Chapter Home Events & Services Careers Data Center Sitemap


GNO Chapter Home 

Chapter Events 
Chapter History
Our Members
Academia
News Letters
Feedback Survey
Contact us

 

Infragard Cyber Security SIG

Infragard Items

Infragard New Orleans

Join Infragard

 

Presentations
Calendar of Events
Useful Links

Career Center

Job Posting Guidlines
Job Openings


Inter/National Links & Events

Security
Audit
CISA/CISM Exam Study
Join ISACA 


 

Presentations
Calendar of Events
Useful Links


Chapter Governance

Board of Directors
Committees
Minutes
Reports
By Laws
Chapter Handbook
Policies
Privacy Statement

WELCOME to Greater New Orleans ISACA, Winner of the 2010 K WAYNE SNIPES AWARD!

*** GNO ISACA has just been notified that we have won the K Wayne Snipes Award, ***  the ISACA International award for Best Small Chapter in the World!  WHO DAT!!!!  We are THE place to go for Information Technology (IT) security, information assurance and IT governance in the New Orleans area.  We provide free monthly talks on current IT topics to raise knowledge and awareness.   Volunteering helps your career, builds a structure to meet people based on a common goal and means we can give back more to our rebuilding community. Come join the best in the world!

ALERT ! As of Wednesday March 3 A major vendor of online advertising has been compromised and or socially engineered. Ads being served out of legitimate websites such as MSN, Foxsports etc.  are distributing FakeAV malware from the legitmate sites that use the vendor and infecting clients with outdated Java and Adobe PDF add-ons.  This has been reported since before 2010-02-15 and was reported today to the SANS Internet Storm center and to US CERT.  Fixes will be blocking the (so far 248) malicious sites.  List of the 248 sites to block is at bottom of this page.  For your organization, identify clients with old versions and update Java and Adobe PDF plugins.

...Which is a great lead to the March meeting topic, see below for details

See below for upcoming events from Baton Rouge ISACA and New Orleans IIA!

October Cyber Security Month: We will also be sponsoring events for the first annual Cyber Security Month which is in October.  Please help us develop and present educational events to help our citizens learn to protect their computers, their finances, their identies and children to stay safe online!  Come get involved!  Build your career! Make friends! Help our community!

Come to meetings and get to know some really interesting people!  Most (except this January) meetings are at lunchtime, they are free (bring your own lunch), easily accessible off of I-10 and parking is free!

Lydia Lourbacos                                                                                                                                                                                      President GNO ISACA as the Co-Chair Infragard Cyber Security SIG


____________________________________________________________________________________

GNO ISACA MARCH MEETING

Thursday March 11  at 12:00pm:

TOPICIntegrated Cyber in Critical Infrastructure: Responding to Incidents in the 21st Century

DATE:   Thursday March 11, 2010

TIME: 12:00pm - 3:00pm  (3 CPE) (bring your lunch)

COST: No charge - RSVP required

LOCATION: East Jefferson Regional Library,  4747 W. Napoleon Ave, Metarie 70001

RSVP:  Please RSVP to president@isaca-nola.org by Wednesday March 10 if you will attend

SUMMARY: The session will discuss:

(1) Understanding Cyber Assets in Critical Infrastructure (CI)

(2) Example CI Cyber Incidents

(3) Continued Cyber Threats and Vulnerabilities

(4) Responding to Events of Interest (Incident Handling)

After the session, during the basic table-top exercise, a described scenario will be provided to the participants. Participants are briefed on the event that has occurred or is in progress, and are asked to apply their knowledge, skills and organization’s IRP to a list of problems presented. The complexity of navigating your own organization’s IRP, the variety of organizations attending and the scenario itself typically creates an incredible educational atmosphere.

The tabletop exercises are modularly designed. Issues addressed in the table-top exercises typically include:

Adverse effects arising from the implementation of a security patch

Alarms indicating a door, gate or window has been opened without authorization

Alerts for detected cyber security incidents

Discovery of malware

Establishing ports and services for emergency operations

Reporting to the sector’s Information Sharing and Analysis Center (ISAC)

Retention of audit trails of system events

Unauthorized access attempt to the physical security perimeter

Unauthorized access to sensitive cyber security or reliability data

Unauthorized access to shared system accounts

SPEAKER: Matt Luallen, Encari

Matthew E. Luallen is a well-respected information security professional, researcher, instructor and author. Mr. Luallen serves as a Co-Founder of Encari, a critical infrastructure information security consulting company. He consults with both governmental and commercial sectors, including a multi-client base of public utilities and other power market organizations, national laboratories, financial institutions, and law enforcement. He has written, consulted and trained extensively on process control and SCADA security issues. He has worked extensively with electric utilities on compliance with the cybersecurity regulations of the North American Electric Reliability Corporation (NERC). Prior to incorporating Encari, Mr. Luallen provided strategic guidance for Argonne National Laboratory, U.S. Department of Energy, within the Information Architecture and Cyber Security Program Office.

