subject:"RE\: Security Firm Bit9 Hacked, Used to Spread Malware"

RE: Security Firm Bit9 Hacked, Used to Spread Malware

2013-02-11 Thread Rod Trent

Especially those that don't use their own software.

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Monday, February 11, 2013 4:14 PM
To: NT System Admin Issues
Subject: RE: Security Firm Bit9 Hacked, Used to Spread Malware

Just shows anyone is a target..

Z

Edward E. Ziots, CISSP, Security +, Network +

Security Engineer

Lifespan Organization

ezi...@lifespan.org

This electronic message and any attachments may be privileged and
confidential and protected from disclosure. If you are reading this message,
but are not the intended recipient, nor an employee or agent responsible for
delivering this message to the intended recipient, you are hereby notified
that you are strictly prohibited from copying, printing, forwarding or
otherwise disseminating this communication. If you have received this
communication in error, please immediately notify the sender by replying to
the message. Then, delete the message from your computer. Thank you.

Description: Description: Lifespan

From: Shane Mullins [mailto:tsmulli...@gmail.com] 
Sent: Monday, February 11, 2013 4:10 PM
To: NT System Admin Issues
Subject: Re: Security Firm Bit9 Hacked, Used to Spread Malware

If major security vendors get hacked on a regular basis, then us little guys
don't really stand a chance!

On Fri, Feb 8, 2013 at 5:59 PM, Stu Sjouwerman 
wrote:

Bit9, a company that provides software and network security services to the
U.S.
government and at least 30 Fortune 100 firms, has suffered an electronic
compromise that cuts to the core of its business: helping clients
distinguish
known "safe" files from computer viruses and other malicious software.
OUCH !   More at:
http://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-
malware/

Warm regards,

Stu

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<>

RE: Security Firm Bit9 Hacked, Used to Spread Malware

2013-02-11 Thread Ziots, Edward

Just shows anyone is a target

Z

Edward E. Ziots, CISSP, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org

This electronic message and any attachments may be privileged and confidential 
and protected from disclosure. If you are reading this message, but are not the 
intended recipient, nor an employee or agent responsible for delivering this 
message to the intended recipient, you are hereby notified that you are 
strictly prohibited from copying, printing, forwarding or otherwise 
disseminating this communication. If you have received this communication in 
error, please immediately notify the sender by replying to the message. Then, 
delete the message from your computer. Thank you.
[Description: Description: Lifespan]


From: Shane Mullins [mailto:tsmulli...@gmail.com]
Sent: Monday, February 11, 2013 4:10 PM
To: NT System Admin Issues
Subject: Re: Security Firm Bit9 Hacked, Used to Spread Malware

If major security vendors get hacked on a regular basis, then us little guys 
don't really stand a chance!

On Fri, Feb 8, 2013 at 5:59 PM, Stu Sjouwerman 
mailto:s...@sunbelt-software.com>> wrote:
Bit9, a company that provides software and network security services to the U.S.
government and at least 30 Fortune 100 firms, has suffered an electronic
compromise that cuts to the core of its business: helping clients distinguish
known "safe" files from computer viruses and other malicious software.
OUCH !   More at:
http://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-malware/

Warm regards,

Stu

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<>

RE: Security Firm Bit9 Hacked, Used to Spread Malware

2013-02-11 Thread Ziots, Edward

Very interesting article, it does underline the importance of using application 
whitelisting and protecting your systems, but this is definitely a black eye 
Bit9 doesn’t need.

