Re: Copy of Sony's security audit performed by Pricewaterhouse Coopers?

[Jeffrey Walton <noloader () gmail com>]

According to the folks I chatted with offline, the document was not
authored Pricewaterhouse Coopers.

Someone said the filename is "15-07P SPE Information Security Incident
Management (GSIRT Incidents).docx". Its part of a Outlook PST file.
Its part of the sony06 set
(magnet:?xt=urn:btih:mupkaz36jd5sbph6g4jg7kbp7r7ybwcb&dn=sony06.rar&xl=1054216724&fc=1).
Password is "diespe123".

Other useful information can be found at
https://www.reddit.com/r/hacking/comments/2ovw99/looking_for_sony_leaked_documents/.

I'm at work, and I don't want to put my employer in jeopardy. So I'll
have to take this up another time. (Unless someone posts the
document).

On Sun, Dec 14, 2014 at 11:48 PM, Jeffrey Walton <noloader () gmail com> wrote:
> According to the original report
> (http://recode.net/2014/12/12/sony-pictures-knew-of-gaps-in-computer-network-before-hack-attack/):
>
>     The confidential report, dated Sept. 25, was among Sony
>     Pictures General Counsel Leah Weil’s email correspondence,
>     which hackers released to public file-sharing networks earlier
>     this week. It included recommendations for bolstering security.
>
> Does anyone know which set of RAR files included Leah Weil OST file?
> It should have been named something like sony XX (for example, sony07,
> sony08, etc).
>
> On Sat, Dec 13, 2014 at 4:44 PM, Jeffrey Walton <noloader () gmail com> wrote:
> > I'm having trouble locating a copy of the Sony security audit
> > performed by Pricewaterhouse Coopers. The links in the Pastebin are
> > stale (http://pastebin.com/5UWa7sT3).
> >
> > Does anyone have a link to the report or a copy of the report they can
> > mail to the list?

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.