Dell, IBM and possible other tech giants should be ashamed

Posted on November 20, 2012 by Simon Roses

In time of crisis there is much speak about entrepreneurship as the engine to lift the economy, or at least in the Spanish crisis. Now well, who assists entrepreneurs?

As readers know I am the founder of VULNEX, a technology startup that offers highly specialized offensive and defensive cyber security services. In recent months I have been talking with tech giants such as Dell and IBM Spain to acquire a few servers that will allow us to improve our platform for R&D and services to our customers.

Obviously the purchase amount is small for these giants but for us it is a significant amount so we are interested in getting financing for the purchase and to our surprise: none of these 2 giants finance startups, they tell us that they only finance companies with more than 2 years of life. INCREDIBLE and SHAMEFUL!

I guess these companies have forgotten their roots and above all how and where they began. In my opinion it is disappointing that they do not even evaluate the project to determine their potential and just say NO. How easy is to say NO to small companies!

Now I understand why Dell has recently presented bad results, with that sales policy it is not surprising. And what to say about IBM, the monster patent…

But hey, so is the world of entrepreneurs, a constant struggle that unfortunately you get used to. Of course in VULNEX we are evaluating other options in order to execute this operation and improve our services despite all.

Be ready for some excited announcements in Q1 of 2013 ;)

Dear readers, what is your opinion on the support given by large enterprises to startups?

— Simon Roses Femerling

Posted in Business, Economics, Technology | Tagged , , , | Leave a comment

AppSec USA 2012: the experience

Posted on October 31, 2012 by Simon Roses

You know you are in Texas when you get out of the plane and hear country music through the airport and I was there indeed because the 25 and 26th of October the OWASP AppSec USA conference was taking place in Austin, Texas, where I participated with a presentation on Web Honeypots.

The conference had more than 800 attendees, free and paid courses on different application security topics during the days 23 and 24, and of course an impressive selection of speakers.

My experience as a speaker was unbeatable since the organization, the same people who organized LASCON, put much effort and desire to ensure that everything went well. They even organized a barbecue Texas style for the speakers in a popular restaurant overlooking a lake.

And what to say about the Happy Hour for the entire conference where there was a mechanical bull, super music rapper Dual Core and authentic armadillos for racing, no doubt I was in Texas, yee haw!

With so many talks to choose from too often I did not know which to choose but luckily for us all the videos and slides will be released soon to be able to see them with all the calm and discipline that they deserve.

I had the pleasure of talking about Web honeypots, a topic I find very interesting and with much work to be done. Specifically I talked about a project that I’ve been working for some time and that I have rescued from the trunk of memories and that through VULNEX can devote professional resources :)

We can really see how American companies have a different attitude as being more agile as opposite Spanish companies, just see the photo of the Job Board with well-known companies looking for all kind of roles in application security.

From here I would like to thanks the entire organization for the super event and see you at the next appointment AppSec USA 2013 in New York.

Note: In a couple of weeks the videos should be online, I will keep you posted!

Happy Halloween dear readers!

— Simon Roses Femerling

Posted in Conference, Hacking, OWASP, Pentest, Privacy, SDL, Security, Technology, Threat Modeling | Tagged , , , , , , | Leave a comment

Medre, AutoCAD Malware: The spy inside the cad

Posted on July 16, 2012 by Simon Roses

Last June a malware that infected AutoCAD for Windows was identified and is responsible for the theft of thousands of documents. AutoCAD is a popular program for 2D and 3D drawings that is used to design all kinds of products, such as homes, cars, aerospace and in defense, so it is really interesting for industrial espionage. In this post we will study a malware known as Medre.

From a technical point of view is a simple malware, written in AutoLISP and scripts/payloads in VBS, but ingenious since it infects multiple AutoCAD versions in Windows (see Fig. 1) with the aim of stealing files and send them by mail to servers in China.

Fig. 1 – Supported versions of AutoCAD by Medre

In Fig. 2 we can see the Chinese servers where the stolen information is sent, Medre uses various email accounts on these servers. Despite using Chinese servers it is not entirely clear if the source of the attack comes from there.

Fig. 2 – Chinese servers

And in Fig. 3 we can see part of the code responsible for compressing the stolen files using WinRAR by setting the password “1”.

Fig. 3 – WinRAR code

If we think that AutoCAD is one of the most popular design programs that runs on multiple platforms such as Windows, MacOS and mobile (Android and iOS) it calls our attention the ingenious of this attack, simple and effective. Perhaps future malware versions will be multiplatform?

Without a doubt attacks to the industrial fabric either to SCADA systems or using malware like Medre to steal information are really interesting and dangerous to many organizations and Nation-States.

Which industrial espionage malware you found interesting?

— Simon Roses Femerling

Posted in Pentest, Security | Tagged , , , , , , , , , | Leave a comment