technische reden verkeerde informatie
25/01/08 13:59 3 thoughts about Risk and 5 billion Euro's lost 
18/07/08 10:48 Has Fortis bought an online not so secure bank (ABN-AMRO) 
26/10/08 22:43 combatting insider misuse 
26/02/08 23:06 insider threat : the Liechtenstein question 
15/10/08 14:18 World bank has no clue about its Itsecurity
30/10/08 09:58 Why banks don't care enough about esecurity 
19/10/08 23:33 If the online bank account of the French president ain't safe.... 
18/10/08 00:07 5000 ebay logins found on a list 
16/10/08 14:30 Electronic Money : Europe sets new rules
16/10/08 13:52 Belgium didn't implement European anti moneylaundering rules 
17/08/08 10:45 BelsecTV how criminals steal money online 
08/08/08 01:16 Master site of supposed Olympic Ticket Fraud operation still up 
08/08/08 00:58 the Olympic ticket fraud story, some interesting aspects 1
03/06/08 09:18 Even with paypal you should control the amount
28/05/08 23:50 There was control but also too much trust (Societe General) 
25/04/08 00:07 Jerome Kerviel, the biggest fraudulent speculator alltimes has an IT job 
28/05/08 15:37 Belgian .be fraudulent escrow sites - important for shoppers 
31/01/08 12:45 WebTrader the old label still lives on 
27/11/08 09:18 Belgian journalist buys Belgian VISAcard information on the internet
15/10/08 12:25 FBI set up its own carding sites 
15/10/08 11:08 Chinese made credit card readers are in fact sometimes skimmers
17/07/08 16:42 Carding sites come and go (reality check)

Permalink | |  Print |  Facebook | | | | Pin it! |

2008 breaking the encryption protection

At one side encryption is becoming ever more important and at the other side the cybercriminals find breaking it ever more important. So there is a ratrace that in 2008 gave way to some discoveries and thoughts that made many people work very hard in the ITsecurity business. You should nowadays give much more attention to the quality of your encryption and your certifications.

21/11/08 09:15 why certification of PDF files is important
15/10/08 10:37 the arms race between encryptors and crackers
15/10/08 09:57 Tokenattacks possible against IIS with full rights
14/10/08 16:09 Token insecurity : and you thought that tokenbased security was full secure ? 
15/09/08 11:58 ADrive online free and commercial filehosting firm has bad Debian SSL keys
09/08/08 10:45 BelsecTV The cold boot encryption attack
09/08/08 03:11 BelsecTV advances in Encryption 
21/03/08 17:00 exclusive : prepubliciaton SSL inSecurity in .be domain an eyeopener 
28/02/08 11:36 How are the encryption vendors reacting to the bypass before we throw their software out ? 
28/08/08 14:20 ALERT from CERT about Linux and stolen SSH keys 
16/05/08 11:35 UPDATE If you have a DEBIAN or UBUNTU and SSH upgrade NOW 
19/06/08 12:32 Debian and openSSL communities clash over bug
19/06/08 12:28 Find vulnerable openSSL debian servers 
19/06/08 12:07 The forgotten story ; TOR is hard hit by OpenSSL attack
19/06/08 11:55 Upgrade for free your vulnerable Debian SSL keys 
30/05/08 11:10 Belgium.be is not vulnerable anymore for SSL based attacks 


Permalink | |  Print |  Facebook | | | | Pin it! |

2008 some hickups we discovered

By surfing around we found or received some hiccups that we published.

27/11/08 12:03 joke : lijit wanted to add hacked sites to my blogroll 
26/11/08 16:03 sans gives us a peep in the structure of its website 
26/11/08 16:04 European online library look at my hype, not my infrastructure 
22/10/08 09:46 Oracle worst practices (very nice presentation)
21/10/08 13:09 some strange firefox images 
20/10/08 14:49 small mistakes can cost billions 
09/10/08 10:03 De Financieel Economische Tijd spreekt even Frans 
01/10/08 00:02 scientology site hosted on porn server 
10/09/08 09:25 Microsoft patch update alert newsletter and 404
09/09/08 17:05 some fgov.be errorpages I would have a look at
31/08/08 12:45 Hearings of US congress committee going back in time (funny) 
19/07/08 22:13 Google Adsense site is down 

