[funsec] Advanced tactic targeted grocer - 'Malware' stole Hannaford data

http://www.boston.com/news/local/articles/2008/03/28/advanced_tactic_targete d_grocer/ A massive data breach at Hannaford Brothers Cos. was caused by a "new and sophisticated" method in which software was secretly installed on servers at every one of its grocery stores, the company told Massachuse

[funsec] TJX Assents to Audits Of Data-Security System

In a press release, TJX, of Framingham, Mass., said it disagreed with the allegations in the FTC complaint, noting that prior to the breach, the company's data security "was similar to that of many major retailers." http://online.wsj.com/article/SB120664225435369131.html?mod=todays_us_market pl

Re: [funsec] Advanced tactic targeted grocer - 'Malware' stoleHannaford data

"The software was installed on computer servers at each of the roughly 300 stores operated by Hannaford and its partners." I wouldn't want to be one of the auditors at Rapid7 who issued passing grades during the PCI audit. Sonny Dis

Re: [funsec] TJX Assents to Audits Of Data-Security System

On Fri, 28 Mar 2008 09:54:00 EDT, "Richard M. Smith" said: > In a press release, TJX, of Framingham, Mass., said it disagreed with the > allegations in the FTC complaint, noting that prior to the breach, the > company's data security "was similar to that of many major retailers." I've never heard

Re: [funsec] The World’s Oldest Sound Recordings P la

Juha-Matti Laurio wrote: > OT but cool: > http://www.firstsounds.org/press/032708/index.php > > "Au Clair de la Lune" - French folk song, back to 1860... And the RIAA can't be far behind in shutting down that website :-) Jeff ___ Fun and Misc security d

Re: [funsec] Advanced tactic targeted grocer - 'Malware' stoleHannaford data

While they do lose points for overstating just how much involvement they had with Hannaford's PCI Compliance, I do believe the press release regarding Rapid7 and Hannaford mentioned only that the grocery chain purchased their software, NeXpose, for vulnerability scanning. There's been no source li

Re: [funsec] TJX Assents to Audits Of Data-Security System

On Fri, Mar 28, 2008 at 09:54:00AM -0400, Richard M. Smith wrote: > In a press release, TJX, of Framingham, Mass., said it disagreed with the > allegations in the FTC complaint, noting that prior to the breach, the > company's data security "was similar to that of many major retailers." Oh, *that'

Re: [funsec] TJX Assents to Audits Of Data-Security System

On 3/28/08, Rich Kulawiec <[EMAIL PROTECTED]> wrote: > > On Fri, Mar 28, 2008 at 09:54:00AM -0400, Richard M. Smith wrote: > > In a press release, TJX, of Framingham, Mass., said it disagreed with > the > > allegations in the FTC complaint, noting that prior to the breach, the > > company's data se

[funsec] The insider security threat

http://www.foxnews.com/story/0,2933,342852,00.html FBI Focusing on 'About Four' Suspects in 2001 Anthrax Attacks Friday, March 28, 2008 By Catherine Herridge and Ian McCaleb WASHINGTON - The FBI has narrowed its focus to "about four" suspects in the 6 1/2-year investigation of the deadly anthrax

[funsec] Fwd: [ISN] Counter-intelligence officers show how stupid they are

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Via: InfoSec News <[EMAIL PROTECTED]> [snip] http://www.wbj.pl/?command=article&id=40583 Warsaw Business Journal 28th March 2008 Six officers of the SKW, the new military counter-intelligence service, have uploaded photos of themselves while on a

Re: [funsec] The World’s Oldest Sound Recordings Pl ayed For The First Time

WARNING: Do NOT download the codec! : P On Thu, Mar 27, 2008 at 6:04 PM, Juha-Matti Laurio <[EMAIL PROTECTED]> wrote: > OT but cool: > http://www.firstsounds.org/press/032708/index.php > > "Au Clair de la Lune" - French folk song, back to 1860... > > Juha-Matti > __