Z

Edward E. Ziots, CISSP, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org

This electronic message and any attachments may be privileged and confidential 
and protected from disclosure. If you are reading this message, but are not the 
intended recipient, nor an employee or agent responsible for delivering this 
message to the intended recipient, you are hereby notified that you are 
strictly prohibited from copying, printing, forwarding or otherwise 
disseminating this communication. If you have received this communication in 
error, please immediately notify the sender by replying to the message. Then, 
delete the message from your computer. Thank you.
[Description: Description: Lifespan]

From: Crawford, Scott [mailto:crawfo...@evangel.edu]
Sent: Sunday, February 10, 2013 5:03 PM
To: NT System Admin Issues
Subject: RE: Security Firm Bit9 Hacked, Used to Spread Malware

fair enough.  Next step: spin - "see what happens when you don't use our 
product?" :)

Sent from my Windows Phone

From: Andrew S. Baker
Sent: 2/10/2013 3:27 PM
To: NT System Admin Issues
Subject: Re: Security Firm Bit9 Hacked, Used to Spread Malware
The reporting was vague, but Bit9 was more clear in their own blog.

https://blog.bit9.com/2013/02/08/bit9-and-our-customers-security/

In brief, here is what happened. Due to an operational oversight within Bit9, 
we failed to install our own product on a handful of computers within our 
network. As a result, a malicious third party was able to illegally gain 
temporary access to one of our digital code-signing certificates that they then 
used to illegitimately sign malware. There is no indication that this was the 
result of an issue with our product.  Our investigation also shows that our 
product was not compromised.

ASB
http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker>
Providing Virtual CIO Services (IT Operations & Information Security) for the 
SMB market…

On Sun, Feb 10, 2013 at 2:03 PM, Crawford, Scott 
mailto:crawfo...@evangel.edu>> wrote:
You could interpret that sentence two ways:

A: We didn’t have it installed on the compromised systems.
B: It was installed, but did not protect them.

B says the software doesn’t work. A says there was simply a mistake made. 
Phrasing it like they did, allows B to be true, while implying A.

From: Andrew S. Baker [mailto:asbz...@gmail.com<mailto:asbz...@gmail.com>]
Sent: Saturday, February 9, 2013 9:51 PM
To: NT System Admin Issues
Subject: Re: Security Firm Bit9 Hacked, Used to Spread Malware

>>The company said attackers managed to compromise some of Bit9′s systems that 
>>were not protected by the company’s own software.

And this was because of... ?

ASB
http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker>
Providing Virtual CIO Services (IT Operations & Information Security) for the 
SMB market…

On Fri, Feb 8, 2013 at 5:59 PM, Stu Sjouwerman 
mailto:s...@sunbelt-software.com>> wrote:
Bit9, a company that provides software and network security services to the U.S.
government and at least 30 Fortune 100 firms, has suffered an electronic
compromise that cuts to the core of its business: helping clients distinguish
known "safe" files from computer viruses and other malicious software.
OUCH !   More at:
http://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-malware/

Warm regards,

Stu

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Ent

Re: Security Firm Bit9 Hacked, Used to Spread Malware

2013-02-11 Thread Richard Stovall

Well, we know it's not made of Wensleydale.


On Sun, Feb 10, 2013 at 5:03 PM, Stephen Holtz wrote:

