Tag Archives: national security agency

DHS Giving Firms Free Penetration Tests

December 1, 2015

The U.S. Department of Homeland Security (DHS) has been quietly launching stealthy cyber attacks against a range of private U.S. companies — mostly banks and energy firms. These digital intrusion attempts, commissioned in advance by the private sector targets themselves, are part of a little-known program at DHS designed to help “critical infrastructure” companies shore up their computer and network defenses against real-world adversaries. And it’s all free of charge (well, on the U.S. taxpayer’s dime).

Paris Terror Attacks Stoke Encryption Debate

November 17, 2015

111 Comments

U.S. state and federal law enforcement officials appear poised to tap into public concern over the terror attacks in France last week to garner support for proposals that would fundamentally weaken the security of encryption technology used by U.S. corporations and citizens. Here’s a closer look at what’s going on, and why readers should be tuned in and asking questions.

Catching Up on the OPM Breach

June 15, 2015

73 Comments

I heard from many readers last week who were curious why I had not weighed in on the massive (and apparently still unfolding) data breach at the U.S. Office of Personnel Management (OPM). Turns out, the easiest way for a reporter to make sure everything hits the fan from a cybersecurity perspective is to take a two week vacation to the other end of the world. What follows is a timeline that helped me get my head on straight about the events the preceded this breach, followed by some analysis and links to other perspectives on the matter.

DEF CON To Feds: We Need Some Time Apart

July 10, 2013

86 Comments

One of the more time-honored traditions at DEF CON — the massive hacker convention held each year in Las Vegas — is “Spot-the-Fed,” a playful and mostly harmless contest to out undercover government agents who attend the show. But that game might be a bit tougher when the conference rolls around again next month: In an apparent reaction to recent revelations about far-reaching U.S. government surveillance programs, DEF CON organizers are asking feds to just stay home.

Source: Washington Post Also Broadly Infiltrated By Chinese Hackers in 2012

February 1, 2013

70 Comments

The Washington Post was among several major U.S. newspapers that spent much of 2012 trying to untangle its newsroom computer networks from a Web of malicious software thought to have been planted by Chinese cyberspies, according to a former information technology employee at the paper.

How to Break Into Security, Miller Edition

August 7, 2012

23 Comments

For this fifth edition in a series of advice columns for folks interested in learning more about security as a craft or profession, I interviewed Charlie Miller, a software bug-finder extraordinaire and principal research consultant with Accuvant LABS.

Probably best known for his skills at hacking Apple’s products, Miller spent five years at the National Security Agency as a “global network exploitation analyst.” After leaving the NSA, Miller carved out a niche for himself as an independent security consultant before joining Accuvant in May 2011.

Arrested LulzSec Suspect Pined for Job at DoD

September 23, 2011

54 Comments

A 23-year-old Arizona man arrested on Thursday in connection with the hack of Sony Pictures Entertainment last May was a model student who saw himself one day defending networks at the Department of Defense and the National Security Agency.

Firm to Release Database & Web Server 0days

January 11, 2010

63 Comments

January promises to be a busy month for Web server and database administrators alike: A security research firm in Russia says it plans to release information about a slew of vulnerabilities in widely-used commercial software products.