In an effort to promote education and collaboration in information security, Mr. Luallen is an instructor and faculty member at several institutions. Mr. Luallen is adjunct faculty for DePaul University instructing the Computer Information and Network Security Masters degree capstone course. He is also a certified instructor and CCIE for Cisco Systems instructing security technologies such as firewalls, intrusion prevention, virtual private networks and general secure information architecture. As a certified instructor for the SANS Institute Mr. Luallen teaches infrastructure architecture, wireless security, web application security, regulatory and standards compliance, and security essentials. Mr. Luallen is a graduate of National Technological University with a Master's Degree in Computer Science. Mr. Luallen also holds a Bachelor of Science degree in Industrial Engineering from the University of Illinois, Urbana.

 

Past presentation

************GNO ISACA APRIL MEETING**************

TOPIC:  "Taking Control of Your User Accounts"

WHOM SHOULD ATTEND: 1st hour for Directors and CIOs looking for greater control over cost/security and subsequent 2hr tutorial for security/sysadmins and auditors.

DATE:   Thursday April 8, 2010

TIME: 12:00pm - 3:00pm  (3 CPE) (bring your lunch)

COST: No charge  RSVP required

LOCATION: East Jefferson Regional LIbrary,  4747 W. Napoleon Ave, Metarie 70001

RSVP:  Please RSVP to president@isaca-nola.org by Wednesday April 7 if you will attend

SPEAKER: Dustin Puryear, Baton Rouge Puryear Inc.

SUMMARY:

Please help ISACA researchers by filling out these questionaires:

1. Karen Quagliata (member of St Louis, MO chapter and doctoral student at University of Fairfax) (10-15 min): Survey on Critical Components of Information Security:  http://www.surveymonkey.com/s/QDWSJV6
 
2. Dr. M Keith Wright (member of Houston Chapter and researcher at University of Houston): Determinants of IS Development Project Escalation: http://www.surveymonkey.com/s.aspx?sm=DnMRwtXCHtmgxLmdki_2fTYg_3d_3d

 

 

March 24, Wednesday 11:30am-1:00pm "Managing 3rd Party Application Security Risk" by Erik Peterson, Sullivans Steakhouse more info

April 8, Thursday -- GNO ISACA Monthly Meeting: "Taking Control of Your User Accounts"  by Dustin Puryear. 1st hour for Directors and CIOs looking for greater control over cost/security and subsequent 2 jr tutoral for security/sysadmins.

April 16, Friday --IIA New Orleans Seminar "Today's Internal Audit Leader; Conflict Resolution and Problem Solving" with speaker Ed Robinson. 8am-5pm 8 CPE $125 IIA members $150 non-members http://isaca-nola.org/files/IIAApril.pdf

April 23-25: Tiger Trap http://tigertrap.org  for more information.  This is a capture the flag exercise sponsored by Baton Rouge Infragard and BR ISACA.

April 27, Tuesday -- IIA/ISACA Baton Rouge present: Practical Stats: Statistical Sampling for Auditors 8:30-4:30 at BCBS Mail Campus $125 Link to more information at http://isaca-nola.org

May 13: Annual General Meeting (board election)  Please consider volunteering for a position on the board!

_______________________________________________

See this link for the Nov 24, 6pm WWL-TV news story on spear phishing and ACH Fraud http://www.wwltv.com/news/Hackers-Go-Spear-Phising-72999427.html

FROM SATURDAY 9/26/09: PODCAST-Excelling with Liz: Online Bank Fraud:http://lizreyes.com/?page_id=2 WGSO 990am 1pm.  Click Infragard Cyber Security SIG Announcements link at left for detailed suggestions mentioned on the show.

Also see ABC26 10pm News October 21 for ISACA/Infragard interview about online banking fraud.

  

Past GNO ISACA Meeting Topics:

http://www.isaca-nola.org/DataCenter/meeting_presentations.htm

 

IT SECURITY ALERT ON FAKE AV

 March 3, 2010

Due to the compromise of major online advertising vendors, out of date browser clients are being infected thru the use of NeoSploit drive by sites.  The drive by sites are infecting clients by serving malicious Java classes and PDF files that take advantage of clients not using the latest versions of Adobe and Java software. The malware being distributed is the FakeAV Trojan, which has been making the rounds evidenced by the increasing number of IPS/IDS alerts raised recently and directly related to this trojan.