Permalink | |  Print |  Facebook | | | | Pin it! |

2008 some of the general security-alerts we published

30/10/08 11:28 Will the new java update clean up the java install mess 
20/12/08 17:12 Samsung SPF-85H 8-Inch Digital Photo Frames infected with virus
19/12/08 19:55 IE exploit now hidden in WORD documents 
18/12/08 13:05 IE exploit new attack sites to block 
18/12/08 11:31 Patch your Internet Explorer NOW 
11/11/08 15:24 SAP under zeroday exploit attack ?
03/12/08 13:43 facebook getting killed by embeds
03/12/08 13:37 Facebook is a victim of cross domain defense 
10/11/08 16:18 Alert Fake version Wordpress being installed 
10/11/08 16:13 block these malware sites against the new wave of infections
08/11/08 15:32 steroids spam : how to know if your site is infected
12/11/08 12:50 Adobe security central is found (but is was deeply hidden) 
12/11/08 09:16 Security reserachers have a contact problem with ADOBE 
21/10/08 14:03 Some sites to block
21/10/08 13:35 Stormbot 200.000 IP adresses to check in one list
15/10/08 12:57 Flash cookies are traces that are (not so) hard to remove (if you know how)
09/10/08 14:11 clickjacking flash : how to protect yourself for the moment 
15/09/08 15:55 hacking Parallels Plesk Control Panel in the works 
15/10/08 17:44 sandboxes tested as temporary solution
15/10/08 12:13 Your antivirus is not a protection against exploits 
14/10/08 12:38 From antivirus to integrated security but it is patchwork
09/10/08 12:32 Neosploit mass FTP exploitation control your domain
09/10/08 12:03 Contest : analyze this piece of malware
1/10/08 00:09 Infected MP3 files are really trojans
30/09/08 13:00 Block AMD overclocking utility in your enterprise
30/09/08 14:08 never has there been so many viruses unlashed on the internet in august and september shows no sign of changing that trend 
30/08/08 10:45 blocklist pcprivacycleaner rogue securityware 
02/06/08 10:09 Pokergame PKR steals your Microsoft licence numbers 
24/05/08 23:35 What an attacked blogger can do
24/05/08 23:28 What firms with vulnerable networks should do 
13/05/08 11:22 Just for fun : who can find the new 0day exploit here ?
13/05/08 10:16 Yahoo and siteadvisor block something but what exactly ? 
13/05/08 09:44 major dropserver for crimeware found - European services were also hacked
09/05/08 18:45 domainnames that last month were many times found in malware 
30/04/08 09:58 Thousands need to update Wordpress (again)
30/04/08 09:33 Confusing indications of what is adware, malware and spyware in share and freeware
29/04/08 17:11 How do you recognize links to hacked Wordpress blogs 
18/04/08 17:01 This seems a useful virus 
18/04/08 12:40 SEO hackers attack each other with DDOS and the whitehouse.gov got some of it 
11/04/08 11:13 Attack code against Microsoft vulnerability is a real secret zero day
11/04/08 10:04 ALERT : PATCH OR DIE (or use it to test your response capabilities)
10/04/08 20:38 Test your security : does this hacked page do something to your computer
09/04/08 17:18 Microsoft pre-alert patch page outage
29/02/08 08:34 Today is the 29th or leap bug crash day for some
24/02/08 23:11 Security warning for VMWare on windows
18/01/08 14:22 Excell files : be careful for the moment
05/01/08 10:00 You need a mediaplayer policy for your network
03/01/08 16:41 Flash alert : stay tuned if you use Flash
15/10/08 10:20 PDF hacking : Use 3 ways to download malware
29/08/08 09:15 Do not install zango (even if you are promised free copyrighted films) 
20/08/08 15:09 undetected virus blocklist here 
16/08/08 20:26 Patch Drupal or your drupal site will be attacking your visitors
14/08/08 10:25 Are the email viruses with attachments back 
13/08/08 10:08 Some tricks against malicious Office files 
10/08/08 18:19 Yahoo blocking pages it seems dangerous 
06/08/08 13:09 how do make sense out of this ? securitylevel warnings 
05/08/08 13:41 Fake flash player downloads alert 
16/07/08 11:47 Google warns for dangerous modules 
14/07/08 15:40 New list of infectioni bogus securitysoftware sites
11/07/08 00:36 problems with dns resolution after the patch and future security problems 
18/06/08 17:03 ultimatebet.com had bad code on its servers
16/06/08 10:51 Will Google Block Hacked sites altogether 
11/06/08 11:38 100 online backup services (of which COMBELL) are maybe vulnerable to attacks 
09/06/08 14:45 Test your Wordpress Blog on vulnerabilities the secure way 
09/06/08 12:12 Even big security vendors can be 'owned' by XSS 
06/06/08 17:23 The blackmail encryptors GPcode are back again 
06/06/08 14:09 SKYPE must be upgraded 

Permalink | |  Print |  Facebook | | | | Pin it! |

2008 and porn and sex

It could be out of frustration but the ITsecurity activists are trying to use childporn as an argument to get the normal ITsecurity controls in place. Nobody is for childporn, so they think that this will make it easier. This is even easier as it becomes clear that normal porn galleries and sites are being infiltrated by amateur pics of underage girls (thanks to the phonecam and very small cams). It all gets very quick out of proportion and if we don't watch out, this discussion will end up with solutions nobody likes.
22/10/08 11:18 Proposition to withhold creditcards of kiddieporn buyers is not without risk
20/10/08 14:41 Australia can get what was planned in Belgium
15/10/08 17:17 Australian blockedout internet access - after Chinese help for Austrialians
21/03/08 16:20 These belgian forums have childpornlinks - liste 1
21/03/08 14:08 Child Porn on belgian forums this is what you get
20/03/08 13:42 NRCV has porn and it makes news but in Belgium even governmental sites are full of porn
10/11/08 11:25 children and online prostitution and chat (and laughs)
11/07/08 15:18 stopping child porn, the showbusiness of ITsecurity
30/09/08 13:11 Download 6 chapters of Access Denied, about internetfiltering
16/07/08 11:54 what happens if you let your service be invaded by porn and other stuff like that
16/07/08 10:08 yahoo pipes infiltrated by porn gadgets

Permalink | |  Print |  Facebook | | | | Pin it! |

2008 and physical IT security

It is all good and well to control code and access to information and rights but in the end it is only hardware that uses electricity that finds itself in a location. So you will always have to keep in mind that electricity, water and fire to name a few are being monitored, prevented and that you have back-up plans. You can't suppose to have always electricity.

