[ Assurance - assurance.com.au ]

[ bush fire smoke hangs over road ]

Recent Assurance Media Coverage

> recent media < 2009 media : 2008 media : 2007 media : 2006 media : 2005 media :

The following are external links which will launch in a separate browser window. Those marked with [ key ] require subscription or registration for access.

Updated January 2010

  • 2010 January 1 - ARTICLE: Macworld Australia - Neal Wise writes about MacOS X security from the ground up in the January 2010 print edition of Australian Macworld - not online yet
  • 2009 December 18 - Risky Business #136 - Assurance's Neal Wise talks to Risky Business' Patrick Gray about a Cisco Wireless vulnerability Neal released at Kiwicon III in Wellington, NZ earlier this month
  • 2009 November 11 - Risky Business #132 - Assurance's Oliver Greiter talks to Risky Business' Patrick Gray about his upcoming presentation at Kiwicon III in Wellington, NZ
  • More Media Coverage...

Assurance News & Press Releases

Updated January 2010

  • 2010 January 1 - ARTICLE: Macworld Australia - Neal Wise writes about MacOS X security from the ground up in January 2010 print edition of Australian Macworld - not online yet
  • 2009 December 9 PRESENTATION: OWASP Melbourne - Oliver Greiter to present "Active Sync Russian Roullette" at OWASP Melbourne Chapter on December 9, 2009
  • 2009 November 8 PRESENTATION: KIWICON III - Neal Wise to present on enterprise wireless controller (Cisco, Aruba, Meru) at Kiwicon III in Wellingon, NZ on November 28-29, 2009
  • 2009 November 8 PRESENTATION: KIWICON III - Oliver Greiter to present "Active Sync Russian Roullette" at Kiwicon III in Wellingon, NZ on November 28-29, 2009
  • 2009 July 20 - ARTICLE: Macworld Australia - Neal Wise writes about security issues and iPhone software 3.0 update in August 2009 print edition of Australian Macworld - not online yet
  • 2009 June 20 - ARTICLE: Macworld Australia - Neal Wise writes about "Proof-of-concept for OSX Java vulnerability released" in July 2009 print edition of Australian Macworld - not online yet
  • 2009 June 25 - EVENT: SECIA Workshop - Assurance to present "Threats and security control models for centralised wireless solutions" and 802.11 wireless hacking demonstrations at SECIA Workshop - Best Practice in IT Security, June 25, 2009 Melbourne, Australia.
  • 2009 May 20 - ARTICLE: Macworld Australia - Neal Wise writes on iServices Botnet in June 2009 print edition of Australian Macworld - not online yet
  • 2009 January 13 - EVENT: Auscert 2009 - Assurance to present "Threats and security control models for centralised wireless solutions" at AusCERT's 2009 conference, May 17-22, 2009 on the Gold Coast, Australia.
  • 2008 December 12 - EVENT: Auscert 2009 - Assurance to provide "Assurance 'hands-on' Wireless Services Auditing" 802.11 security tutorial at AusCERT's 2009 conference, May 17-22, 2009 on the Gold Coast, Australia.
  • 2008 September 1 - EVENT: Ruxcon 2008 - Assurance to provide 802.11 Wireless Hacking Competition at Ruxcon, November 29-31, 2008 in Sydney, Australia. Cool prizes to be won.
  • 2008 August 17 - EVENT: Kiwicon 2008 - Neal Wise to speak at Kiwicon, September 27-28, 2008 in Wellington, New Zealand on "Annoying controller-based 802.11 wireless solutions"
  • 2008 January 17 - EVENT: AusCERT 2008 Neal Wise to present a tutorial at AusCERT 2008, May 18-23, 2008 Gold Coast, Australia on "'Hands On' Auditing Wireless Services with Open Source Tools"
  • 2006 April 19 - ADVISORY RELEASE: Multiple Linux-based Cisco Products - Cisco Wireless Lan Solution Engine (WLSE), Cisco Hosting Solution Engine (HSE), Cisco Ethernet Subscriber Solution Engine (ESSE), Cisco User Registration Tool (URT), CiscoWorks2000 Service Management Solution (SMS), Cisco Vlan Policy Server (VPS), Cisco Management Engine (ME1100 Series), CiscoWorks Service Level Manager (SLM) - There are two vulnerabilities that exist in the CiscoWorks Wireless LAN Solution Engine (WLSE). The first is a cross site scripting (XSS) vulnerability that may allow an attacker to gain administrative privileges on the system. The second is a local privilege escalation vulnerability that can be used by an attacker who already has authenticated access to the command line interface to obtain access to the underlying operating system. The second vulnerability affects several other products.
  • 2005 November 07 - ADVISORY RELEASE: Asterisk PBX Comedian Voice Mail - A vulnerability exists in the vmail.cgi CGI which permits retrieval of any .WAV file on the Asterisk system by a valid, authenticated voice mail user. This includes other users' stored voice mail messages.
  • 2005 March 14 - ADVISORY RELEASE: Barracuda Networks Spam Firewall - A vulnerability in web-based management CGI smtp_test.cgi leads to remote non-privileged compromise by an un-authenticated attacker; local mis-configuration of sudo leads to local privileged "root" compromise. When combined these two issues provide remote, un-authenticated and privileged access to Barracuda's Linux-based operating system.
© 2005-2010 Assurance Pty Ltd :: contact : legal : privacy