From Twitter today:
"Multiple Vulnerabilities found on Oriental Bank's website. Default configs for the site left shamelessly around." Kuna shida kweli, Brian On Sun, Feb 12, 2012 at 1:29 PM, Brian Munyao Longwe <blongwe@gmail.com> wrote:
...and in other news, Rwanda hosts a cyber-security conference next month...
http://aptantech.com/2012/02/rwanda-to-host-cyber-security-workshop/
Mblayo
On Sat, Feb 11, 2012 at 10:04 PM, Michuki Mwangi <michuki@swiftkenya.com> wrote:
Hi Brian, et al,
On 2/11/12 9:28 PM, Brian Munyao Longwe wrote:
Hey Michuki,
A group calling themselves "Rwandan-Hackers" compromised the Standard Media website yesterday and published online a list of KTN Live members which included username, encrypted password and email addresses, a snippet follows:
So this brings on a new perspectives to the discussion.
1. The great connectivity that we have has not only exposed us to external threats but also to Internal threats.
2. It also clears the fact that it doesnt matter where your website is hosted since this website is hosted in the US just like the Toyota one.
3. The attack is through an SQL injection which IMHO exposes the depth of our web-developers.
Point 3 above leads me to a conclusion that the CxO's are making the necessary investments. But it looks like the ball is dropped elsewhere.
my 2 cents!.
Mich
-- Brian Munyao Longwe e-mail: blongwe@gmail.com cell: +254715964281 blog : http://zinjlog.blogspot.com meta-blog: http://mashilingi.blogspot.com
-- Brian Munyao Longwe e-mail: blongwe@gmail.com cell: +254715964281 blog : http://zinjlog.blogspot.com meta-blog: http://mashilingi.blogspot.com "Give us clear vision that we may know where to stand and what to stand for, because unless we stand for something, we shall fall for anything."