Fatma Bazargan’s blog


Ramadan Kareem
August 22, 2009, 8:53 am
Filed under: Ramadan

رمضان كريم

رمضان كريم

أتقدم إلى مقامكم الكريم بأسمى آيات التهاني والتبريكات بمناسبة حلول شهر رمضان المبارك،
أعاده الله علينا وعليكم وعلى الأمة العربية والإسلامية أجمع بالخير واليمن والبركات متمنين لكم وافر الصحة والسعادة.

وكل عام وأنتم بخير

May Allah Bless You and Your Family and wish you a Ramadan Kareem

تحياتي

فاطمة أحمد بازاركان



Long Break
August 10, 2009, 10:05 am
Filed under: General

Masdar

It indeed has been a long time since I updated my blog. Just been so occupied with leaving the old career getting into a new one and finally adjusting to the new environment and people.  

Currently, I fill the position of Manager, ICT Security at Masdar (Abu Dhabi Future Energy Company). The Masdar Initiative is a wholly owned subsidiary of Mubadala and considered the world’s first carbon-neutral zero waste city and is the head-quarters of the International Renewable Energy Agency (IRENA).

A new milestone and a challenge in my career life and a long way to go, wish me luck.

Will be updating more often.

Always, Fatma Bazargan



Various # 09 – 105
May 5, 2009, 12:07 pm
Filed under: Security

 

mouse

Couple of interesting snippets for today…

 

I just came across a wonderful website called Wepawet. Interestingly, Wepawet is a service for detecting and analyzing web-based malware and it currently handles Flash, Java Script and PDF Files. So now you wont need to think twice about clicking a website and opening a file that you feel is malicious just take sometime test it and you are good to go. Simply the things you can do is…

 

Determine if a page or file is malicious

wepawet runs various analyses on the URLs or files that you submit. At the end of the analysis phase, it tells you whether the resource is malicious or benign and provides you with information that helps you understand why it was classified in a way or the other.

 

Analyze a malicious resource

wepawet displays various pieces of information that greatly simplify the manual analysis and understanding of the behavior of malicious samples. For example, it gives access to the unobfuscated malicious code used in an attack. It also collects the URLs accessed by a sample.

 

Identify the attacks launched by a malicious resource

wepawet does not just tell you that a resource is malicious, it also shows you the exact vulnerability (or, more likely, the vulnerabilities) that are exploited during an attack.

 

There is an interesting entry from Lori about the Real Meaning of Cloud Security, how to distinguish “cloud security” from “cloud-based security”. The former is about securing the cloud and its infrastructure, the latter about services hosted in a cloud environment. He goes then on talking about Cloud Security in particular.   

 

For all those who will be attending the 21st Annual FIRST Conference in Japan to be held from 28th June to 3rd of July, here you can find some very interesting podcasts prior to the event. In addition, FIRST has announced that those who hold CISSP, CISA, CISM and CGEIT will have an opportunity to earn CPEs if they attend the FIRST conference. Other than that if you are a Twitter person then you can follow them at firstdotorg for latest updates.

 

Talking about training courses, now that we all know that Virtualization is one of the must-know hot topics when it comes to information security, SANS have introduced a new course called Virtualization Security and Operations SEC557. As mentioned by SANS, the course aims to provide a firm foundation for all aspects of virtualization technology, covering the hosts, guests, networks, and management components. When students leave this class, they’ll have all the tools they need to properly secure their virtual environments and maintain their desired security and compliance posture.

 

Finally, Bill gives some Career Advice for Security Geeks.

 

 

That’s all for now. Enjoy!

Fatma.

 



Pandemic – Swine Flu
April 27, 2009, 3:17 pm
Filed under: General
Swine Influenza - Pandemic

Swine Influenza - Pandemic

Source: BBC News

What is swine flu?

Swine flu is a respiratory disease, caused by influenza type A which infects pigs. There are many types, and the infection is constantly changing. Until now it has not normally infected humans, but the latest form clearly does, and can be spread from person to person – probably through coughing and sneezing.

 

How worried should people be?

When any new strain of flu emerges that acquires the ability to pass from person to person, it is monitored very closely in case it has the potential to spark a global epidemic, or pandemic.

