Re: Advanced tactic targeted grocer - 'Malware' stoleHannaford data

["B.K. DeLong" <bkdelong () pobox com>]

While they do lose points for overstating just how much involvement they had
with Hannaford's PCI Compliance,  I do believe the press release regarding
Rapid7 and Hannaford mentioned only that the grocery chain purchased their
software, NeXpose, for vulnerability scanning. There's been no source
linking them as Hannaford's PCI Auditor/QSA.

http://www.rapid7.com/pressroom.jsp

On Fri, Mar 28, 2008 at 10:06 AM, Discini, Sonny <
Sonny.Discini () montgomerycountymd gov> wrote:

>  "The software was installed on computer servers at each of the roughly
> 300 stores operated by Hannaford and its partners."
>
>
> I wouldn't want to be one of the auditors at Rapid7 who issued passing
> grades during the PCI audit.
>
>
>
> Sonny Discini, Senior Network Security Engineer
> Department of Technology Services
> Enterprise Infrastructure Division
> Montgomery County Government
>
>
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.



-- 
B.K. DeLong (K3GRN)
bkdelong () pobox com
+1.617.797.8471

http://www.wkdelong.org Son.
http://www.ianetsec.com Work.
http://www.bostonredcross.org Volunteer.
http://www.carolingia.eastkingdom.org Service.
http://bkdelong.livejournal.com Play.


PGP Fingerprint:
38D4 D4D4 5819 8667 DFD5 A62D AF61 15FF 297D 67FE

FOAF:
http://foaf.brain-stream.org

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.