> And the moon is made up of green cheese!
>
> Sent from my iPhone
>
> On Feb 10, 2013, at 4:23 PM, "Andrew S. Baker"  wrote:
>
> The reporting was vague, but Bit9 was more clear in their own blog.
>
> https://blog.bit9.com/2013/02/08/bit9-and-our-customers-security/
>
> *In brief, here is what happened. Due to an operational oversight within
> Bit9, we failed to install our own product on a handful of computers within
> our network. As a result, a malicious third party was able to illegally
> gain temporary access to one of our digital code-signing certificates that
> they then used to illegitimately sign malware. There is no indication that
> this was the result of an issue with our product.  Our investigation also
> shows that our product was not compromised.*
>
>
>
>
>
>
> *ASB
> **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker>*
> **Providing Virtual CIO Services (IT Operations & Information Security)
> for the SMB market…***
>
>
>
>
>
> On Sun, Feb 10, 2013 at 2:03 PM, Crawford, Scott wrote:
>
>>  You could interpret that sentence two ways: 
>>
>> ** **
>>
>> A: We didn’t have it installed on the compromised systems.
>>
>> B: It was installed, but did not protect them.
>>
>> ** **
>>
>> B says the software doesn’t work. A says there was simply a mistake made.
>> Phrasing it like they did, allows B to be true, while implying A.****
>>
>> ** **
>>
>> *From:* Andrew S. Baker [mailto:asbz...@gmail.com]
>> *Sent:* Saturday, February 9, 2013 9:51 PM
>> *To:* NT System Admin Issues
>> *Subject:* Re: Security Firm Bit9 Hacked, Used to Spread Malware
>>
>> ** **
>>
>> *>>The company said attackers managed to compromise some of Bit9′s
>> systems that were not protected by the company’s own software. *
>>
>> ** **
>>
>> ** **
>>
>> And this was because of... ?
>>
>>  
>>
>>  
>>
>> *ASB
>> **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker>*
>> **Providing Virtual CIO Services (IT Operations & Information Security)
>> for the SMB market…*
>>
>>  
>>
>> ** **
>>
>> On Fri, Feb 8, 2013 at 5:59 PM, Stu Sjouwerman 
>> wrote:
>>
>> Bit9, a company that provides software and network security services to
>> the U.S.
>> government and at least 30 Fortune 100 firms, has suffered an electronic
>> compromise that cuts to the core of its business: helping clients
>> distinguish
>> known "safe" files from computer viruses and other malicious software.
>> OUCH !   More at:
>>
>> http://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-malware/
>>
>> Warm regards,
>>
>> Stu
>>
>> ** **
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Security Firm Bit9 Hacked, Used to Spread Malware

2013-02-10 Thread Bourque Daniel

Not bad after all!!!  ;-)

Daniel Bourque


- Message d'origine -
De : Crawford, Scott [mailto:crawfo...@evangel.edu]
Envoye : Sunday, February 10, 2013 05:03 PM
A : NT System Admin Issues 
Objet : RE: Security Firm Bit9 Hacked, Used to Spread Malware

fair enough.  Next step: spin - "see what happens when you don't use our 
product?" :)

Sent from my Windows Phone



From: Andrew S. Baker
Sent: 2/10/2013 3:27 PM
To: NT System Admin Issues
Subject: Re: Security Firm Bit9 Hacked, Used to Spread Malware


The reporting was vague, but Bit9 was more clear in their own blog. 


https://blog.bit9.com/2013/02/08/bit9-and-our-customers-security/




In brief, here is what happened. Due to an operational oversight within Bit9, 
we failed to install our own product on a handful of computers within our 
network. As a result, a malicious third party was able to illegally gain 
temporary access to one of our digital code-signing certificates that they then 
used to illegitimately sign malware. There is no indication that this was the 
result of an issue with our product.  Our investigation also shows that our 
product was not compromised.



 

 

ASB
http://XeeMe.com/AndrewBaker <http://xeeme.com/AndrewBaker> 
Providing Virtual CIO Services (IT Operations & Information Security) for the 
SMB market…



 



On Sun, Feb 10, 2013 at 2:03 PM, Crawford, Scott  wrote:


You could interpret that sentence two ways: 

 

A: We didn’t have it installed on the compromised systems.

B: It was installed, but did not protect them.

 

B says the software doesn’t work. A says there was simply a mistake 
made. Phrasing it like they did, allows B to be true, while implying A.

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Saturday, February 9, 2013 9:51 PM
To: NT System Admin Issues
    Subject: Re: Security Firm Bit9 Hacked, Used to Spread Malware

 

>>The company said attackers managed to compromise some of Bit9′s 
systems that were not protected by the company’s own software. 

 

 

And this was because of... ?