14/08/08 09:30 BelsecTV forecasting Spaceweather (disturbs GPS)
14/08/08 08:33 weatherinfo is also important for datacenters
24/06/08 09:08 Lightening storm in California is responsable for 800 fires
05/08/08 16:54 Why an internal energy policy for your enterprise is the same as an ITsecurity policy
22/12/08 12:50 cloud computing is not in the cloud, it is in the electricity grid
19/12/08 19:51 internet traffic can be slower cables are cut 
14/10/08 16:59 US Blackout in 2009 ? Again. 
25/03/08 23:07 Fire in main Belgian trainstation and security
13/02/08 16:44 European Commission 20 minutes without electricity
04/06/08 14:30 Fire : are you ready ? or your host ?
24/04/08 13:32 how well is your door locked 
12/04/08 21:35 Netbotz are not only for computerrooms but need to advance faster 
20/08/08 14:33 Stedelijke noodplannen eindelijk in gang gezet
07/06/08 01:37 Water in computer makes stealth bomber of 1.4 billion $ crash (video)

Permalink | |  Print |  Facebook | | | | Pin it! |

2008 and networksecurity

2008 was also a year of the network security in its most technical and basic form. One developed an exploit to get the DDOS back to only 9 pings to bring a networked device (router, server) but we have to see any use of it yet, while another went even more upstream and attacked the BGP infrastructure.

Closer to home was the discovery of a letter by Belgacom to their clients that there wireless routers were abused or was there something else at play. Another proof that Belsec can start interesting ITsecurity discussions. :)

11/11/08 10:57 Some open VDSL routers in Google - are they secured ? 
15/10/08 14:05 unsecure wireless routers give many possibilities 
14/07/08 15:56 A botnet of zombie-TV's ? 
10/04/08 22:18 Belgian Wardriver being arrested for wifipicking 
25/03/08 15:46 Belgacom Router in DDOS blacklist 
20/02/08 13:14 Wireless routers have also their month of attack 
19/06/08 09:16 Will Belgacom do what ISP Virgin is doing ?
11/06/08 16:10 Belgacom won't prosecute the account thiefs
11/06/08 12:55 Belgacom ADSL clients breach article gets UK press
10/06/08 15:25 Exclusive 2000 ADSL accounts were compromised by Belgian Download Thiefs
05/06/08 12:26 Did you forget about your routers ? 
28/08/08 15:57 some insider 'BGP flaw' reflections 
28/08/08 13:37 BGP crisis, ASN identification and the future of cyberwar 
20/10/08 11:25 TCP/IP Flaw US DHS strategy (2006) for securing the internet protocols
20/10/08 11:13 TCP/IP flaw Good document about security of the internet protocol
01/10/08 23:40 TCP/IP Flaw : the presentation they already gave
01/10/08 15:19 Major update 2 TCP/IP Attack flaw : the info between the echo-storm


Permalink | |  Print |  Facebook | | | | Pin it! |

2008 Belgium and private emails in the public

2008 can be called for Belgium the year that the security of email went high up the agenda. No private or public institution can have a security policy in 2009 and not have put the legal and infrastructure planning in place to protect emails and to be able to find emails afterwards if a there is a legal question for them.

18/12/08 09:40 another forensic proof in the Leterme saga 
18/12/08 09:29 the most stupid letter Leterme ever wrote 
18/12/08 09:12 what a difference a (black)mail makes.... (Leterme)
18/12/08 08:51 Belgium needs an emailarchiving law 
18/12/08 08:39 Why Obama should learn from Leterme and throw away his blackberry 
26/11/08 15:51 wrong message about trial about dismissal for private emailuse 
06/11/08 11:24 secure email is in text format not html 
22/10/08 09:17 Policemen and email, can they ever trust their mail again 
21/10/08 14:31 Google as perfect anonymous emailer and how to block it
20/10/08 10:04 personal emails from Belgian police Human resources procedures still circulating 
16/10/08 17:52 List hacked 9600 emailaccounts (also Belgian .be) 
15/10/08 08:51 Belgian Miss Beauty and emailpolicy
14/10/08 17:25 One Belgian hotmail account hacked : thousands others 
30/09/08 23:49 hacked mailbox of Venezuelan Embassador 
26/09/08 12:57 e-land archive : emailarchivering steeds belangrijker
26/09/08 12:56 E-land archive Geen e-discovery bij onderzoeken Commitee P
26/09/08 12:42 lessen uit het emailschandaal van Minister Dewael 
25/09/08 11:06 the stupidity of putting everything on email
24/09/08 23:50 E-discovery, belgische politie en comité P
22/09/08 22:55 some proxy services not that anonymous (Palin hack)
22/09/08 12:37 Updates on Wikileaks : Palin mail and Intel patents
12/02/08 13:21 Kill your own business with an email 

Permalink | |  Print |  Facebook | | | | Pin it! |

2008 and spam

Spam is here to stay and we will have to learn to live with the ever changing tactics of the spammers. There were some arrests and take-downs that made a difference for a while but as long as there is money to be made by people who will believe anything, there will be lots of spam.

It is also important that your mailserver, ISP or domain isn't blacklisted because of an infection or overview because returning to normal ain't that simple.

