I’m back from the last OWASP (organized together with ISSA) Belgium Chapter meeting. As usual, good times with friends from the Belgium Security landscape ;-). Two topics were covered today. First GreenSQL, a database firewall, then an overview of the mobile malwares by Mikko Hypponen.
Almost one year to the day, I wrote a blog post about GreenSQL. Yuli Stremovsky, VP of Research and Development, was invited in Belgium to present his solution. Yuli first reviewed some common facts to explain why products like GreenSQL are important in today’s infrastructure. Databases are used everywhere and accessible online via web sites. Some common problems were covered (like SQL injection) – nothing new – but a solution like GreenSQL could be interesting in some cases.
GreenSQL acts as a proxy: before passing the SQL queries to the database server, several checks are performed and unexpected requests are blocked. Unfortunately, the product comes “empty” and the administrator has to define which queries will be accepted. The default rule is “deny all” and dangerous commands like “show processes” are also denied. As suggested by people in the room, some “set of queries” for common web applications (Jumla, WordPress, …) could be welcome to not reinvent the wheel.
I had an interesting discussion with Yuli: It could be interesting to export the events generated by GreenSQL to a third party system such as a log management solution. Another nice feature could be to filter the data sent back to the client (some kind of “DLP” module). Important remark: Using GreenSQL does not prevent developers to stay aware of security! Relying on GreenSQL only is a fail!
After a short break, Mikko Hypponen, Chief Research Officer for F-Secure, presented the situation of the malware lanscape in the mobile world and what can we expect in a (near) future. Mikko is a great speaker and gave a excellent presentation. He reviewed the story of malwares on mobile phones. Compared to common environments like Windows, there is “only” 500 known viruses targeting our mobile phone (interesting to know: Symbian is the top-target).
The evolution of mobile malwares follows the same way as on our PC’s. First they were not able to spread rapidly (the Bluetooth covers only a limited area) and had limited impacts. Today, the malwares are developed to stealth money! Mikko gave more details about an attack targeting mijn.ing.nl (web-banking site). Other malwares can send text messages or call high-rate phone numbers.Not surprising, lot of malwares hit the users due by forcing them to perform unsafe actions or displaying rogue informations. Nothing new, the human factor is the major problem. And what about the future? Mikko predicts: more malwares, mobile botnets, drive-by-exploits, rogue dialers and, of course, spam bots.
This was an excellent meeting with great topics. Lot of people were present due to the dual-organization OWASP-ISSA. See you next time!