No hacker will be able to improve security in industry | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

In what can only be described as poor-quality spin, the US Government”s Cybersecurity and Infrastructure Security Agency has made much of the fact that former hacker Mudge will be joining the agency in a part-time capacity. [The word hacker is used here in its original meaning: someone who plays around with code.]

Mudge, whose real name is Peiter Zatko, was part of the hacking groups L0pht and Cult of the Dead Cow. Among other achievements, the CDC is known for Back Orifice, a program designed for remote administration, the brainchild of Sir Dystic, a member of CDC. Back Orifice was named to bring attention to the poor security in Windows.

Mudge is a skilled hacker and was one of the first in the hacker community to reach out and talk to government and industry.

But given the bureaucratic way in which the US works — and this is true of most governments — it is doubtful whether Mudge’s methods would succeed in bringing any more security into the existing framework.

Mudge has worked for DARPA, Google, Twitter and is now with Rapid7. But in all these firms, one is able, at least to some degree, to work independently and develop strategies that can be adopted.

That does not work well in government where the emphasis is on career-building and sucking up to one’s superiors to ensure promotions.

That is the last thing that Mudge would look for, especially at this stage of life: he is 52.

There was a time when hackers were called on to testify before US Government committees and their words often had some impact.

No longer is that the case. The security industry is now immune to government intervention as can be seen by the US inability to do anything about the appalling security of Microsoft’s products.

The recent Azure cloud breach and the fallout are classic examples of this.

Would Mudge be of any use in bringing about change in companies that pay lip service to security, but only act to try and increase their own profits? The short answer is no.

He will remain within the ranks for a while and then leave when he is tired of the job. In the meantime, it will, no doubt, help him add to his retirement income.


You probably know that we are big believers in Network Detection and Response (NDR).

Did you realise that Gartner also recommends that security teams prioritise NDR solutions to enhance their detection and response?

Picking the right NDR for your team and process can sometimes be the biggest challenge.

If you want to try out a Network Detection and Response tool, why not start with the best?

Vectra Network Detection and Response is the industry’s most advanced AI-driven attack defence for identifying and stopping malicious tactics in your network without noise or the need for decryption.

Download the 2022 Gartner Market Guide for Network Detection and Response (NDR) for recommendations on how Network Detection and Response solutions can expand deeper into existing on-premises networks, and new cloud environments.



It’s all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.



Click Here For The Original Story From This Source.

National Cyber Security