RE: Actual Security Cases

From: Trevor Cushen (
Date: 01/31/03

  • Next message: Trevor Cushen: "RE: Risk analysis tools?"
    Date: Fri, 31 Jan 2003 17:23:23 -0000
    From: "Trevor Cushen" <>
    To: <>

    Have a look at the books "Hacker Challenge" 1 and 2. They detail actual
    cases and are an excellent read. Should have what you are looking for.

    Details here

    Hope this helps

    Trevor Cushen
    Sysnet Ltd
    Tel: +353 1 2983000
    Fax: +353 1 2960499

    -----Original Message-----
    From: squid []
    Sent: 30 January 2003 04:09
    Subject: Re: Actual Security Cases

    You might want to look at "Secrets and Lies : Digital
    Security in a Networked World" By Bruce Schneier.

    Even though it does not specificaly cover the risks of forwarding email
    from a corporate account to a personal account such as AOL or Yahoo, it
    does cover how a lot of the need to mantain security for communications.
    It sounds like you are facing a classic problem I have seen with many
    managers, ignorance to security and how it can affect there ability to
    keep there jobs.

    > Does anybody know a good internet source of actual
    > security related real
    > life cases? I know that it's a risk to forward
    > corporate mail to
    > internet e-mail account like AOL or gmx. But I need
    > a case like "in
    > january 2001 the aol accounts of xyz got cracked and
    > a lot of
    > confidential data was published by some hackers on
    > the internet" to
    > convince a manager who thinks the risk is just
    > theoretical and nothing
    > ever happened. I would like to have such stories for different threats
    > (no remote access via modem, no weak passwords, no
    > unenecrypted data on
    > laptops,...). In my opinion the stories in the book
    > "Tangled Web" are
    > just a starting point (some of them are not easy
    > enough for managers).
    > --
    > <- ullmic6 ->

    Do you Yahoo!?
    Yahoo! Mail Plus - Powerful. Affordable. Sign up now.


    This email and any files transmitted with it are confidential and intended
    solely for the use of the individual or entity to whom they are addressed.

    If you have received this message in error please notify SYSNET Ltd., at
    telephone no: +353-1-2983000 or