Nclose is proud to announce that it has won this years VeloCITI competition. VeloCITI is a program where Western Cape based IT companies are mentored on aspects of running a successful business. Out of the 15 participants Nclose was the winner based on business growth and various other aspects. The VeloCITI program assisted Nclose with the outstanding success that has been achieved this year.

David Murry and Tony Malam from CVP, who mentored Nclose on all the aspects of running a successful business have many years experience working along side successful South African based IT companies.

The Kaspersky Lab breakfast was a great success and we had a great attendance rate. Butha Van Der Merwe from Waltons was the lucky winner of the Ipod Nano for the lucky draw.

There were some requests for the presentation slides. These are available for download in pdf format by clicking on the links below:

• "Anti-Virus is a Commodity"
• "Kaspersky"

The Cape Town Information Security Group held a meeting on Tuesday afternoon with two speakers. First, Randolph Osterrroht from One Digital Media introduced and played a video on "No Tech Hacking". Secondly, Martin Potgieter from Nclose did a talk on web application security. The slides for the web application security talk can be downloaded here. Both talks brought upon some interesting discussion. For further information on the Information Security Group have a look at their website.

A massive attack on web applications has been making news headlines for the past week. Security professionals have known about the infections since the beginning of the year, but until recently have been unsure what vulnerability was being exploited. Microsoft have confirmed that the attack is not exploiting a recently announced IIS vulnerability, but is instead using Google to find IIS websites that accept user input and attempting to exploit them.
The interesting thing is this is a completely automated way to attack web applications. We can expect this to be a serious problem that is going to linger for some time, mainly because it will take months if not years to audit all the different affected web applications, and there are sure to be more vulnerable web applications launched on a daily basis. It is estimated that 500,000 websites have been infected, many of them well know "trusted" sites.