Ayoi's

Again.. Sorry for the long Hiatus.. Anyway I did received an email from one of my friends at CyberSecurity Malaysia..

“maybe u can pos something useful & reminder in your blog & security.org.my to remind your blog visitors bout this malware.
thanks bro..”

Ahhh the link.. http://www.mycert.org.my/en/services/advisories/mycert/2009/main/detail/647/index.html

Yeah guys.. This ain’t no HOAX. In fact, there are few entries in SANS Handler’s diary regarding the increase of DNS polling performed by the infamous Conficker or Dowandup (from 250 different domain names per day to 500 ).

Read it here : April 1st – What Will Really Happen?

Btw Felix Leder, Tillmann Werner of The HoneyNet Project produced one good writeup “Containing Conficker“. I recommend you guys to download that paper and read it. Also read another good writeup of Conficker variants by SRI here.

Also you can now identify possible Conficker infected machines by performing network scanning via NMAP or NESSUS.

For NESSUS the related plugin description :PluginID 36036

How to scan using NMAP can be read from this site : www.skullsecurity.org

For removal instructions and tools, just follow the links provided in special Conficker page at Dshield site.

There you go folks. Sorry it’s lil bit late and yeah I’m lil bit tight right now..

p/s: Btw my friend mel already post an entry regarding Conficker worm at security.org.my

I did mention that I was invited to be one of the speakers for this event rite? So in between of my tight schedule, I managed to complete the slides (from over one hundred slides, reduced to just 45 slides). The topic of cause about network security and yeah, I include all the things that I’ve learned from reading books and articles, NSM of cause, knowledge that I gained during the SANS training and whatever that I learned from listening to Ed Skoudis as well. I have so many things to share with the audience and I do really hope that I have enuff time to touch all the things that I need to say regarding the network security. But we can only plan because there are some unforseen circumstances determined by God that only He knows why.

(more…)

***************************************************************************

Subject: INFOSEC.my Technical Forum-23rd Oct 2008-Sapura@Mines
Date: Wed, 15 Oct 2008 10:15:55 +0800
From: Training at cybersecurity dot my
Reply-To: training at cybersecurity dot my
Organization: CyberSecurity Malaysia

Hi,

We would like to invite you to the *INFOSEC.my Technical Forum on
Network Security and Digital Forensics*. This session enables
information security professionals and practitioners to share their
knowledge, skills and expertise in this challenging field. Such session
also aims to provide a platform for the information security community
nationwide to network, whilst keeping abreast with the industry’s trends
and development that spans over a broad range of related topics.

Details of the session are as below:

* Date : Thursday, 23th October 2008
* Time : 8.30am – 1.00pm
* Venue : Theaterette, Sapura@Mines, Seri Kembangan. *

If you are a CISSP, SSCP and/or ISACA member, you will be entitled to
4(four) CPE points for attending this event.

The highlights of the event are topics to be presented by our
distinguished speakers on:

1. Network Security, The 3 key elements

2. Issues in conducting Malware Analysis

3. Data Recovery in Digital Forensics World

4*. *Video Forensics: What You Need to Know

How to Register?

For more information on the agenda and registration details, please go
to http://www.cybersecurity.my/infosec-my/index.html
We highly encourage online registrations through our website OR print
the online form and fax it to the Training Department at +603-8946 0844
latest by 20th October 2006. You are also welcome to call us at
603-8946 0999 or email to training@cybersecurity.org.my.

We look forward to seeing you and/or your esteemed colleagues as this
session gives you the opportunity to gain more insight and exposure in
the field of ICT security.

Thank you and See you there!

Training Department
CyberSecurity Malaysia
An Agency Under MOSTI
DL : +603-8946 0999
Fax : +603 8946 0844
http://www.cybersecurity.my

**************************************************************

You are invited

Taken from lessonlearnedrocks.com

That’s what I can sum up my day today. Early in the morning just before I have my first sip of my latte, I received a phone call from a prospect client which make my latte feel so bitter. I guess I’ve spent more than 20 minutes on the line with him where most of the time I just simply can’t answer his questions and queries. I am totally dumbstruct and lil bit embarras after that conversation. So embarras that I even contemplate of withdrawing from giving my scheduled talk during the coming Infosec.my technical forum organized by CyberSecurity Malaysia.

(more…)

What’s up? Well during the Holy month, you might notice that I’m lil bit lazy in posting new items. Perhaps lack of caffeine or glucose ). Anyway I think for the second half of Ramadhan, everything seems like back to normal. Normal in sense of I need to do some paperworks, some presentation slides and yeah meetings as well (btw I do hate having meetings during Ramadhan tho.. Lol. As I try to preserve whatever energy I might have within my skinny frame figure

Anyway for this week, I’ve received some good news/events and some bad news/events.

(more…)