Saturday, June 30, 2012

Another Fake Boutique Security Firm

Another Fake Boutique Security Firm

jadedsecurity.net

Thanks to @Highwick for pointing out friend here has opened up a new site…. http://www.blackandberg.com/

He is still a CyberSecurity Professional and still has his awesome paper listed.

At Black & Berg Cybersecurity we staff only the best in the world, our consultants Are Certified Private Cybersecurity Specialists and their qualifications include:

Bachelor of Applied Science, Information System Security

Associate of Applied Science, Computer Network Systems

Certified Information System Security Professional (CISSP) *

National Security Agency Certification INFOSEC Specialist NSA-4011

US Citizens with the ability to obtain Security Clearances

Certified Information Security Manager (CISM) *

Certified Ethical Hacker (C|EH) *

Security+ *

Network+ *

Project+

Linux+

A+ Remote Support Technician *

A+ IT Technician *

* Department of Defense (DoD) Directive 8570.01 Compliant

UPDATES: If anyone cares anymore…

Joe Claims he got his CISM

#Jadedexposure checks

June 11th 2011. Attrition.org had sent me another of his awesome sites.. http://www.securityofomaha.org/

UPDATE!!!!! BlackbergSecurity is NOT A DEFENSE CONTRACTOR according to E-VERIFY

I’d like to preface this again by saying I don’t condone the activities of Lulzsec. I do fall into the crowd of security professionals who Patrick Gray described as secretly loving him. Patrick has written a great piece on the awareness the group has brought to the weaknesses in information security.  I suggest you go out and read it immediately and you’ll see why.

Attrition.org broke a story back in February on how Joe Black has used social media to create his “Security God” image. Needless to say, they debunked the entire image. Unfortunately, real security guys are the only ones who actually read Attrition, and Joe Black was able to continue in his path to self proclaimed security god.

In his efforts to legitimize his site, he has built a reputation around certifications and misinformation. He has a very interesting career, that we can trace back to his days at Wright Printing in 2005 according to his LinkedIn Profile which is also about the time he was supposedly enrolled at ITT in his Bachelors degree program in Omaha. Calls to ITT have not been returned as of this writing, but Joe did post his associates degree on his flickr page.  While we are on the topic of education, his profile also states that he is expecting to complete his Masters in Security Management  at Bellevue University in 2013. According to the registrar he has withdrawn from every single course he had enrolled in since January of 2009. Guess the worlds greatest hacker, didn’t realize information is public. Oh well

With his reputation on the line he had called out our neighborhood Lulz maker with the following message on his website.

“Cybersecurity For The 21st Century, Hacking Challenge: Change this website’s homepage picture and win $10K and a position working with Senior Cybersecurity Advisor, Joe Black.”

Guess what happens next?

Again, not that I condone any of this, but you know me any chance to prove that security certifications are useless can’t be ignored. Wow, look at all of those interesting certifications on his website. This guy must be a Security Megastar. Lets see what he has

All can be seen thanks to our brainiac on his Flickr

  • Project+ COM70010068307772 A+ 1/08
  • Remote Support COMP001006830772 1/09
  • Security+ COMP001006830772 1/08
  • Network+ COMP00100683C772 1/08
  • Linux+ COMP001006830772 2/08
  • CEH ECC926927 09/08CISSP 318010 12/08

What I don’t see is the ISACA CISM & CISA certifications.

Please Joe, if you have them send the numbers my way

So are we still confident how certifications do not equate to competency? This is just another example of false advertising, and I’m glad it has been brought to light. Black has even Facebook to advertise his services

I love his About statement “At Black & Berg Cybersecurity Consulting we leverage our close relationship with the Federal Government to give our small business clients a Cybersecurity posture that equals or exceeds that of the NSA and Department of Defense.”

Wait speaking of his federal contacts he does have a CAGE# on his linkedin Profile. Wow, legit eh.. EXPIRED

In closing I’m sure you paper security guys would be more than happy to hire him, real security guys well we don’t find our vendors at bus stops.

Original Page: http://jadedsecurity.net/2011/06/08/another-fake-boutique-security-firm/

Shared from Read It Later

Elyssa Durant, Ed.M.

SHIELD • STRIKE  • ReMOVE
HATE Highest Anti Terror Effort

Forgive typos! iBLAME iPhone

Posted from DailyDDoSe

No comments:

Post a Comment