How to Break Into Security, Miller Edition. For this fifth edition in a series of advice columns for folks interested in learning more about security as a craft or profession, I interviewed Charlie Miller, a software bug-finder extraordinaire and principal research consultant with Accuvant LABS. Probably best known for his skills at hacking Apple‘s products, Miller spent five years at the National Security Agency as a “global network exploitation analyst.”
After leaving the NSA, Miller carved out a niche for himself as an independent security consultant before joining Accuvant in May 2011. BK: How did your work for the NSA prepare you for a job in the private sector? Did it offer any special skill sets or perspectives that you might otherwise not have gotten in the private sector? Miller: Basically, it provided on the job training. I got paid a decent salary to learn information security and practice it at a reasonable pace. BK: The U.S. Miller: For me, it made sense at the beginning, but there are some drawbacks. Digital Evidence & Discovery (DEAD) DFI – Reducing Risks by Thinking Like the Bad Guys | TAL Global … Furthermore, protecting critical infrastructure and safeguarding transportation facilities is rapidly becoming a single task, since security concerns have evolved to include all transportation modes supporting the events – both … See on www.talglobal.com.
DFI – Apple iCloud attack deletes data. DFI – Hacking Exposed 7: Network Security Secrets … – RSA Conference. DFI – Insider threat | Homeland Security News Wire. DFI – The perfect Trojan horse. When network spies can hide in power strips, network security takes a turn toward the impossible (RT @infoworld: Afternoon read: When power strips attack network security See on www.infoworld.com. DFI – Reuters hacked, fake stories on Syria posted – DVICE. DFI – British lawmaker with leading role in hacking hearings quits – AsiaOne.
DFI – Ronny’s Notes: 32. iCloud Social Engineering. DFI – Mistakes Were Made: Incident Response – Packetknife’s Space. DFI – ‘Spearphishing’ Fraud Hooks More Victims – Smartmoney.com. Online Investing: Stocks, Personal Finance & Mutual Funds at SmartMoney.com - SmartMoney.com. DFI – BBB explains Internet scams, details how to avoid them – Topeka Capital Journal. BBB explains Internet scams, details how to avoid themTopeka Capital JournalPhishing is the act of sending an email or a pop-up message that appears, at first glance, to be from a trustworthy business or government source — but the goal is identity… See on cjonline.com. DFI – Phone-hacking scandal: Jonathan Rees obtained information using dark arts.
Freemason set up network of corrupt police, customs officials, taxmen and bank staff to gain valuable information (RT @ruperttwatmurdo: @StevenNott Pi Jonathan Rees set up network of corrupt police See on www.guardian.co.uk. DFI – Former Federal Reserve Bank Contractor Pleads Guilty In Code Theft – Dark Reading. Harvesting Data on the Xarvester Botmaster. In January of this year, I published the results of an investigation into the identity of the man behind the once-infamous Srizbi spam botnet. Today’s post looks at an individual likely involved in running the now-defunct Xarvester botnet, a spam machine that experts say appeared shortly after Srizbi went offline and shared remarkably similar traits.
In this screenshot from Spamdot.biz, Ronnie chats with “Tarelka” the Spamdot nickname used by the Rustock botmaster. The two are discussing an M86 report on the world’s top botnets. Srizbi was also known in the underground as “Reactor Mailer,” and customers could register to spam from the crime machine by logging into accounts at reactormailer.com. That domain was registered to a mserver@mail.ru, an address that my reporting indicates was used by a Philipp Pogosov. When reactormailer.com was shuttered, Srizbi customers were instructed to log in at a new domain, reactor2.com.