Full Disclosure mailing list archives
Need some advice for a new customer
From: Red Leg <redleg18 () gmail com>
Date: Mon, 13 Feb 2006 10:34:01 -0500
Hi all. I have recently acquired a new customer who had a new version (dropped a new exe file - one that hasn't been seen before they were infected - in the system32 sub-directory) the sdbot worm blow through every machine on their network. The worm is definitely one of the sdbot.worm.gen variants. And, yes, the computer that held their customer credit card info was definitely infected. The I.T. People at this firm failed to patch, or even have a plan to patch the Windows OS. Here's the question: Should the company notify their customers of a POSSIBLE compromise of their data? I have been trying to convince them that they should operate as though the data is compromised. Is that the right position to take as a security consultant? Thanks for your advice and time to think about this. Red _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Need some advice for a new customer Red Leg (Feb 13)
- Re: Need some advice for a new customer Peter Besenbruch (Feb 13)
- <Possible follow-ups>
- RE: Need some advice for a new customer Handy, Mark (IT) (Feb 16)