Thursday, June 09, 2011
UPDATE: BlackbergSecurity is NOT A DEFENSE CONTRACTOR according to E-VERIFY.
I’d like to preface this again by saying I don’t condone the activities of Lulzsec. I do fall into the crowd of security professionals who Patrick Gray described as secretly loving him. Patrick has written a great piece on the awareness the group has brought to the weaknesses in information security.
I suggest you go out and read it immediately and you’ll see why.
Attrition.org broke a story back in February on how Joe Black has used social media to create his “Security God” image. Needless to say, they debunked the entire image.
Unfortunately, real security guys are the only ones who actually read Attrition, and Joe Black was able to continue in his path to self proclaimed security god.
In his efforts to legitimize his site, he has built a reputation around certifications and misinformation. He has a very interesting career, that we can trace back to his days at Wright Printing in 2005 according to his LinkedIn Profile which is also about the time he was supposedly enrolled at ITT in his Bachelors degree program in Omaha.
Calls to ITT have not been returned as of this writing, but Joe did post his associates degree on his flickr page. While we are on the topic of education, his profile also states that he is expecting to complete his Masters in Security Management at Bellevue University in 2013.
According to the registrar he has withdrawn from every single course he had enrolled in since January of 2009. Guess the worlds greatest hacker, didn’t realize information is public. Oh well.
With his reputation on the line he had called out our neighborhood Lulz maker with the following message on his website:
“Cybersecurity For The 21st Century, Hacking Challenge: Change this website’s homepage picture and win $10K and a position working with Senior Cybersecurity Advisor, Joe Black.”
Guess what happens next?
Again, not that I condone any of this, but you know me any chance to prove that security certifications are useless can’t be ignored. Wow, look at all of those interesting certifications on his website.
This guy must be a Security Megastar. Lets see what he has:
All can be seen thanks to our brainiac on his Flickr:
- Project+ COM70010068307772 A+ 1/08
- Remote Support COMP001006830772 1/09
- Security+ COMP001006830772 1/08
- Network+ COMP00100683C772 1/08
- Linux+ COMP001006830772 2/08
- CEH ECC926927 09/08CISSP 318010 12/08
What I don’t see is the ISACA CISM & CISA certifications.
Please Joe, if you have them send the numbers my way...
So are we still confident how certifications do not equate to competency? This is just another example of false advertising, and I’m glad it has been brought to light. Black has even used Facebook to advertise his services.
I love his About statement “At Black & Berg Cybersecurity Consulting we leverage our close relationship with the Federal Government to give our small business clients a Cybersecurity posture that equals or exceeds that of the NSA and Department of Defense.”
Wait speaking of his federal contacts he does have a CAGE# on his LinkedIn Profile. Wow, legit eh... EXPIRED.
In closing I’m sure you paper security guys would be more than happy to hire him, real security guys well we don’t find our vendors at bus stops.
Cross-posted from Jaded Security
Possibly Related Articles:
(Rate this Post)
Elyssa Durant The CyberSecurity business is a rapidly growing field.
Recruitment has been fast and furious since the United States became aware that we have a serious problem on our hands.
In that process, many firms are taking on interns to test the aptitude for those who are well suited for intelligence and counterintelligence work.
As Joe Black knows. This is a field where you need to prove your skills, and the only way to truly test them is in the field. From there, you either sink or swim.
In addition, that recruitment process has been untraditional; calling on experts from all walks of life.
As we all know, extraordinary times call for extraordinary measures. We live in extraordinary times and operate under extraordinary measures.
Black & Berg CyberSecurity Consulting, LLC is a new firm and failure is not an option.
I think Joe Black is handling the situation with real class responding to directed questions and placing his credentials out there for the world to see.
Joe Black has surrounded himself with a good team, and that is half the battle. This team will stand by him, until we hear otherwise. Our methods, background and training are diverse and atypical. Our dedication and commitment beyond reproach.
Nobody makes it in this business overnight, but Joe Black has, experienced excellent advisers to support him.
What exactly do we know about Lulzsec other than their desire to wreak havoc on the world wide web and their ability to to launch CyberWarfare on those who "dare" to challenge them?
I always get a chuckle when people make [want] to make the assumption that I attended Columbia Community College as opposed to my "real" alma matter, Columbia University in the City of New York.
If people are desperate to see Ivy League Credentials and a few advanced Masters degrees... just send them my way.5 days agoElyssa Durant firstname.lastname@example.org
date Wed, Jun 15, 2011 at 7:22 PM
subject Fwd: About your website defacement/compromise.
Important mainly because of the people in the conversation.
hide details 7:22 PM (1 hour ago)
via e-mail from Joseph Black:
Thought you should see this email that I received.
---------- Original Message ----------
From: Victor Vennt
Date: June 8, 2011 at 8:44 PM
Subject: About your website defacement/compromise.
To whom it may concern:
I believe that "LulzSec" - The notorious hacking group responsible for recent Sony & FBI hacks may have given themselves away & identified themselves with their recent defacement and compromise of your site.
Last year cryptome.com was similarly compromised by a splinter group of "Anonymous" whom went by the name of "DIDITFORTHELULZ", one of that groups 'tag lines" was "We do it for the lulz", the members of that group were eventually exposed, see:
It is believed in certain circles of "Anonymous", that the ringleader of LulzSec is one Corey "Xyrix" Barnhill, further research may yet provide confirmation of this.
One friend of his, and "notable" member of this group has previously been charged with computer tampering, computer trespass, and criminal possession of computer material for an attack on AOL, see: http://www.infoworld.com/d/security-central/ny-teen-hacks-aol-infects-systems-818.
I hope this information is of some interest to you,
A concerned citizen.48 minutes ago
Black and Berg Cybersecurity Consulting
Black and Berg Cybersecurity Consulting is an early 21st century response to the United States Senate's request for private sector intervention in order to raise our National security posture.
The US government, business, and civil sectors are working directly with Black & Berg to ensure the success of our aggressive campaign to combat Cyberterrorism. We cannot fail in our mission to secure American Cyberspace with the application of a Megacommunity. For if we do fail, then, we really have no choice but to recommend the hand over of complete control of privately owned systems to the Executive Branch of the United States Government.
The page you were looking for doesn't exist!
It may have been removed or you may have arrived here by using a bad URL
Try searching for the article you are looking for.
Visit the Homepage to see the most recent stories.
Browse categories and tags to find a related story.
Or try the forum at forum.cyberwarzone.com
blackbergsecurity 0 0 (-) 0 0 0 (-) 6000.
Rank User News Published Comments Total votes
1 CWZ 398 398 (100%) 4 406 399 (98%) 34403.00
2 Lovely 45 45 (100%) 0 45 45 (100%) 9701.00
3 cybercopsindia 10 10 (100%) 0 10 10 (100%) 7203.00
4 nigroeneveld 0 0 (-) 0 0 0 (-) 6000.00
4 blackbergsecurity 0 0 (-) 0 0 0 (-) 6000.00
6 mgd 3 3 (100%) 0 3 3 (100%) 1198.00
7 vagabondhuman35 1 1 (100%) 0 1 1 (100%) 66.00
7 ArnanRecruiter 1 1 (100%) 0 1 1 (100%) 66.00
9 dvlaho 0 0 (-) 0 0 0 (-) 1.00