RE: Actual Security Cases

From: Trevor Cushen (
Date: 01/31/03

  • Next message: Trevor Cushen: "RE: Risk analysis tools?"
    Date: Fri, 31 Jan 2003 17:23:23 -0000
    From: "Trevor Cushen" <>
    To: <>

    Have a look at the books "Hacker Challenge" 1 and 2. They detail actual
    cases and are an excellent read. Should have what you are looking for.

    Details here

    Hope this helps

    Trevor Cushen
    Sysnet Ltd
    Tel: +353 1 2983000
    Fax: +353 1 2960499

    -----Original Message-----
    From: squid []
    Sent: 30 January 2003 04:09
    Subject: Re: Actual Security Cases

    You might want to look at "Secrets and Lies : Digital
    Security in a Networked World" By Bruce Schneier.

    Even though it does not specificaly cover the risks of forwarding email
    from a corporate account to a personal account such as AOL or Yahoo, it
    does cover how a lot of the need to mantain security for communications.
    It sounds like you are facing a classic problem I have seen with many
    managers, ignorance to security and how it can affect there ability to
    keep there jobs.

    > Does anybody know a good internet source of actual
    > security related real
    > life cases? I know that it's a risk to forward
    > corporate mail to
    > internet e-mail account like AOL or gmx. But I need
    > a case like "in
    > january 2001 the aol accounts of xyz got cracked and
    > a lot of
    > confidential data was published by some hackers on
    > the internet" to
    > convince a manager who thinks the risk is just
    > theoretical and nothing
    > ever happened. I would like to have such stories for different threats
    > (no remote access via modem, no weak passwords, no
    > unenecrypted data on
    > laptops,...). In my opinion the stories in the book
    > "Tangled Web" are
    > just a starting point (some of them are not easy
    > enough for managers).
    > --
    > <- ullmic6 ->

    Do you Yahoo!?
    Yahoo! Mail Plus - Powerful. Affordable. Sign up now.


    This email and any files transmitted with it are confidential and intended
    solely for the use of the individual or entity to whom they are addressed.

    If you have received this message in error please notify SYSNET Ltd., at
    telephone no: +353-1-2983000 or


    Relevant Pages

    • Re: Network Security Newbie
      ... better about security rather than some Post-Grad carrying Microsoft ... Books are good but there is no real alternative to practical ... Suggestion #2: Never trust anyone who calls themselves a hacker. ...
    • Re: Paypal Fraud
      ... All it takes is the hacker to get your ebay user ... and they have a 95% chance of having your paypal ... or for a hacker to rip off the account details of some poorly secured ... and know enough about security to never ...
    • Risks Digest 25.73
      ... German electronic health card system failure ... Risks of the Cloud: Liquid Motors ... Oakland 2010, IEEE Symposium on Security and Privacy, CFP ... A friend's facebook account was hacked recently (a neat little short-term ...
    • [Full-Disclosure] Administrivia
      ... directly related to security concerns per se. ... I consider myself to be a hacker, ... >> was the motivation in days gone by. ... >> The idea that with great power comes great responsibility is one that I ...
    • Re: MBSA, Office Update, Versions, Failures
      ... I apologize for posting this to three groups (MBSA, Windows Update, ... with Domain User account. ... Microsoft Baseline Security Advisor (? ... Office 2000 Security Patches - Red X's, ...