01/12/08 09:54 one Rogue ISP take down makes the whole internet a safer place (spam) 
30/10/08 11:07 Documents 2008 Conference on Email and Anti-Spam
30/10/08 11:03 How ISP's and mailservers can stop the top botnet spammers 
30/10/08 17:31 personal website of liberal politician blocked as spam/malware site 
28/01/08 12:00 Quarantined Belgian .be domains already used by spammers
01/12/08 10:05 2 telenet mailservers are malware distributors
01/12/08 10:00 Skynet uses SPF for its mailservers, telenet doesn't (yet?) 
15/10/08 13:31 Major Spammers are not these poor kids 
09/10/08 13:03 Spammers use receipt and opt-out messages
12/09/08 13:15 captcha's skynetblogs are broken in 18 seconds 
16/08/08 21:08 IBM report on spam shows some interesting trends 
11/07/08 08:48 Not much success for European spotspam project
10/07/08 13:22 Spamlevel didn't change much in two years 
13/05/08 13:54 ABconcerts.be is according to Yahoo a spammer 
12/02/08 09:44 Mailserver of WIN (Belgacom) for Walloon schools blacklisted as virus/spamserver
12/02/08 09:34 Telenet Mailserver used for spamoperations 
12/02/08 10:49 What does the honeypot project show us about mailservers ? 
12/02/08 08:57 If Belgians ISP's filter so well, than why this result ? 

Permalink | |  Print |  Facebook | | | | Pin it! |

2008 Rogue domainregistrars, ISP's and boycots

2008 showed us that once in a while the security community could have big wins, for a while, by blocking or ending any connection with rogue ISP's or registrars. It seems to be an important step forwards as it can be used to pressure others to clean up their act before the same would happen to them.

08/11/08 16:25 domainregistrars that have dubious addresses 
30/10/08 11:46 Estdomain is still a .eu domain registrar 
30/10/08 10:42 privacyprotect in Whois is cleaning up its act
30/10/08 10:35 Estdomains will lose it rights to sell .eu domains now ICANN has thrown them out ?
12/08/08 14:02 let the chaos of domain extensions begin 
14/07/08 13:03 Council of Europe will meet in October to meet next international conference on Internet Governance 
14/07/08 15:08 Does anyone know these spook registrars ? Not registered with ICANN 
14/07/08 15:30 better than privacyprotect for spooky domain owners 
18/06/08 16:53 privacyprotect.org protects the identity of malware 

Permalink | |  Print |  Facebook | | | | Pin it! |

2008 dns attacks and patches

DNS is just a bunch of code like any other code and so it has to be upgraded and patched from time to time, especially if one finds a bug that let any crook change the IP of any domainname in 9 second without being noticed.

It is just remarkable that in Belgium the DNS servers of the ISP's were only patched after being pushed to do it by a Belgian webforum that listed the Belgian non-patched DNS servers.

27/11/08 13:02 after DNS flux to protect botnets, here comes domainflux 
27/11/08 12:55 rogue dns servers for typos are in the Ukraine
09/10/08 14:13 Tool to poison non-patched DNS servers for any other messy upgrade process 
11/08/08 13:52 DNS reminder if you don't patch your BIND DNS server, you are very vulnerable 
10/08/08 20:16 Even patched DNS servers can now be poisoned in one night by one machine
10/08/08 10:45 BelsecTV Dan Kaminsky on the DNS bug
08/08/08 17:44 Dns servers from many Belgian Cities are hackable
07/08/08 14:54 You have to patch your DNS servers now if you didn't do it and secure them
06/06/08 15:33 is Networksolutions vulnerable for domain impersonation attacks ?
02/08/08 02:40 Belgacom DNS servers are hackable ?
06/06/08 15:16 Comcast and hackers fighting for hours to get control over their domains
28/05/08 13:08 Search the database of fastflux DNS networks 

Permalink | |  Print |  Facebook | | | | Pin it! |

2008 and typosquatting

Typosquatting is something that some people on belsec have already been battling for years and it seems that in 2009 one can really start a clean-up operation on the .be domainspace. Meanwhile in 2008 we published some articles with information and tips and comments.

08 12:31 Google income threatened by typosquatting courtcase
29/05/08 17:09 online typosquat testforms are not complete 
29/05/08 08:46 Belgian national egov portal name typosquatted with number 
22/05/08 11:55 DNS helps typosquatters again 
27/03/08 00:00 typosquatters of .be domains still parking their stuff 

Permalink | |  Print |  Facebook | | | | Pin it! |

belsec dns.be and belsec

The good news in 2008 was that IDN won't be used in the .be domainspace, but for the rest there rest a whole lot of things to be done for that the .be domainspace would become safe enough to love it the way we love security.