[funsec] Quote of The Day: Ryan Singel

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 "TSA may support the 'thoroughness of the Officers involved' but the rest of the country thinks they are a bunch of power hungry goons with no sense of decency or common sense. That's even as airport security has gotten faster and a little less arbitra

Re: [funsec] Quote of The Day: Ryan Singel

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sorry -- forgot the URL: http://blog.wired.com/27bstroke6/2008/03/tsa-defends-nip.html - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFH7Wj5q1pz9mNUZTMRAnfLAJ49v6T8ceAf+FcRFmfa8nWoUNZlRACfcPy3 gx0GxmRJBV6f87vjS

[funsec] Ok, this is an odd and interesting site

http://www.votervoter.com/ You can choose a candidate and fund an ad. What's interesting is that you can see both the pro and con ads. Alex Scanned by VIPRE version 3.1.2051 With definition version 2040 ___ Fu

Re: [funsec] Most Despicable: Woman Says TSA Forced Piercings Removal

>>A Texas woman who claims she was forced to remove a nipple ring with pliers in order to board an airplane called Thursday for an apology by federal security agents and a civil rights investigation. >From the TSA Blog: http://www.tsa.gov/blog/2008/03/tsa-and-piercings.html Your questions and c

Re: [funsec] Most Despicable: Woman Says TSA Forced Piercings Removal

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- "Larry Seltzer" <[EMAIL PROTECTED]> wrote: >>>A Texas woman who claims she was forced to remove a nipple ring with pliers in order to board an airplane called Thursday for an apology by federal security agents and a civil rights investigation. >

[funsec] Hackers Assault Epilepsy Patients Via Computer

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Wow. Via Wired News. [snip] Internet griefers descended on an epilepsy support message board last weekend and used JavaScript code and flashing computer animation to trigger migraine headaches and seizures in some users. The nonprofit Epilepsy Foun

[funsec] Science Project Sparks NYC Subway Scare

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Via CNN.com. [snip] A college student has apologized for causing a scare on a subway train when his science project short-circuited and started smoking in his backpack. Gregory Kats, 29, said the device was just a model of an elevator's inner workin

Re: [funsec] Hackers Assault Epilepsy Patients Via Computer

Ugly. That one's worth investigating and prosecuting. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On

[funsec] Off Beat Question? Venice, anyone?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is completely off topic, but it's something that has really been bugging me, and I can't find the answer (or perhaps I'm not asking Google -- or other places -- the right question). If you've never been to Venice, you can hit 'delete' now. I'm l

Re: [funsec] Off Beat Question? Venice, anyone?

http://www.google.com/search?num=20&hl=en&safe=off&q=doge+venice+police+anonymous+opening http://query.nytimes.com/gst/abstract.html?res=9B0CE0DB1439E333A25753C1A9629C946096D6CF - Original Message - From: "Paul Ferguson" <[EMAIL PROTECTED]> To: Sent: Friday, March 28, 2008 9:30 PM Subj

Re: [funsec] Off Beat Question? Venice, anyone?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- "Paul Ferguson" <[EMAIL PROTECTED]> wrote: >This is completely off topic, but it's something that has really >been bugging me, and I can't find the answer (or perhaps I'm not >asking Google -- or other places -- the right question). > >If you've

Re: [funsec] Off Beat Question? Venice, anyone?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- "Kitsune" <[EMAIL PROTECTED]> wrote: >http://query.nytimes.com/gst/abstract.html?res=9B0CE0DB1439E333A25753C1A96 >29C946096D6CF Thank you -- that is exactly what I was looking for. "La Bocca del Leone" -- The Lion's Mouth. Cheers! And thanks

Re: [funsec] Off Beat Question? Venice, anyone?

"Paul Ferguson" <[EMAIL PROTECTED]> wrote: >> So what were this "secrets portals" called? << Bocca di Leone. See http://books.google.com.au/books?id=Y0qn0foDpUMC&pg=PA60&vq=Bocca+di+Leone&source=gbs_search_r&cad=1_1 (Page 60 of "The Rough Guide to Venice & the Veneto" - you'll need to click on