[kictanet] Online Security in Kenya needs to be mainstreamed

Mon Feb 13 17:42:50 EAT 2012

>From Twitter today:

"Multiple Vulnerabilities found on Oriental Bank's website. Default
configs for the site left shamelessly around."

Kuna shida kweli,

Brian

On Sun, Feb 12, 2012 at 1:29 PM, Brian Munyao Longwe <blongwe at gmail.com> wrote:
> ...and in other news, Rwanda hosts a cyber-security conference next month...
>
> http://aptantech.com/2012/02/rwanda-to-host-cyber-security-workshop/
>
> Mblayo
>
>
> On Sat, Feb 11, 2012 at 10:04 PM, Michuki Mwangi <michuki at swiftkenya.com>
> wrote:
>>
>> Hi Brian, et al,
>>
>> On 2/11/12 9:28 PM, Brian Munyao Longwe wrote:
>> > Hey Michuki,
>> >
>> > A group calling themselves "Rwandan-Hackers" compromised the Standard
>> > Media website yesterday and published online a list of KTN Live members
>> > which included username, encrypted password and email addresses, a
>> > snippet follows:
>> >
>>
>> So this brings on a new perspectives to the discussion.
>>
>> 1. The great connectivity that we have has not only exposed us to
>> external threats but also to Internal threats.
>>
>> 2. It also clears the fact that it doesnt matter where your website is
>> hosted since this website is hosted in the US just like the Toyota one.
>>
>> 3. The attack is through an SQL injection which IMHO exposes the depth
>> of our web-developers.
>>
>> Point 3 above leads me to a conclusion that the CxO's are making the
>> necessary investments. But it looks like the ball is dropped elsewhere.
>>
>> my 2 cents!.
>>
>> Mich
>>
>
>
>
> --
> Brian Munyao Longwe
> e-mail: blongwe at gmail.com
> cell:  +254715964281
> blog : http://zinjlog.blogspot.com
> meta-blog: http://mashilingi.blogspot.com

-- 
Brian Munyao Longwe
e-mail: blongwe at gmail.com
cell:  +254715964281
blog : http://zinjlog.blogspot.com
meta-blog: http://mashilingi.blogspot.com

"Give us clear vision that we may know where to stand and what to
stand for, because unless we stand for something, we shall fall for
anything."