I’m now a GIAC Certified Forensic Examiner (GCFE). Honest! I’ve got a certificate and everything. It even came framed: According to the blurb: The GCFE certifies that candidates have the knowledge, skills, and ability to conduct typical incident investigations including e-Discovery, forensic analysis and reporting, evidence acquisition, browser forensics and tracing user and application activities … Continue reading I’m a GCFE. But Will I Use It?
Monster Password Issues
This week, the massive online job site Monster.com released a security notice that their database had been hacked, potentially releasing the personal details of millions of registered users. This isn't the first time this has happened, and I'm sure it won't be the last. Leave aside the fact that Monster don't seem to be encrypting … Continue reading Monster Password Issues
UK National Risk Register
The UK Cabinet Office has now made public information from the previously classified UK National Risk Register. This is available at http://www.cabinetoffice.gov.uk/reports/national_risk_register.aspx. This seems to backup what many scientists have been saying. The greatest risk to the UK is not terrorism, or even global warming. It's an Influenza Pandemic.
Hacking in Canberra
This week I've made my first visit to our nation's capital - Canberra - for a 6-day course in Hacker Techniques, Exploits and Incident Handling. Canberra is a strange little city. It seems to me to be a cross-between Washington and Milton Keynes, in that it's clearly a Government town; the Federal government being the … Continue reading Hacking in Canberra
On Wednesday I attended AusCERT 2008. AusCERT is an annual conference for the IT Security industry organised by the Australian Computer Emergency Response Team. Held at the plush surroundings of the Crown Plaza Royal Pines Resort on the Gold Coast, the event is a chance for vendors such as Check Point, Microsoft, Symantec, CA, and … Continue reading AusCERT 2008