If you are reading this post, then chances are that you have some interest in information security. If so, then you will also have an interest in the Security Catalyst forums. This is a treasure trove of information security discussions and the like.
One of the interesting questions posted yesterday was also linked by Michael Santarcangelo over at his blog. It was a question on what you do if you are discover a large amount of PII (personally identifiable information) on a hacked server at your company (assuming they mean PII from outside your organization). it is a great question, and it has inspired some great arguments. Go check it out if you have not done so. Great stuff.
Vet
Looks like this Sweetbay supermarket credit card issue is starting to pop up all over the wire. From the article:
They say they are aware of about 1,800 cases of fraud related to the data intrusion and about 4.2 million unique account numbers were exposed.
Wow. Here’s a Sweetbay Google news search. All the stories are still pretty new, but Hannaford (parent company) says they have been aware of it since late February.
Here’s a graphic from Hannaford’s front page:
Think that kid is going to be as happy when he can’t get any new toys for a while because his parent’s have to clean up a credit mess? Sorry, couldn’t resist.
Vet
This is the kinda crap that makes people not want to trust the Internet at all. Really, if you can’t trust an anti-malware company’s website, who can you trust?
It’s really about being skeptical about the content you visit…
That comes from Craig Schmugar, a threat researcher for McAfee Avert Labs. I understand the sentiment. But if you look at it, the Internet has not changed much from its original model of trust. Yes, there are some more security measures built in now. There are more warnings that everyone ignores. But the Internet still relies on that trusted model. And that trust is getting more and more eroded everyday. What happens when people just say "screw it" and quit using the Internet?
Maybe I am being melodramatic, but these damn bad guys are like viruses. You kill the host, you don’t survive. Of course, bad guys mutate quickly. Good guys are getting better at it, but we still don’t change quickly enough.
Vet
Found this compilation story of a lot of the infected computer products coming from China and Taiwan. I have not done any confirmation of the details, but I believe all of these have been openly published in the media.
This kinda stuff makes you want to break out the conspiracy theories big time. But on second thought, why is it so unbelievable that China is not putting malware on its devices on purpose? Hmmmm…. (cue X-Files music).
Vet