Dshield has identified 248 external hosts affected by  the web advertising service compromise serving the FakeAV trojan.  This compromise is gaining traction due to some older web browsers not being updated with the latest version of Adobe and Java software. Security staff should update the Malware Domain Lists in order to block potential access to these compromised sites, some of which are major and reputable organizations.

Please be on the alert for the Anti Virus notifications and take remedial actions (i.e. clean up the machine).

VirusTotal.com reports that 31 out of 41 antivirus engines are recognizing this malware. Presently, this malware exploits the following vulnerabilities:

·         CVE-2007-5659 - Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods

         CVE-2009-3867 - Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303

Remedy: patching/updating the Java and Adobe third-party software to the latest releases. Instruct users to close popups with ALT+F4 ONLY.  DO NOT CLICK ON THE POP UPS!

The host names associated with hosting the malware for this campaign discovered so far are as follows  DO NOT CLICK ON THESE LINKS !!!!!  ADD THEM TO BLOCKED IP/WEB ADDRESS LISTS:
155.41.51.72.in-addr.arpa
174.142.53.148
195.88.190.54
5.152.135.79.microlines.lv
69.174.245.147
69.174.245.148
69.174.245.150
72.51.41.155
75.125.183.50
79.135.152.5
a2zthings.com
aaafreebarter.com
aabtiktadve.com
abxbarter.com
acdlsmladve.com
acdlsvladve.com
afb.dobarter.com
av-command.com
av-crew.net
av-protect.com
avcommand.net
avgroupwebsite.com
azisugftqguq.com
barterbing.com
barterbrokersusa.com
barterbucks.us
barterforbusiness.com
barterforbusiness.net
bartergenius.com
barterne.com
barternewengland.com
barterofsandiego.com
biz2bizcommerce.com
businesspartnerships.dobarter.com
byuigracdnjj.info
capitolbartering.net
cgnmydalqgsm.com
charitybarterbanc.org
corexchange.org
corporatebarteronline.com
cvybexpnqhlx.info
dbcavsaddve.com
dbvvwrkgycfa.info
dcghkoixsagu.info
ddehkyhddve.com
ddewphwddve.com
demo.dobarter.com
dffmjefhfyf.com
dobarter.com
dobarter.darnfast.net
dwldxeqavts.info
dygpcewrjnw.info
eliyisgtkaj.info
google.analytics.com.bazqrhafrrh.info
google.analytics.com.bidxctvqvwrw.info
google.analytics.com.byuigracdnjj.info
google.analytics.com.ckzqfrxaxihi.info
google.analytics.com.cvybexpnqhlx.info
google.analytics.com.dbvvwrkgycfa.info
google.analytics.com.dcghkoixsagu.info
google.analytics.com.dfxlhdyffzho.info
google.analytics.com.dwldxeqavts.info
google.analytics.com.dygpcewrjnw.info
google.analytics.com.eliyisgtkaj.info
google.analytics.com.eututrywxvhd.info
google.analytics.com.ezqaxnmsbs.info
google.analytics.com.friavuzpsvxc.info
google.analytics.com.fywthroeasx.info
google.analytics.com.gopbaqvgprvh.info
google.analytics.com.hjvcnunmtzc.info
google.analytics.com.hnstetlseuop.info
google.analytics.com.hzlyaejcvmat.info
google.analytics.com.inxvwrxogrc.info
google.analytics.com.jestywtvadgj.info
google.analytics.com.jgvsjnhmvngn.info
google.analytics.com.jjotqkhqymp.info
google.analytics.com.jklnznqvztu.info
google.analytics.com.jttyhhvcxmbz.info
google.analytics.com.jvoamkvyxv.info
google.analytics.com.kijksoeohxze.info
google.analytics.com.kmpbfdtknwsh.info
google.analytics.com.kzpkpehthbgn.info
google.analytics.com.lsvoenxxyya.info
google.analytics.com.mnuzqxerjufm.info
google.analytics.com.muhrlwuzyaly.info
google.analytics.com.nbtislvidmq.info
google.analytics.com.nlfgjehbotwi.info
google.analytics.com.noltvoqmhoce.info
google.analytics.com.oaofmsckue.info
google.analytics.com.ocryspyjvkh.info
google.analytics.com.omvdbdcknpct.info
google.analytics.com.pmxjpigimsdv.info
google.analytics.com.prtrkmxkpctw.info
google.analytics.com.pzignbfxspou.info
