Amen to that, Brother. And complexity, which makes it hard to get everything right (and you only need to get one or two things wrong to have a problem). That is what struck me reading the Krebs piece.
Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Matt Hogstrom Sent: Saturday, August 3, 2019 10:50 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: Capital One Data Breach-100 Million Customers affected I think the main take-away is that in almost all cases its either software bugs, poor security defaults that don’t force changes in credentials / passwords, bad default configurations for ease of use which results in poor configurations or perhaps malice in the form of allowing a breach. We need to be as vigilant if not more on Z given the assets we protect. Matt Hogstrom PGP key 0F143BC1 > On Aug 3, 2019, at 09:48, Charles Mills <charl...@mcn.org> wrote: > > https://krebsonsecurity.com/2019/08/what-we-can-learn-from-the-capital-one-hack/ > > > The details are OT to mainframes, of course. > > Charles > > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > Behalf Of Bill Johnson > Sent: Wednesday, July 31, 2019 9:33 AM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: Re: Capital One Data Breach-100 Million Customers affected > > She breached an incorrectly configured firewall. > > > Sent from Yahoo Mail for iPhone > > > On Tuesday, July 30, 2019, 7:48 PM, Edward Finnell > <0000000248cce9f3-dmarc-requ...@listserv.ua.edu> wrote: > > https://www.usatoday.com/story/money/2019/07/29/capital-one-data-breach-2019-millions-affected-new-breach/1863259001/ > > A CLOUDy day in data processing. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN