Back

Guide to Interpreting Security Incident #Announcements:

"extremely sophisticated attack" : The attackers put more time into the attack than we spent designing our defences.

"no evidence customer #data was accessed" : We lack audit records and the logs have been rotated out.

"due to a misconfiguration issue" : We deployed with default #insecure settings.

"possible for only a short window" : We didn't dig too deep to determine how far back the bug existed.

"crafted invalid request data" : We forgot to add input #validation.

"supplementary fix" : We didn't understand the problem as well as we thought, so our previous fix was insufficient.

"may have been exploited" : We're positive they got away with data, but they deleted our #logs.

"multiple threat actors" : Everyone was in our systems before we noticed.

"most customers are unaffected" : There are corner cases that aren't as #vulnerable.

"error in a third-party component" : We forgot to update our dependencies.

"could lead to remote code execution" : You're #p0wned.

"malicious activity has been observed" : The issue has already appeared in the press.

"review equipment inventory to verify if devices require other mitigations" : You need to buy new stuff.

"remotely exploited to allow authentication bypass" : We forgot to require #login for this function.

"not aware of any exploits in the wild" : The attackers aren't bragging on darkweb fora yet.