 

 

ASB
http://XeeMe.com/AndrewBaker <http://xeeme.com/AndrewBaker> 
Providing Virtual CIO Services (IT Operations & Information Security) 
for the SMB market…



 

 

On Fri, Feb 8, 2013 at 5:59 PM, Stu Sjouwerman 
 wrote:

Bit9, a company that provides software and network security services to 
the U.S.
government and at least 30 Fortune 100 firms, has suffered an electronic
compromise that cuts to the core of its business: helping clients 
distinguish
known "safe" files from computer viruses and other malicious software.
OUCH !   More at:

http://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-malware/

Warm regards,

Stu

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
<http://lyris.sunbelt-software.com/read/my_forums/> 
or send an email to listmana...@lyris.sunbeltsoftware.com 
<mailto:listmana...@lyris.sunbeltsoftware.com> 
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
<http://lyris.sunbelt-software.com/read/my_forums/> 
or send an email to listmana...@lyris.sunbeltsoftware.com 
<mailto:listmana...@lyris.sunbeltsoftware.com> 
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
<http://lyris.sunbelt-software.com/read/my_forums/> 
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


Mise en garde concernant la confidentialite : Le present message, comprenant 
tout fichier qui y est joint, est envoye a l’intention exclusive de son 
destinatair

Re: Security Firm Bit9 Hacked, Used to Spread Malware

2013-02-10 Thread Stephen Holtz

And the moon is made up of green cheese!

Sent from my iPhone

On Feb 10, 2013, at 4:23 PM, "Andrew S. Baker"  wrote:

> The reporting was vague, but Bit9 was more clear in their own blog.
> 
> https://blog.bit9.com/2013/02/08/bit9-and-our-customers-security/
> 
> In brief, here is what happened. Due to an operational oversight within Bit9, 
> we failed to install our own product on a handful of computers within our 
> network. As a result, a malicious third party was able to illegally gain 
> temporary access to one of our digital code-signing certificates that they 
> then used to illegitimately sign malware. There is no indication that this 
> was the result of an issue with our product.  Our investigation also shows 
> that our product was not compromised.
> 
> 
>  
>  
> ASB
> http://XeeMe.com/AndrewBaker
> Providing Virtual CIO Services (IT Operations & Information Security) for the 
> SMB market…
>  
> 
> 
> On Sun, Feb 10, 2013 at 2:03 PM, Crawford, Scott  
> wrote:
>> You could interpret that sentence two ways:
>> 
>>  
>> 
>> A: We didn’t have it installed on the compromised systems.
>> 
>> B: It was installed, but did not protect them.
>> 
>>  
>> 
>> B says the software doesn’t work. A says there was simply a mistake made. 
>> Phrasing it like they did, allows B to be true, while implying A.
>> 
>>  
>> 
>> From: Andrew S. Baker [mailto:asbz...@gmail.com] 
>> Sent: Saturday, February 9, 2013 9:51 PM
>> To: NT System Admin Issues
>> Subject: Re: Security Firm Bit9 Hacked, Used to Spread Malware
>> 
>>  
>> 
>> >>The company said attackers managed to compromise some of Bit9′s systems 
>> >>that were not protected by the company’s own software. 
>> 
>>  
>> 
>>  
>> 
>> And this was because of... ?
>> 
>>  
>>  
>> ASB
>> http://XeeMe.com/AndrewBaker
>> Providing Virtual CIO Services (IT Operations & Information Security) for 
>> the SMB market…
>>  
>>  
>> 
>> On Fri, Feb 8, 2013 at 5:59 PM, Stu Sjouwerman  
>> wrote:
>> 
>> Bit9, a company that provides software and network security services to the 
>> U.S.
>> government and at least 30 Fortune 100 firms, has suffered an electronic
>> compromise that cuts to the core of its business: helping clients distinguish
>> known "safe" files from computer viruses and other malicious software.
>> OUCH !   More at:
>> http://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-malware/
>> 
>> Warm regards,
>> 
>> Stu
>> 
>>  
>> 
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>> 
>> ---
>> To manage subscriptions click here:  
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>> 
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>> 
>> ---
>> To manage subscriptions click here: 
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Security Firm Bit9 Hacked, Used to Spread Malware

2013-02-10 Thread Crawford, Scott

You could interpret that sentence two ways:

A: We didn’t have it installed on the compromised systems.
B: It was installed, but did not protect them.