01/12/08 09:49 the positive effects of ending domaintasting
26/11/08 16:46 the belgian at resellerclub who took over malwaredomainprovider estdomains portofolio 
30/10/08 11:45 what can be done for Eu should be possible for .be 
06/08/08 16:10 Belgian interest in the new domain extensions
12/07/08 16:56 New Danish domainoperator opens its doors to the whole internet community
11/07/08 11:06 DNS servers should also support dns-txt
09/07/08 23:51 dns.be won't use IDN for domainnames
24/06/08 12:07 ICANN may set domainnames free, here comes flanders
23/06/08 16:27 Eu domain is not really growing 
19/06/08 13:25 Big Verisign DNSsec and IPv6 Titan Project coming to Brussels
19/06/08 11:40 Hongkong cleans up its domain (and we ?) 
07/06/08 00:14 Belgian Press agency Belga misreads McAfee domain report
05/06/08 10:21 .be domain is still a dangereous domain according to Mc Afee
05/06/08 09:35 the internet will be conglomeratized in 2012 according to these Belgians
28/05/08 23:38 Register your telephone number as your .be domainname - if someone else didn't before you....
28/05/08 23:32 Mathematical funny question with new .be domainnames
28/05/08 14:23 Why DNS and domainextension operators should have active policies against abuse and spammers
25/03/08 22:57 Fraud domains for sale in .be domains 
14/03/08 13:12 Belgian hosters for international domain names
09/03/08 16:05 DNS.Be protects the identity of squatters and spoofers
31/01/08 09:43 New phishing tactic used against DNS.Be register process
31/01/08 10:46 DNS.be didn't but we found bank17.Be on dns.be 

Permalink | |  Print |  Facebook | | | | Pin it! |

2008, risk and financial crisis

As risk managers in IT we are reading news about a crisis differently and find some details more important than others. So when the financial crisis broke out, we could only be amazed by the lack of investigative journalism and crisiscommunication and while the crisis developed we were even more amazed about the absence of risk appraisal. They were playing with others people money in a way that we wouldn't play with our own.

18/12/08 12:47 Madoff, trust and control 
09/10/08 12:47 Fortis sold to save Dexia for political reasons 
14/10/08 16:52 Worse financial crisis than subprime to come ? credit cards defaults. 
08/10/08 14:47 Better European regulation of Internet banks now
08/10/08 11:42 Run on Dexia bank was underway - and why trust didn't come home
08/10/08 09:28 So many financial punks
07/10/08 14:19 BNP PARIBAS is a regular phishing victim with less security than Fortis 
09/10/08 11:50 Fortis and insider trading ? 
09/10/08 09:12 Dexia US stock investor Ackman speculation on defaulting 
30/09/08 15:27 De steunfortis site, heb burgerzin met uw geld 
30/09/08 11:09 and if I were now to hack a financial news site
30/09/08 11:06 Is this the start of the end of the end for Fortis ? 
24/09/08 09:53 Can the big European banks be saved
22/09/08 22:39 Are European Banks in danger ?
22/09/08 08:24 Fortis geeft toe dat het te laat heeft gereageerd op koersmanipulatie per spam
28/09/08 23:31 Is Fortis speculation a dump and jump scam ?
28/09/08 11:56 Fortis gone, who is next ? (read the study)
26/09/08 20:09 A fortis reminder for the weekend
26/09/08 20:04 Ex Fortis CEO was once a celebrated figure in Belgium
26/09/08 14:39 the problems of a bank up against Doomberg thinking
26/09/08 14:07 Belgian government acts and reacts on financial crisis
26/09/08 12:54 E-land archive Belgisch online bankieren en risico 
26/09/08 12:48 Fortis the story of the day 
26/09/08 01:04 this sounds familiar, in belgium ?
26/09/08 00:58 the weekend of all dangers and it ain't a film
25/09/08 23:08 High time for belgian/european stock/financial authorities to react

Permalink | |  Print |  Facebook | | | | Pin it! |

Free books and courses in 2008

These are the links to free books and courses that we have published on this blog, even if most are now published in the links on furl next to this blog.

23/12/08 00:21 christmas 1500 books to download from scribd
12/11/08 10:30 Complete cheat sheet collection to download 
11/11/08 10:04 birthdaylink : where to get ebooks
11/11/08 09:46 Free courses on the web, organised 
15/10/08 14:21 Free magazine Uninformed Nr 10 
30/09/08 12:21 Attention to all report and presentation writers : get back to text please 
24/06/08 12:27 Free ebook about public and expert opinion research tools
17/08/08 16:45 The art of war : interesting read ? 
05/08/08 15:55 Some MIT open Courses for summer study
20/06/08 08:29 Cursus besturingssystemen 
20/06/08 08:27 Cursus Veilige software door Prof Naessens (Belgische EID studie)
20/06/08 08:26 developing secure software applications by Frank Piessens
03/01/08 11:01 How the US army discusses and trains about cybercrime
21/11/08 16:15 proceeding LISA Large Installed System Administration Congress 
26/10/08 22:36 European Report on internet traffic 
20/10/08 10:34 Cyber threats 2009 report 
16/10/08 12:38 Presentations European conference on the Internet of things (RFID) 6/7 october 08
16/10/08 12:16 SOA security : interesting working group in UK
25/09/08 16:35 PEW study about internet and work in the US, very interesting study
12/09/08 09:54 NIST publishes free guide for information security and risk categorisation
12/09/08 09:45 CIS tries to define global security metrics
12/09/08 17:11 New good document about dataprotection for ITsecurity people
11/09/08 13:35 transatlantic consumer organisations and interoperability and open software standards 
20/01/08 11:30 Interesting documents from BCIE.Be Belgian experts forensics

Permalink | |  Print |  Facebook | | | | Pin it! |

2008 the arrival of ehealth in Belgium

In June the parliament discussed and finally approved the e-health proposal on the basis of faith in the people responsable for the project. As we don't have faith but just want to see the facts, we studied it and had some attention for the subject. I am sure that we will have more attention for it in 2009 as this is a very important subject.

