Dailydave mailing list archives
Re: Equitablefax
From: Arrigo Triulzi <arrigo () alchemistowl org>
Date: Fri, 29 Sep 2017 17:31:46 +0200
On 29 Sep 2017, at 01:12, the grugq <thegrugq () gmail com> wrote:
This is not a “bug” issue, it is an architecture issue. You know, if they threw a canary.io tool into that DMZ and configured it to look like a database, they’d have known about the hack during that first week. If they monitored their logs for unusual activity, such as the installation of 30 webshells, and gigabytes of data going the wrong way. If they had an architecture that prevented a compromise of a web server enabling access to sensitive company data. If they had asset management and decommissioned legacy databases, rather than leaving them in the DMZ.
Just in passing: "Equifax is ISO/IEC 27001:2013 certified by a reputable independent third party.”[0]. Asset management is a core part of ISO27001:2013. Cheers, Arrigo [0] https://www.equifax.com/assets/WFS/the_work_number_best_practices_in_data_security.pdf (1st page) _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Re: Equitablefax Arrigo Triulzi (Oct 03)
- <Possible follow-ups>
- Re: Equitablefax spacerog () spacerogue net (Oct 03)
- Re: Equitablefax the grugq (Oct 03)