lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Mon Feb 13 15:34:28 2006
From: redleg18 at gmail.com (Red Leg)
Subject: Need some advice for a new customer

Hi all.

I have recently acquired a new customer who had a new version (dropped a new
exe file - one that hasn't been seen before they were infected - in the
system32 sub-directory) the sdbot worm blow through every machine on their
network. The worm is definitely one of the sdbot.worm.gen variants. And,
yes, the computer that held their customer credit card info was definitely
infected. The I.T. People at this firm failed to patch, or even have a plan
to patch the Windows OS.

Here's the question:

Should the company notify their customers of a POSSIBLE compromise of their
data? I have been trying to convince them that they should operate as though
the data is compromised. Is that the right position to take as a security
consultant?

Thanks for your advice and time to think about this.

Red

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