16/10/08 16:48 KUL Leuven and the TAS3 EU project (ehealth) 
13/08/08 10:17 Medical ID theft in the US from test to reality (and Belgium)
07/08/08 23:23 Belgian Ehealth has no Privacy culture or awareness 
24/06/08 09:56 3 bedenkingen bij het Ehealth platform voorstel 


Permalink | |  Print |  Facebook | | | | Pin it! |

2008 phishing in Belgium

We also follow closely the phishing in Belgium, new techologies and the possibilities of protecting people by getting those sites noticed or taken out before they try to login.

21/12/08 00:09 msntracer.eu is a phishing server according to phishtank
21/12/08 00:06 cnes.be used as phishing server 
03/12/08 11:30 .be domain used by Rock gang to place phishing pages
11/11/08 13:46 how we found these astonishing new Belgian hacked sites used for phishing 
27/11/08 09:01 zwemvereniginglier.be AGAIN used for phishing
24/11/08 12:23 phishing tegen Scarlet klanten
10/11/08 12:18 blocklist : fake antivirus and socialwebsite login phishing sites (with photojoke)
29/10/08 17:13 Belgian phishing hosters : hostbasket, schendom Europe, Teledis, behostings and ulg.ac.be 
27/10/08 12:13 many bank and phished sites in top malware serving list
26/10/08 23:33 salsabruxelles hacked for phishing
26/10/08 23:27 vietnamese domain hosting hundreds of phishing sites
26/10/08 23:20 parked .be domain consc-fr.be used for phishing ebay
26/10/08 23:10 Belgian site hacked and used as a phish site 
21/10/08 17:28 tk free domain used by phishers 
16/09/08 12:38 Some articles about anti-phishing 
30/08/08 11:00 Belgium has still some anti-phishing work to do 
29/08/08 09:33 internal phishpage by changing the external links on the site
06/08/08 10:15 phishing or pharming taxonweb.be the final shootdown
18/06/08 15:24 Make your own NMBS railticket site
17/06/08 15:18 What do you have against taxonweb ?
17/06/08 14:49 confuse people about taxonweb domains ? it is easy (kinderspel)
17/06/08 01:28 Typosquatting taxonweb is childplay (kinderspel) 
16/06/08 23:39 phishing a fgov.be change loginsite is childsplay (kinderspel)
11/06/08 13:52 Make your own phishing site part 1 
06/06/08 12:10 Can ebanking client software resist the tests of a security researcher ?
05/06/08 11:57 Next phishing victims : domain owners
05/06/08 11:25 SMS vishing and SMS spamming coming together
28/05/08 23:19 Official RSA numbers about Belgian hosts of Phishing sites (last 6 months)
22/05/08 10:24 Top 10 phishers april 2008 according to phishtank.com
17/04/08 23:31 altervista.org is a heaven for phishing
11/04/08 12:51 Phishers attack ISA server to place phishing sites on servers
11/04/08 14:11 Some .be sites used for phishing attacks
29/03/08 21:36 Belgian sites now used for phishing operations
26/03/08 15:44 Atos Banksys time-attacked itself 
20/03/08 13:46 The biggest Belgian Bankhackers were using simple keyloggers 
14/03/08 12:48 This is how simple it is to copy and paste Bank of the post 
13/03/08 12:57 About dns.be, bpo-banking (bank van de post) and phishers
13/03/08 12:36 Domainsellers make it phishers too simple
13/03/08 10:18 Our bank of the Post is AGAIN a victim of phishing
19/02/08 09:59 Another way how banks make it easy for phishers
19/02/08 09:36 5 minutes does it take to bring down a phished website
18/02/08 13:09 How banks are making it easy for phishers
18/02/08 13:01 One way for a bank to discover phishing sites
15/02/08 11:26 phishste active on smsonweb.be 
15/02/08 09:15 Security of Belgian banks between hype and fear
12/02/08 09:10 This .BE phish site is still up since second of february 
01/02/08 16:29 These .be and altervista.org domains are being used as phishing sites NOW
27/01/08 15:28 The most dangerous phishing hosts in Belgium
18/01/08 12:56 Example of SMS phishing

Permalink | |  Print |  Facebook | | | | Pin it! |

2008 Belgium and Terrorism

As securitypeople we are in the first place securitypeople, our instincts and reflexes are security. Our mind and thinking is drilled for security and this is no different for IT as for physical security and terrorism. In 2008 we had first the debate over the high level security-alert in Brussels and the surprise of the arrest of a (double ?) agent/terrorist in Maroc. There were different antiterrorist sweeps and arrests but some important online terroristpropaganda sites where Belgians were involved stayed too long online. We also published some other terrorist news and views.

