I found this gem today. Great to hear we have some guy from Microsoft running the Cybersecurity show in the USA (that was sarcasm):
The Department of Homeland Security (DHS) appointed former Microsoft executive Philip Reitinger as director of the National Cybersecurity Center.
In an announcement earlier this week, DHS Secretary Janet Napolitano filled three positions that support cybersecurity operations at DHS. Also appointed were Greg Schaffer as assistant secretary for cybersecurity and communications and Bruce McConnell as counselor tothe National Protection and Programs Directorate (NPPD) Deputy Under Secretary.
Reitinger fills the NCSC post left vacant with the departure of Rod Beckstrom. Beckstrom resigned in March citing his frustration with cybersecurity planning between federal agencies and the lack of funding for cybersecurity issues. Reitinger will also continue to serve as Deputy Under Secretary for the NPPD, a post he was appointed to in March.
KBT Computers, Jun 2009
Read the rest over at KBT Computers’ Blog
The network security guys at T-Mobile USA probably breached their underpants after some black hat or group of black hats named “Pwnmobile” posted on seclists.org a sizeable list of internal hostnames, OSes, partial descriptions, internal IP addresses, and facilities relating to the back-end of T-Mobile’s customer management and services network.
At first, T-Mobile tried to say it was just a list pulled from a corporate document; but now the company is admitting that it was, in fact a major security breach according to a USA Today Blog and are not disclosing how much data was taken. Odds are, if whoever managed to get this far, a very sizeable amount of data was captured. The person who made the posting mentioned that they had tried to sell the information to competitors, but they were not taken seriously.
On a slightly related note, the posting related the T-Mobile hack with Check Point. Does this mean a perimeter Check Point firewall was either hacked or exploited to gain access to this network? Only further elaboration from Pwnmobile, T-Mobile, or an insider can say. There have been several recently published high-visibility Check Point exploits and perhaps they were used in the hack.
Interesting article about how the US is planning on handling the aging security infrastructure in the US. The issue has become more pressing lately because of high-profile breaches that have garnered peoples’ attention towards how safe not only the government is; but their personal data on government computers as well. More here:
