Tag Archive for: Alex

Hacker Conversations: Alex Ionescu – SecurityWeek

/in


In this edition of Hacker Conversations, SecurityWeek talks to Alex Ionescu, a world-renowned cybersecurity expert who has combined a career as a business executive with that of a security researcher. 

The goal of Hacker Conversations is to talk to cybersecurity researchers to better understand how they fit into and operate within the cybersecurity ecosphere. 

Ionescu is currently technical director, platform operations and research at Canada’s Communications Security Establishment (which has responsibility for foreign signals intelligence and communications security, protecting government networks, and being the nation’s technical authority for cybersecurity and information assurance).

Before that, he was VP of endpoint engineering at CrowdStrike, and is the co-author of the last two editions of the Windows Internals series. He talked to SecurityWeek for this series on his experience as an independent security researcher.

“The cliché answer,” says Ionescu, “is ‘curiosity’. It’s more complex than this; but basically, it is an insatiable need to know how things work, and why they work.” One thing it doesn’t need is a desire for fame and fortune. A lot of fame and a degree of fortune can be obtained (and we’ll meet researchers in this series who have done just that), but it is the exception.

Alex Ionescu
Alex Ionescu

It’s the process that must appeal. “You could spend years researching something and, in the end, it amounts to nothing more than knowledge gained. It’ll have no value beyond that,” he continued. “So, you must have that curiosity that makes you say at the end of the day ‘Oh, I’m glad I learned something that I can share.’ If you’re in it just for fame or just for money, it’s going to be disappointing quite quickly, because you generally don’t get there; or get there very rarely.”

This introduces two further personality traits that will benefit the researcher: patience and the lack of ego. Patience goes together with curiosity – neither work very well on their own. Research can be long and slow, so patience is necessary to keep going.

Ego is bound up with another characteristic – a desire to share what is discovered. There are…

Source…

Alex Murdaugh trial suspended as courthouse evacuated due to security issue

/in


The South Carolina courthouse where former attorney Alex Murdaugh’s murder trial is taking place was evacuated Wednesday due to a security issue, officials said. 

“A bomb threat was received by Colleton County courthouse personnel,” a spokesperson for the South Carolina Law Enforcement Division said in a statement.

“The building has been evacuated and SLED along with the Colleton County Sheriff’s Office are investigating the threat,” the statement continued. “No additional information is available from SLED at this time.”

Circuit Court Judge Clifton Newman is presiding over the case as Murdaugh’s trial — for an alleged double-homicide that has been widely publicized for years — enters its third week. In a live stream of Wednesday’s proceeding, Newman can be heard calling a sudden recess around 12:30 p.m.

“Ladies and gentleman, we have to evacuate the building at this time,” the judge said. “So, we’ll be in recess until we discover what’s going on.”

Murdaugh, 54, is a disbarred lawyer previously known for his family’s status as prominent legal figures in South Carolina, their home state. He has been accused of shooting and killing his late wife, Margaret, 52, and their son, Paul, 22, in June 2021.

The case has led to a slew of allegations and 100 criminal charges for various alleged financial and legal offenses, including computer crimes, money laundering, forgery and breach of trust with fraudulent intent. Various indictments from prosecutors and a state grand jury allege Murdaugh stole settlement money, as well other funds, from his former clients, supposedly amounting to about $6.2 million. 

In an indictment filed six months after Margaret Murdaugh and Paul Murdaugh’s killings, prosecutors also accused Murdaugh of crimes including operating a drug trafficking ring and allegedly attempting to fake his own death in an effort to secure a $10 million life insurance payout for his surviving son, Buster.

Murdaugh has insisted throughout the criminal investigation into his wife and youngest son’s deaths that he did not kill them. The disgraced attorney has said that when he found them shot to death at the family’s hunting estate in Colleton County on the evening of June…

Source…

SolarWinds hires Chris Krebs and Alex Stamos following huge hack

/in


  • SolarWinds is hiring former Homeland Security official Chris Krebs and ex-Facebook security chief Alex Stamos to help shore up its security following its huge hack, which government agencies said was probably “Russian in nature.”
  • Krebs and Stamos both told The Financial Times they expect to uncover a lot more damage done by the hack than has been reported already.
  • Krebs headed up the Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) until November, when he was fired by President Trump.
  • Visit Business Insider’s homepage for more stories.

SolarWinds has hired two of the biggest names in cybersecurity, following the gigantic breach, which meant it acted as the gateway for hackers to penetrate US government systems.

SolarWinds announced on Thursday it was retaining a new security consulting business founded by Chris Krebs, a former Homeland Security cybersecurity official, and ex-Facebook security chief and Stanford University professor Alex Stamos.

The SolarWinds hack was first revealed in December, and likely had been ongoing since at least March. Hackers got into SolarWinds’ systems, which monitor for server outages. From there, were able to get into the systems of US government agencies by putting out malicious code in SolarWind updates. A joint task force of US agencies on Tuesday issued a statement saying the hack was “likely Russian in nature.”

“We have brought in the expertise of Chris Krebs and Alex Stamos to assist in this review and provide best-in-class guidance on our journey to evolve into an industry leading secure software development company,” a company spokesman told Reuters in a statement.

Krebs told The Financial Times it will take years to uncover the full extent of the damage done by the hack.

“This has been a multiyear effort by one of the very best, the most sophisticated intelligence operations in the world. It was just one small part of a much larger plan that’s highly sophisticated, so I would be expecting more companies that have been compromised; more techniques that we’re yet to find […] There’s so much more to be written I think in this chapter of Russian cyber-intelligence operations,” said…

Source…

Alex Stamos, director of Stanford Internet Observatory discusses domestic disinformation in the US Presidential Election

/in


LISBON, Portugal, Dec. 4, 2020 /PRNewswire/ —

  • According to Alex Stamos, director of Stanford Internet Observatory, along with the usual election disinformation tactics – trying to mislead voters on the mechanics of casting their ballot, or trying to discourage them from voting altogether – this year’s US presidential election saw a new phenomenon: people attempting to call into question the election results.
  • Stamos, formerly Facebook’s chief security officer,  said that, overall, social media platforms did a better job at preventing foreign disinformation on their sites than they did during the 2016 election. Comparing them head to head this time around, Stamos said YouTube  was “probably the most problematic”, with the least comprehensive policies around election disinformation.
  • Speaking at 100,000-attendee online conference Web Summit, Stamos is part of a line-up that includes European Commission president Ursula von der Leyen, tennis great Serena Williams and Dallas Mavericks owner Mark Cuban.

Compared to the 2016 US presidential election, social media platforms did much better at preventing foreign disinformation  during this year’s election cycle. The bigger problem was domestic disinformation, said Alex Stamos, director at Stanford Internet Observatory.

Even though platforms improved, Stamos – who was Facebook’s chief security officer until 2018 – said that YouTube was the most problematic platform.

“The largest influencers get the least amount of enforcement, and we need to invert that,” he said.

Stamos’s comments came during  an interview with Eizabeth Dwoskin, Silicon Valley correspondent at the Washington Post, during the 100,000-attendee Web Summit.

Elaborating on YouTube’s challenges this election cycle, Stamos pointed out that influencers livestreamed far more than four years ago. Live video is especially hard to fact-check in a meaningful way, especially when influencers tried to erroneously claim election victory for Trump while votes were still being counted.

“Some of these people have live audiences that approach the daytime viewership of CNN, so you’re talking about YouTube effectively operating as a cable network,” he said.

Famously – and…

Source…