A follow up on the Indian embassy issue

It’s been a busy two weeks trying to put together the training material I’ll be using to teach Incident Response and Computer Forensics to some of my colleagues in other geographies across Europe, Asia and Australia, and that will kick-off in Leiden in approximately 10 days. Meanwhile, the latest news about the Indian embassy reported earlier on this blog, spread quickly on the Internet.

Many sites reported on the issue, from antivirus vendors to security professional’s blogs and online magazines. Whilst most of them just echoed what others said, some shed more light on it posting some interesting notes and only a few did an in-depth analysis worth of mention, the most relevant being:

[Read more...]

Embassy of India in Spain found serving remote malware through iFrame attack

Hacking an embassy’s website to use it as malware distribution point is not something new, neither is the use of the iframe injection attack, but it’s still surprising the number of infected sites out there.

Earlier this morning I was alerted to this problem by a colleague who was trying to access www (dot) embajadaindia (dot) com to sort out some paperwork related to my employer’s offices in India. When tried to load the site, the Desktop Antivirus displayed the following pop-up alert:

Sophos Alert - www (dot) embajadaindia (dot) com

The alert description is fairly self-explanatory, [Read more...]

Lessons learnt from a severe security incident

After a week of ISO 27001 auditing in the UK and a busy week aftewards, I finally managed to get some time to read my favourite blogs. I was doing so, when I read an interesting post in the Internet Storm Center that analyses some lessons learnt from a severe incident affecting The Planet, a well known hosting provider.

Being a BSi instructor for the BS 25999 courses on Business Continuity, I find these kind of real-life examples very instructive for being used at class, although I try to to get students to talk about their own experiences as much as possible.

So have a look at The Planet outage – what can we all learn from it? and let me know your thoughts.

In the following weeks I’ll be creating a new section of my blog where I will put together a list of Business Continuity resources (among others) I can share with my students at class. So stay tuned!