Security Basics mailing list archives

RE: Actual Security Cases

From: "Trevor Cushen" <Trevor.Cushen () sysnet ie>
Date: Fri, 31 Jan 2003 17:23:23 -0000

Have a look at the books "Hacker Challenge" 1 and 2.  They detail actual
cases and are an excellent read.  Should have what you are looking for.

Details here
http://www.amazon.com/exec/obidos/search-handle-form/002-0648723-3948060


Hope this helps

Trevor Cushen
Sysnet Ltd

www.sysnet.ie
Tel: +353 1 2983000
Fax: +353 1 2960499



-----Original Message-----
From: squid [mailto:squidvt () yahoo com] 
Sent: 30 January 2003 04:09
To: security-basics () securityfocus com
Cc: ullmic6 () web de
Subject: Re: Actual Security Cases


You might want to look at "Secrets and Lies : Digital
Security in a Networked World" By Bruce Schneier.  

Even though it does not specificaly cover the risks of forwarding email
from a corporate account to a personal account such as AOL or Yahoo, it
does cover how a lot of the need to mantain security for communications.
It sounds like you are facing a classic problem I have seen with many
managers, ignorance to security and how it can affect there ability to
keep there jobs.

Does anybody know a good internet source of actual
security related real
life cases? I know that it's a risk to forward
corporate mail to
internet e-mail account like AOL or gmx. But I need
a case like "in
january 2001 the aol accounts of xyz got cracked and
a lot of
confidential data was published by some hackers on
the internet" to
convince a manager who thinks the risk is just
theoretical and nothing
ever happened. I would like to have such stories for different threats
(no remote access via modem, no weak passwords, no
unenecrypted data on
laptops,...). In my opinion the stories in the book
"Tangled Web" are
just a starting point (some of them are not easy
enough for managers).

--
<- ullmic6 ->


__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com


**************************************************************************************

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed. 

If you have received this message in error please notify SYSNET Ltd., at
telephone no: +353-1-2983000 or postmaster () sysnet ie

**************************************************************************************

Current thread:

Actual Security Cases ullmic6 () web de (Jan 29)
- <Possible follow-ups>
- Re: Actual Security Cases squid (Jan 30)
  - Re: Actual Security Cases theog (Jan 31)
- re: Actual Security Cases H C (Jan 31)
- RE: Actual Security Cases Trevor Cushen (Jan 31)