Friday, November 2, 2007

Increasing demand for cybersecurity pros in RP seen

http://newsinfo.inquirer.net/breakingnews/infotech/view_article.php?article_id=98133

"MANILA, Philippines--A computer school and two cybersecurity experts have said that there is increasing demand for cybersecurity professionals in the Philippines."

"Computer school Informatics said that a certified cybersecurity professionals can command an average of $35,000 to $80,000 of monthly income in the US."

[Informatics offer a CEH (Certified Ethical Hacker)Course for about 30,000 PHP. The number of registrants must be quite low]

"In the Philippines, Albert dela Cruz, who is a director of the Philippine Computer Emergency Response Team, said that the pay scale could be lower."

[most definitely]

"Dela Cruz also pointed out that more local organizations are now recognizing the need to protect their critical infrastructure by creating a new position: the information security officer.

"Security should be everybody's concern. One weak link in the chain can affect everybody else," he stressed."

[We need a scapegoat to kick around when our company database gets whacked]

Posted by sujiru at 12:00 AM | | Comments

Thursday, November 1, 2007

IMX / Nextel

Who provides NAKTF fast, reliable and secure connections for their relentless crusade against the heinous crime of kidnapping?

IMX does.

A vulnerability exists in their Telematics web application. It's location is hardcoded into their client units' browser. Basically it's an sql injection issue. The novel part is that mode of transport is by radio waves (Iden Technology).


A regular failed login;

The Telematics Page Let's get loaded Wanna know who I am? Whoops

By exploiting the issue we successfully log in;

Logged in using the bypass We need the PTN though Go for the 500

Posted by sujiru at 11:33 PM | | Comments