The Ethics of Publicly Naming Compromised Systems
I spend some time each week researching what Internet miscreants are doing. Because of this, I often encounter compromised systems before their owners know of the breach. As I write this, I currently have outstanding contact attempts for ten organizations with compromised websites - some with which you’re likely familiar.
Continue readingUh...
The organization wasn’t big, but they did have an IT department that apparently consisted of about a half dozen people.
Continue readingSaaSsy Scanning
I recently posed a Twitter poll on the following question about Scanning as a Service (SaaS):
There are several companies who “scan the Internet” and provide the resulting data to paying customers. These scans can be a bit invasive. When do you think such scanning crosses a line?
Continue reading