Recent Assurance Media Coverage

> recent media < 2008 media : 2007 media : 2006 media : 2005 media :

The following are external links which will launch in a separate browser window. Those marked with require subscription or registration for access.

Updated August 2009

• 2009 May 19 - Risky Business - Assurance's Oliver Greiter and Neal Wise talk to Risky Business' Patrick Gray at AusCERT 2009 about contemporary wireless security issues
• 2009 April 28 - Techworld - "Security pushed to provide ROI" - Neal Wise talks with Techworld's Darren Pauli about enterprise IT security investment
• 2009 January 12 - Computerworld Australia, Network World - "Industry peers slam govt file sharing filter" - Neal Wise talks with Computerworld's Darren Pauli about the practicalities of filtering peer-to-peer traffic nationally within Australia.
• More Media Coverage...

Assurance News & Press Releases

Updated August 2009

• 2009 July 20 - ARTICLE: Macworld Australia - Neal Wise writes about security issues and iPhone software 3.0 update in August 2009 print edition of Australian Macworld not online yet
• 2009 June 20 - ARTICLE: Macworld Australia - Neal Wise writes about "Proof-of-concept for OSX Java vulnerability released" in July 2009 print edition of Australian Macworld not online yet
• 2009 June 25 - EVENT: SECIA Workshop - Assurance to present "Threats and security control models for centralised wireless solutions" and 802.11 wireless hacking demonstrations at SECIA Workshop - Best Practice in IT Security, June 25, 2009 Melbourne, Australia.
• 2009 May 20 - ARTICLE: Macworld Australia - Neal Wise writes on iServices Botnet in June 2009 print edition of Australian Macworld not online yet
• 2009 January 13 - EVENT: Auscert 2009 - Assurance to present "Threats and security control models for centralised wireless solutions" at AusCERT's 2009 conference, May 17-22, 2009 on the Gold Coast, Australia.
• 2008 December 12 - EVENT: Auscert 2009 - Assurance to provide "Assurance 'hands-on' Wireless Services Auditing" 802.11 security tutorial at AusCERT's 2009 conference, May 17-22, 2009 on the Gold Coast, Australia.
• 2008 September 1 - EVENT: Ruxcon 2008 - Assurance to provide 802.11 Wireless Hacking Competition at Ruxcon, November 29-31, 2008 in Sydney, Australia. Cool prizes to be won.
• 2008 August 17 - EVENT: Kiwicon 2008 - Neal Wise to speak at Kiwicon, September 27-28, 2008 in Wellington, New Zealand on "Annoying controller-based 802.11 wireless solutions"
• 2008 January 17 - EVENT: AusCERT 2008 Neal Wise to present a tutorial at AusCERT 2008, May 18-23, 2008 Gold Coast, Australia on "'Hands On' Auditing Wireless Services with Open Source Tools"
• 2006 April 19 - ADVISORY RELEASE: Multiple Linux-based Cisco Products - Cisco Wireless Lan Solution Engine (WLSE), Cisco Hosting Solution Engine (HSE), Cisco Ethernet Subscriber Solution Engine (ESSE), Cisco User Registration Tool (URT), CiscoWorks2000 Service Management Solution (SMS), Cisco Vlan Policy Server (VPS), Cisco Management Engine (ME1100 Series), CiscoWorks Service Level Manager (SLM) - There are two vulnerabilities that exist in the CiscoWorks Wireless LAN Solution Engine (WLSE). The first is a cross site scripting (XSS) vulnerability that may allow an attacker to gain administrative privileges on the system. The second is a local privilege escalation vulnerability that can be used by an attacker who already has authenticated access to the command line interface to obtain access to the underlying operating system. The second vulnerability affects several other products.
• 2005 November 07 - ADVISORY RELEASE: Asterisk PBX Comedian Voice Mail - A vulnerability exists in the vmail.cgi CGI which permits retrieval of any .WAV file on the Asterisk system by a valid, authenticated voice mail user. This includes other users' stored voice mail messages.
• 2005 March 14 - ADVISORY RELEASE: Barracuda Networks Spam Firewall - A vulnerability in web-based management CGI smtp_test.cgi leads to remote non-privileged compromise by an un-authenticated attacker; local mis-configuration of sudo leads to local privileged "root" compromise. When combined these two issues provide remote, un-authenticated and privileged access to Barracuda's Linux-based operating system.