We hope that in 2009 they will continue the difficult work of being first and not cleaning up a mess afterwards.
27/11/08 12:21 terrorisme, what a difference a day makes
27/11/08 12:15 a sad day today even if the people of mumbai are far away
27/11/08 12:02 second important lessons for anti terrorist operation centers from the terrorist campaign going on in India
27/11/08 10:14 first lesson from India terrorist campaign still on-going
27/11/08 09:21 Anti terrorism sweeps under way in Belgium
27/11/08 08:43 heightened terror awareness in Brussels ?
10/08/08 19:16 The anthrax propaganda seen backwards .... 
05/08/08 11:26 have family fighting in Afghanistan now
05/08/08 12:32 Who is where in Afghanistan ? Belgians not to be seen even if 
24/06/08 13:31 Iraq statistics : but are they reality
18/06/08 15:52 The afghan war on terrorism and Taliban is war 
06/06/08 00:27 Liberated CCC terrorists arrested again in Belgium (video
30/05/08 21:09 who is financing this Belgian terrorist website ?
30/05/08 20:31 Our main Belgian Islamic terrorist site 
30/05/08 20:15 Not all free fileshare services delete terrorist propaganda 
20/05/08 00:25 Belgium escapes another terrorist campaign
29/04/08 13:21 Verviers again called a terrorist center or not ? 
25/04/08 12:25 Nearly 1 million people on the US terrorist watch list 
21/04/08 16:53 Belgium is a safe haven for the Muslim Brotherhood ? 
18/04/08 14:43 Belgium needs elite troopers fast 
10/04/08 22:42 Belgian Boring Bin Laden not send to guantanamo 
09/04/08 15:10 Belgian passports usable for terrorist bombs ?
02/04/08 22:49 A history of Belgian/french weapon dealing is standing trial 
14/03/08 23:28 Joke of the day : superterrorist smuggled weapons in.... 
13/03/08 14:21 Our superterrorist spyringmaster looks like Inspector Clouseau 
07/03/08 13:18 The most intriguing and biggest terorist case ever in Belgium 
26/02/08 12:55 3 million documents scanned of an investigation and still no solution 
18/02/08 09:34 Belgian's darkest postwar years back into the news 
04/02/08 13:32 Gladio receives still 400.00 Euro's a year in Holland
20/01/08 16:17 Video : unmanned aircraft or drones 
09/01/08 21:15 National Center for the Analysis of Terrorism Threat OCAD blasted again 
08/01/08 09:53 Introductory documents for the study of AL Qaida and consorts
04/01/08 11:28 Terror alert Brussels : Going to normal

Permalink | |  Print |  Facebook | | | | Pin it! |

2008 hacking the .be domain

Belsec is monitoring the hacking of the .be domain because it is a domainextension that falls under Belgian law and therefor is quite easy to follow up on.

Not that the .be domainextension is hacked more or less than others, but it is important that hacked domains are cleaned up again and secured before going online. This was not always the case. Also being hacked is a reminder that security is a situation that changes permanently and that you can never say that you are secure. It is therefor amusing to see that big sites, webshops, hosters and ITcompanies with a lot of publicity on their frontpage have new pages added that show a totally different image. Even more if those pages stay online for weeks or months afterwards, even if they are published here.

28/12/08 03:04 hacking attacks may increase 
22/12/08 10:23 .be hacked websites 
28/12/08 02:57 castle cops volunteers go away 
20/12/08 17:08 .be sites hacked 
20/12/08 17:05 cpas Fleron website hacked 
19/12/08 22:41 .be hacked websites liste No1
18/12/08 10:47 landbouwkrediet hack : you were running vulnerable services
18/12/08 10:17 Lanbouwkrediet online banking hack : online information stealing
18/12/08 09:44 some more .be sites hacked 
01/12/08 00:56 Still hacked Belgian Sites - part 1 (clean it up) 
26/11/08 16:08 hack of the day onlinekranten.be 
27/11/08 09:33 .be hacked sites for today
24/11/08 12:05 50+ Belgian sites hacked over the weekend (FDF and mayor of Bruges) 
26/10/08 22:33 Belgian hacked sites list (more than normal on 1 day) 
21/10/08 23:56 new Belgian hacked sites 
30/09/08 15:39 Hacked site secretary of state Chastel and Suez : 10 long days 
26/09/08 12:53 E-land archive er zijn gehackte en gehackte sites 
15/09/08 23:12 hacked official site of the European initiatives
20/11/08 22:37 Fedis.be hacked again 
20/11/08 22:32 .be hacking campaign gets a server down 
11/11/08 11:15 someone hacked some .be online trust 
05/11/08 13:32 .be hacked today : some supported by flemish government 
30/10/08 00:10 Belgian hacked .be websites for today 
21/10/08 14:27 Website of Chastell (secretary of state) fixed, Suez site for big clients still hacked 
21/10/08 00:40 hacked page.be 
21/10/08 00:36 Hacked index used by firms to sell security 
15/10/08 17:52 hacked subdomains de.be 
19/10/08 23:19 hacked website for a safe brussels :) bravvo.be
19/10/08 23:14 hacked VLDshop.be buy turkish hackstuff from liberals :)
16/10/08 18:28 Was wallonie.be penetrated and is it still open ? 
16/10/08 18:01 Safe eshops online.... running windows 2000 and hacked 
15/09/08 23:01 Hacked hoster Sunhost.be 
11/09/08 13:48 hacked Belgian online shops : just trust us 
12/09/08 10:38 hackers change name Pizza's from PizzaHut.be
12/09/08 09:36 hacked c02services.be gives technical advice, hack included
29/05/08 00:13 Hack of the day politiebeersel.be
26/05/08 17:00 VMMA jimtv sites has still some problems
22/05/08 16:17 Some other sites phpizabi
22/05/08 15:18 how VTM probably was hacked and are you also vulnerable
22/05/08 00:57 Some VTM sites are still hacked at midnight
13/05/08 10:02 The problem with hackers communities
17/04/08 23:14 zone-h.org is out again
10/04/08 20:35 Belgian computerproblems help the PKK
03/04/08 16:38 Political Events and hacking risks 
02/04/08 01:30 .nl servers starting to be more attacked 
28/03/08 19:28 Internet Storm Center keeps an eye on the Dutch cybernetworks
27/03/08 20:19 Site hosting Wilders Film already under heavy attack
20/03/08 14:04 Turks are hacking some belgian sites (again)
17/03/08 09:21 ocmw.antwerpen.be was hacked AGAIN
14/03/08 13:35 Top 20 most viewed .be hacked sites from archive
13/03/08 11:56 Turkish retrying their list of previously hacked websites
10/03/08 13:48 It took our FCCU 10 minutes to get sherpa.be clean again
10/03/08 12:30 Turkish hacking attack continues : sherpa.be ticketing service
09/03/08 16:38 ALERT AYYADIZ Turkish hacker group calls for cybercampaign against Belgium
07/03/08 09:20 Zone-H 2005-2007 the numbers
07/03/08 09:02 Keep Zone-h.org Alive
06/03/08 16:53 Will Holland get a cyberattack ?
25/02/08 15:30 Massive hack against Photobusiness site IFP3.Com
22/02/08 23:03 More than 1000 .be hacked websites in our furl archive
20/02/08 09:43 Linux most used platform for hacking attacks
18/02/08 12:24 Turkish hackers are not gone - even if you don't see them in the press
14/02/08 15:15 Here are the Turks Hackers coming again
04/02/08 12:25 .nl domain under hack attack 
01/02/08 16:50 Our Flemish school servers are safe - are they ?
01/02/08 10:06 .nl domains under attack 
31/01/08 09:45 You can trust belgian webshops they say 
31/01/08 08:39 Priorweb.be hacked 