The World Health Organization has warned that taken together the Mexican and US cases could potentially trigger a global pandemic, and stress that the situation is serious. However, experts say it is still too early to accurately assess the situation fully. Currently, they say the world is closer to a flu pandemic than at any point since 1968 – rating the threat at three on a six-point scale. Nobody knows the full potential impact of a pandemic, but experts have warned that it could cost millions of lives worldwide. The Spanish flu pandemic, which began in 1918, and was also caused by an H1N1 strain, killed millions of people. The fact that all the cases in the US have so far produced mild symptoms is encouraging. It suggests that the severity of the Mexican outbreak may be due to an unusual geographically-specific factor – possibly a second unrelated virus circulating in the community – which would be unlikely to come into play in the rest of the world. Alternatively, people infected in Mexico may have sought treatment at much later stage than those in other countries. It may also be the case that the form of the virus circulating in Mexico is subtly different to that elsewhere – although that will only be confirmed by laboratory analysis. There is also hope that, as humans are often exposed to forms of H1N1 through seasonal flu, our immune systems may have something of a head start in fighting infection. However, the fact that many of the victims are young does point to something unusual. Normal, seasonal flu tends to affect the elderly disproportionately.

 

More information can be found at:

 

safe safe.

 

Fatma Bazargan

 



Data Privacy and Data Protection
April 25, 2009, 7:14 pm
Filed under: Security
mmm.. and who shall watch the watchers?

mmm.. and who shall watch the watchers?

 

For the last couple of days I have been reading about an interesting topic called “government trojans”. A government trojanis a spyware/Trojan/backdoor installed on a workstation or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation. This Trojan captures private e-mail communication, VoIP traffic, data residing on hard drives, record video conferences, etc. This captured data is then sent out to a central server for processing and analysis without the prior consent or knowledge of the individual and their data privacyl.

 

The overall goal of planting the trojan in a suspect’s computer is in order to snoop on the suspect’s hard drive data and Internet traffic for any suspicious activity related to terrorism, child pornography, drug trafficking, etc.

 

Personally and even some individuals find it illegal for government to snoop into their data using these so called government trojans, let alone the other case of wiretapping the Internet traffic which some countries find it illegal where others are just fine with it.

 

You can read about it more here, here and here. It elaborates further which countries have implemented and who is planning to implement and so on.

 

Where are we going with this is the question.

 

Till then, be unwatched.

 



Various # 09 – 104
April 21, 2009, 1:07 pm
Filed under: Security

info

Some of the interesting reads I had these couple of days:

 

1. Now this is awesome, ISC2 launches Child Online Safety Program and calls it “Safe & Secure Online“: a program that invites (ISC)2 information security experts to educate school children ages 11-14 on how to protect themselves online.

 

“Safe & Secure Online is a program begun by (ISC)2 with support from Childnet International, a charity that aims to make the Internet a safe place for children. First introduced in the United Kingdom (UK) in 2006, then expanded to Hong Kong in 2007, Safe & Secure Online has reached nearly 20,000 children in those regions. The program is designed to address the gap in security advice that exists in children’s safety outreach efforts.

 

And for all of you who are maintaining your CPEs, you can do that by teaching Children on how to be safe and secure when online.

 

2. If you are thinking to set up a CERT/CSIRT at your organization then ENISA has released CERT/CSIRT Exercises Handbook with a toolset, they also have a guide on a step-by-step approach on how to set up a CSIRT and you can also find a great guide on basic collection of good practices for running a CSIRT. I found it a useful resource to start with besides others.

 

3. Talking about USB drives and how they can be vulnerable to malicious applications and viruses Mobile Armor’s KeyArmor USB drive is designed to combat these threats:    

 

“The KeyArmor solution is a military level encrypted USB drive managed by the Mobile Armor enterprise policy console, PolicyServer. KeyArmor USB drives are FIPS 140-2 Level 2 validated using on processor AES hardware encryption. KeyArmor now independently provides protection against viral and malware threats. With integrated anti-malware detection and remediation, viruses and malicious software are prevented from attacking data transferred and stored on the KeyArmor drive. This is an independent function of KeyArmor, not requiring the existence or utilization of anti-malware from the data source device. KeyArmor provides detailed auditing and logging relating to the anti-malware component, including version control, update integrity, update frequency and file status.

KeyArmor: You are neat!

 

4. This is an interesting read about eEye Digital Security that announced the Blink Server 4 that has integrated protection platform for the windows servers and applications. 

 

That’s all for now. Good day all.

 

Bazargan.



Quick Update
April 16, 2009, 12:39 pm
Filed under: Security

bo

Just being on vacation for the last couple of weeks and the coming week will be my last week enjoying being disconnected for a while.

 

But as a quick update on the happenings around is:

  • For those following the Conficker updates you can visit the Conficker Working Group website and for those who were wondering what Conficker did in first week of April well it was limited to spam and serving the victim’s with fake anti-virus products.
  • I found this simple interactive animation interesting one to understand how a simple Buffer Overflow attack works click here.
  • Infected or Compromised by Richard Bejlitch.  

 

That’s all for now.

 

Enjoy the weekend.