On 03/11/2014 03:42 AM, Royce Williams wrote:
snip
> As to the ACS compromise, I have zero knowledge of the actual controls
> that ACS had in place (different part of the house), but from the
> notification sent to employees (and former employees, of which I am
> one) and the KTUU piece [1], it appears that ACS couldn't definitively
> tell which information was exfiltrated. They have to assume worst
> case. This is a strong argument for having controls in place that
> leave a trail of which data went where. Some of the components of
> Security Onion [2] -- strongly recommended for the security-minded (or
> security-curious) -- can help here. Also, disk is relatively cheap
> these days, so saving network flows for a few months (or even full
> packet capture for a few rolling days) is probably also a good idea.
Kinda funny the information Greg posted comes from an AG clear across
the country. The KTUU article said it was employees and former
employees. Does it include customers too? Either I haven't received
it, or it was deleted as spam along with the all the other "ACS webmail
administrator" phishing spam that comes in daily.
As an aside, what happened to the internet status page? My home
internet dropped this morning so when I got to work I went to the ACS
home page but can no longer find the current status/outages page...
...Kevin
-- Kevin Miller Juneau, Alaska http://www.alaska.net/~atftb "In the history of the world, no one has ever washed a rented car." - Lawrence Summers --------- To unsubscribe, send email to <aklug-request@aklug.org> with 'unsubscribe' in the message body.Received on Tue Mar 11 09:10:54 2014
This archive was generated by hypermail 2.1.8 : Tue Mar 11 2014 - 09:10:54 AKDT