Permalink | |  Print |  Facebook | | | | Pin it! |

2008 : belsec, bloggers and online activism

Belsec is just a belgian part of a wider network of Belgian and international security bloggers even if this seems to be more or less the only place where the postings can go a bit further without that the writers have to fear for their careers or name. It is most often the pianist who is getting shot around here. In 2008 our first year, bloggers became the pianists that were being targeted in Belgium and in Europe. Freedom of speech online is not so evident anymore. Which is a pitty because - aside from the unnecessary personal attacks - it is the debate that has to be advanced, not the career.

Belsec has also tried to lobby for more important and widespread esecurity laws and discussion and has also tried to enlarge the debate.

It is still open for new input and helpers.

11/11/08 14:00 belsec birthday : the 3 stories we didn't publish 
03/12/08 13:19 Belgische bloggers richten boodschap aan De Crem
03/12/08 12:54 Deckmyn (Standaard) over het gevaar van bloggen in België
27/11/08 23:20 our minister of defense says that blogging is dangerous and let it feel to a blogger 
11/11/08 16:00 belsec birthday and political action 
03/12/08 10:47 Belgian minister wants more attention for accessable internet 
10/11/08 15:35 skynetblogs seems sometimes like bad sex 
27/10/08 10:01 access to secure website of the belgian national police site and did the newspaper something illegal ? 
21/10/08 10:11 De Standaard did illegal hacking ?
22/10/08 10:31 Forum : Parlementair Roel Deseyn pleit voor een Belgische CERT
21/10/08 12:43 This government promises us a CERT more or less 
31/10/08 14:46 blogosphere today and angst video 
26/09/08 12:52 E-land archive de start van belsec op De Standaard
26/09/08 12:13 De Standaard stops collaboration with Belsec (we are no Don Quichots) 
14/08/08 15:41 20+ useful twitter or Tweet tools (for free)
14/08/08 12:53 VOX the future of blogging 
11/08/08 21:07 Swedish blogger has to relocate his blog about Swedish spying (link here)
10/08/08 18:30 Students refused the right by judge to present RFID transport card vulnerabilities (documents)
10/07/08 08:59 Belgian blogger fired because of his blog by a public company (DE LIJN)
20/06/08 08:23 Indymedia.be geeft perskaarten aan medewerkers
20/06/08 08:21 Burgermedia enkele teksten van Indymedia.be
19/06/08 09:36 First conference about the impact of digital public domain
19/06/08 09:03 Will Europe become like mediacontrolled Italy 
16/06/08 13:52 Anonymous Poem for Anonymous Bloggers (save citizen media in Europe)
16/06/08 13:43 European parliament wants Chinese Style policy against Bloggers
15/06/08 21:58 Editor ITprofessional about Belsec and Belgian security Bloggers

05/06/08 17:43 Security Bloggers Network (Int) alliance with blackhat 
27/03/08 09:10 A cyberdefender seal that says it all 
28/03/08 20:03 The difficult problem of disclosure
25/03/08 14:59 Hardhitting DDOS attacks volunteer security website again
07/03/08 15:16 Advies BIPT over hun eventuele regionalisatie
07/03/08 15:00 Hoorzitting Internetveiligheid Parlement
07/03/08 14:35 Ways in which the belgian security bloggers make a difference
03/02/08 09:50 BENIS the contact group about Internetsecurity
18/01/08 10:28 The battle skynet versus Telenet on securityfront
17/01/08 23:51 Eerste ontwerp ter discussie amandement op de cybercriminaliteitswet
16/01/08 21:45 Belsec will not hamper the negotiations about responsable disclosure
16/01/08 13:12 The presentation before the Belgian parliament
14/01/08 09:48 Hacked websites monitoring is no volunteer work 


Permalink | |  Print |  Facebook | | | | Pin it! |

1 2 Next