County Pays $600K to Wrongfully Jailed Pen Testers
Iowa police arrested two penetration testers in 2019 for doing their jobs, highlighting the risk to security professionals in red teaming exercises.
Jail-related security coverage examines how cybercrime investigations, prosecutions, and prison systems intersect with digital evidence and network security.
Search across headline titles and summaries.
Background for this topic.
Jail is a containment mechanism that restricts a process or user to a defined environment, such as selected files, system resources, processes, and network access. The term commonly describes operating-system features such as Unix-style filesystem jails, rather than a physical facility or a general-purpose virtual machine.
Jails limit the damage a compromised service or untrusted program can cause, but they are not automatically a complete security boundary. A vulnerable kernel or jail implementation, excessive privileges, exposed sockets, writable host paths, or incorrect resource and network rules can enable escape or access beyond the intended scope. Secure operation therefore requires least-privilege configuration, separation of sensitive data, patching the host and jailed software, and monitoring both the jail and its controlling interfaces. In vulnerability management and incident response, defenders should verify whether suspected activity remained confined and treat a jail escape as host-level compromise.
Weekly headline count for the current query.
Iowa police arrested two penetration testers in 2019 for doing their jobs, highlighting the risk to security professionals in red teaming exercises.
At one point, Al-Tahery Al-Mashriky was hacking thousands of websites within the span of three months while stealing personal data and sensitive information.
Episode 3: On September 11, 2019, two cybersecurity professionals were arrested in Dallas County, Iowa and forced to spend the night in jail -- just for doing their jobs. Gary De Mercurio and Justin Wynn. Despite the criminal charges against them eventually being dropped, the saga that night five years ago continues to haunt De Mercurio and Wynn personally and professionally. In this episode, the pair and Coalfire's CEO Tom McAndrew share how the arrest and fallout has shaped their lives and careers as well as how it has transformed physical penetration tests for the cybersecurity industry as a whole.
Yahoo, Uber, SolarWinds — increasingly, the government is incentivizing better corporate security by punishing the individuals leading it. Is that a good idea? And how can security pros avoid ending up on the butt end of a lawsuit?
Charges against the ransomware gang member included damage to computers, conspiracy to commit fraud, and conspiracy to commit money laundering.
Rather than languishing in jail for their crimes, could former fraudsters turn to legitimate cybersecurity work? African cyber expert's recommendation resurrects that debate.
Local Nigerian cybersecurity expert tells Economic and Financial Crimes Commission to educate and not jail so-called Yahoo boys.
Extradited from Spain, PlugWalkJoe has been sentenced in US court and is now headed to federal prison on a raft of charges related to account hijacking and cyber stalking.
in the wake of the ex-Uber CISO verdict, CISOs ask for clearer rules and less uncertainty in managing disclosures, amid jail-time fears.
Tell other CISO's "you got a break," judge says in handing down a three-year probation sentence to Joseph Sullivan.