Infigo IS's security expert Bojan Ždrnja gave a presentation titled "Cyber threats – ahead of others: SANS Internet Storm Center (ISC)" at regular monthly ISACA Croatia Chapter meeting. The Internet Storm Center organization was presented, together with DShield, a distributed intrusion detection system, on which ISC relies for attack analysis and prediction. The presentation also covered current threats: the Storm worm and SilentBanker, a trojan that attacks online banking services.

The PDF file with the presentation in Croatian can be downloaded here.

Algebra's free seminar: Certified Ethical Hacker will take place in Zagreb's Hypo center on 14th of February. Speakers include Rajive Kapoor from SSRI, Robert Petrunić from Algebra and Infigo IS' security experts Hrvoje Šegudović and Saša Jušić. Hrvoje Šegudović will give a presentation about legal aspects of penetration testing in Croatia, titled "Ethical hacking in security management". Saša Jušić will talk about Infigo IS' experiences in penetration testing in his presentation titled "Penetration testing: practical experiences".

Registration form for the seminar can be completed on Algebra's web pages at http://www.algebra.hr/CEH_event4.aspx.

On 24th of January, Infigo IS' security expert Bojan Ždrnja was a guest in PaulDotCom's podcast, the most famous IT security podcast. The main topic of the podcast was SANS course 610: Advanced Malware Analysis.

The course authors Lenny Zeltser, Mike Murr and Bojan Zdrnja discussed the latest developments in malware analysis techniques.

The podcast recording can be downloaded from the PaulDotCom web site: http://www.pauldotcom.com/2008/01/27/pauldotcom_security_weekly_epi_100.html

A 14 year old teenager hacked into tram control network in Polish city Lodz. According to the Lodz policy spokesman, the 14 year old studied the tram control network for quite a while after which he built a remote control like device that allowed him to control the tram tracks. This “teenager fun” caused four trams to be derailed and injured 12 passengers.

Control systems, such as the tram control system in Lodz, are usually built by engineers without a lot of experience with system security. The ease with which the 14 year old hacked into the tram control network opened question about other such systems, that do not have adequate security controls.