B says the software doesn’t work. A says there was simply a mistake made. 
Phrasing it like they did, allows B to be true, while implying A.

From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Saturday, February 9, 2013 9:51 PM
To: NT System Admin Issues
Subject: Re: Security Firm Bit9 Hacked, Used to Spread Malware

>>The company said attackers managed to compromise some of Bit9′s systems that 
>>were not protected by the company’s own software.

And this was because of... ?

ASB
http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker>
Providing Virtual CIO Services (IT Operations & Information Security) for the 
SMB market…

On Fri, Feb 8, 2013 at 5:59 PM, Stu Sjouwerman 
mailto:s...@sunbelt-software.com>> wrote:
Bit9, a company that provides software and network security services to the U.S.
government and at least 30 Fortune 100 firms, has suffered an electronic
compromise that cuts to the core of its business: helping clients distinguish
known "safe" files from computer viruses and other malicious software.
OUCH !   More at:
http://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-malware/

Warm regards,

Stu

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Security Firm Bit9 Hacked, Used to Spread Malware

2013-02-10 Thread Stephen Holtz

Couldn't afford the licensing fees!

Sent from my iPhone

On Feb 9, 2013, at 10:50 PM, "Andrew S. Baker"  wrote:

> >>The company said attackers managed to compromise some of Bit9′s systems 
> >>that were not protected by the company’s own software. 
> 
> 
> And this was because of... ?
>  
>  
> ASB
> http://XeeMe.com/AndrewBaker
> Providing Virtual CIO Services (IT Operations & Information Security) for the 
> SMB market…
>  
> 
> 
> On Fri, Feb 8, 2013 at 5:59 PM, Stu Sjouwerman  
> wrote:
>> Bit9, a company that provides software and network security services to the 
>> U.S.
>> government and at least 30 Fortune 100 firms, has suffered an electronic
>> compromise that cuts to the core of its business: helping clients distinguish
>> known "safe" files from computer viruses and other malicious software.
>> OUCH !   More at:
>> http://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-malware/
>> 
>> Warm regards,
>> 
>> Stu
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Security Firm Bit9 Hacked, Used to Spread Malware

2013-02-08 Thread Kurt Buff

On Fri, Feb 8, 2013 at 2:59 PM, Stu Sjouwerman
 wrote:
> Bit9, a company that provides software and network security services to the 
> U.S.
> government and at least 30 Fortune 100 firms, has suffered an electronic
> compromise that cuts to the core of its business: helping clients distinguish
> known "safe" files from computer viruses and other malicious software.
> OUCH !   More at:
> http://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-malware/
>
> Warm regards,
>
> Stu

That's beyond ouch.

That's probably an RGE[1] for many, many people.

But, it's the obvious target, isn't it - subvert the whitelist and
you're even better off than evading the blacklist.


Kurt




[1] Resume Generating Event

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Security Firm Bit9 Hacked, Used to Spread Malware

RE: Security Firm Bit9 Hacked, Used to Spread Malware

RE: Security Firm Bit9 Hacked, Used to Spread Malware

Re: Security Firm Bit9 Hacked, Used to Spread Malware

Re: Security Firm Bit9 Hacked, Used to Spread Malware

Re: Security Firm Bit9 Hacked, Used to Spread Malware

RE: Security Firm Bit9 Hacked, Used to Spread Malware

Re: Security Firm Bit9 Hacked, Used to Spread Malware

Re: Security Firm Bit9 Hacked, Used to Spread Malware

9 matches

Site Navigation

Mail list logo

Footer information