It’s the start of a long weekend and I, for one, will be trying to spend as little time in my home office as possible this weekend. It probably won’t work out that way, since the home office is also my lab and my play space, but I can dream. I hope everyone has a great weekend to kick off the summer, though it’s overcast and grey where I’m at. Thus starts the summer.
- Fake Russian gas company used as cover-up for cybercrime – The money has to be laundered somewhere, so it might as well be a gas company. Of course, from what I hear of the Russian gas companies, cybercrime might just be the tip of the iceberg of the things they’re doing.
- Defcon 17!!!! – There aren’t many events I look forward to as much as Black Hat and Defcon. I’m looking forward to FIRST, since I get to see Kyoto, but Defcon is much higher on the ‘fun and excitement’ scale. And Defcon’s actually affordable, which is a huge deal when worrying about conferences.
- Urban ‘attack’ on infrastructure – Are our infrastructure elements really this vulnerable? I knew a guy in high school who hacked the local train crossing signals, which sounded cool until the FBI tracked him down by the materials he’d purchased at Radio Shack. D’ooh!
- Gumblar: The malware that is sweeping the nation – “In short, Gumblar is 100 miles of bad road.” Ouch.
- Microsoft’s ClickOnce Firefox add-on – Some of the things Microsoft thinks are a good idea leave me scratching my head. I’m talking about the latest patch for .NET, not Office 2007. This time.
Have a great weekend everyone!
If you’ve been in the security business for an extended length of time, you’ve probably heard the name Lee Kushner at some time or another. You know someone who’s worked with Lee to find the right person for a job, you know someone who’s gotten a job because of Lee or you know someone who’s gotten career advice from Lee. There are only a few recruiters in the business who not only have the contacts and understanding of recruiting that Lee does, but also understand the specific challenges of finding the right people and the right positions that the security industry does. And if you don’t think the security industry has some unique challenges, you’ve never worked with some of the personalities and egos that this career path seems to attract. Smart, talented people of course, but there seems to be an interesting set of personality traits that go along with everything else.
If you haven’t dealt with Lee directly, here’s your chance to read some of his advice, along with that of my friend, Mike Murray at their new site, Information Security Leaders. Mike and Lee have been collaborating for some time and have finally decided that they’d start a blog to share their viewpoints with the world at large. If you’re starting a career, you’ll be able to find hints and tricks about finding the job you want in security. If you’re already in the field, you’ll find the nuggets of information that may be the key to getting that next position. And at the very least you’ll find examples of career moves that will either leave you shaking your head or asking “Why didn’t I think of that before?“
Lee’s helped me find a job in the past and I keep in touch with him because he’s a great resource even when you’re not looking for a position. And if you see him at RSA or one of the other big events, you’ll realize how many other people he’s helped because you can’t have a five minute conversation with him without at least two or three other people he’s helped coming up to say hello. Mike and Lee give several talks a year about having a security career and the steps you need to take, but if you can’t make one of the events, take the time to read their writing instead. Better yet, read their thoughts in addition to attending their talks, you’ll be glad you did.
This is one of those good news/bad news weeks. On the bad side, Rich messed up and now has to retake an EMT refresher course, despite almost 20 years of experience. Yes, it’s important, but boy does it hurt to lose 2 full weekends learning things you already know. On the upside, this is, as you probably noticed from the title of the post, episode 150! No, we aren’t doing a 12 hour podcast like Paul and Larry did (of PaulDotCom Security Weekly), but we do have the usual collection of interesting security stories.
Network Security Podcast, Episode 15, May 12, 2009