google.analytics.com.qlgkmytdvyjx.info
google.analytics.com.rimofoixaf.info
google.analytics.com.rmkbyklbhawd.info
google.analytics.com.rtkffbmmgkpw.info
google.analytics.com.rxflhciirups.info
google.analytics.com.sphamifoaqpx.info
google.analytics.com.tbxierkoqze.info
google.analytics.com.tdrfhdzxyb.info
google.analytics.com.tidawgeihqch.info
google.analytics.com.tklaxlxvedkt.info
google.analytics.com.tluaweyermg.info
google.analytics.com.uentfkblzpxx.info
google.analytics.com.uoncvsqcuclx.info
google.analytics.com.uuyvsrbtpjhl.info
google.analytics.com.uwbhpcrydgta.info
google.analytics.com.vgmhlwrixzxz.info
google.analytics.com.vujpgvscrjbk.info
google.analytics.com.vwrvqmvrvjwi.info
google.analytics.com.wwkzrjfuhmjg.info
google.analytics.com.wxrzufdrzzn.info
google.analytics.com.xewffvnixdyk.info
google.analytics.com.xkduqnxfpnfg.info
google.analytics.com.xnboetuqunld.info
google.analytics.com.yfguydudorip.info
google.analytics.com.yggxvnwumcqv.info
google.analytics.com.yhaidebpfltr.info
google.analytics.com.yynspckhyebi.info
google.analytics.com.zejdcqsoglao.info
google.analytics.com.zelhnalbivd.info
google.analytics.com.zsrsjnihnb.info
google.analytics.com.zugponkeqtzz.info
gopbaqvgprvh.info
gtp.dobarter.com
hwqckfphkhyi.com
hzlyaejcvmat.info
ibabiz.com
iipghhbnarh.com
intertek.dobarter.com
inxvwrxogrc.info
jbaagpepjvc.com
jgvsjnhmvngn.info
jklnznqvztu.info
jttyhhvcxmbz.info
kijksoeohxze.info
labarter.dobarter.com
lbckqbkldve.com
leadingedgetrade.com
limeakfjskt.com
live-soft.net
lsvoenxxyya.info
malibuexchange.com
maxcardinc.com
mbn.dobarter.com
new-soft.net
newsoftcore.com
ns1.av-command.com
ns1.av-crew.net
ns1.av-protect.com
ns1.avcommand.net
ns1.avgroupwebsite.com
ns1.everydns.net
ns1.live-soft.net
ns1.new-soft.net
ns1.newsoftcore.com
ns1.newsoftspot.com
ns1.softcoregroup.com
ns1.softmetalgroup.com
ns1.software2010.net
ns2.av-protect.com
ns2.everydns.net
ns2.softcoregroup.com
ns3.everydns.net
ns4.everydns.net
nwbex.dobarter.com
nyqoxifkvxga.com
omvdbdcknpct.info
onlinebartering.dobarter.com
orangebeemoney.com
ottawabarter.com
pbx.dobarter.com
pfgtihtpdve.com
pghtradealliance.com
pianwinpdve.com
pianwxnpdve.com
pittsburgh-trade-alliance.com
platinumtraders.com.au
premierbarter.com
prtrkmxkpctw.info
puddxvixrro.com
pzignbfxspou.info
qabtihtqdve.com
qcdvnhvqdve.com
qjiwptwqdve.com
qlgkmytdvyjx.info
softcoregroup.com
softmetalgroup.com
software2010.net
spacecoast.dobarter.com
ssl.dobarter.com
tklaxlxvedkt.info
tluaweyermg.info
trade-usa.net
tradeexchangenetwork.com
trademakers.ca
tradeyainc.com
uefnwtnudve.com
uentfkblzpxx.info
usabarter.dobarter.com
uuyvsrbtpjhl.info
uwbhpcrydgta.info
valley.dobarter.com
valleybarter.com
valleybartergroup.com
valuecardalliance.com
valuecardarizona.com
valuecardaz.com
wazprlhzhfvg.com
wem.dobarter.com
www.aaafreebarter.com
www.barteranywhere.com
www.barterbam.com
www.barterbing.com
www.barterbrokersusa.com
www.barterbucks.us
www.barterbureau.com
www.bartercontrol.com
www.barterforbusiness.com
www.barternewengland.com
www.charitybarterbanc.org
www.charitycashlessbanc.com
www.charitytradebanc.org
www.doapost.com
www.dobarter.com
www.edaddywarbucks.net
www.maxcardinc.com
www.naturecoastbarter.com
www.orangebeemoney.com
www.ottawabarter.com
www.pghtradealliance.com
www.pittsburgh-trade-alliance.com
www.stxtrade.com
www.the-dragon-cave.com
www.trade-usa.net
www.valuecard.biz
www.valuecardaz.com
www.worldcashlessbanc.com
xkduqnxfpnfg.info
yburuvaeqcv.com
yfguydudorip.info
yggxvnwumcqv.info
yhaidebpfltr.info
yvaxtdzhbldc.com
zelhnalbivd.info
zugponkeqtzz.info

 

     
   
For questions or comments, please contact the webmaster
 
                      Free Web Counters hits : since 08/29/2007