Microsoft Admits To Being Hacked Too 92
colinneagle writes "Once upon a time, Microsoft claimed that falling prey to social engineering tactics and then being hacked was a 'rookie mistake.' But now is the time for companies to jump on the bandwagon, to admit they were targeted by cyberattacks and successfully infiltrated. The stage is so crowded with 'giants' at this point, that there are fewer 'bad press' repercussions than if only one major company had admitted to being breached. Microsoft now admitted, hey we were hacked too. 'As reported by Facebook and Apple, Microsoft can confirm that we also recently experienced a similar security intrusion,' wrote Matt Thomlinson, General Manager of Microsoft's Trustworthy Computing Security. Unlike the New York Times and the Wall Street Journal there was no mention of Chinese hackers."
Re:Let's be honest (Score:3, Insightful)
Better to admit to being hacked (Score:4, Insightful)
Than to admit to certificate management incompetence.
Re:Let's be honest (Score:5, Insightful)
By the same token, a huge section of "Windows Malware" also has nothing to do with Windows Security. Yet we see hundreds of modded up posts on Slashdot bashing Microsoft over it regularly, yet Apple seems to be getting a free pass just like Android.
Re:Let's be honest (Score:4, Insightful)
Again, this has zero to do with OS X security. This is all about end user installed software, provided and supported by Oracle.
Just so we're all on the same page, when computers get infected with malware it is not the fault of the OS, it is the fault of the third-party software, right? It seems like I heard a different tune when people were talking about Windows machines getting infected through third-party software.
Re:Let's be honest (Score:4, Insightful)
Well something like 80% of BSOD issues were driver based (talk from a while back in XP days) but that didn't stop MS from getting the blame. A company can encourage other vendors to make good stuff but they can't force customers to apply the blame correctly when 3rd parties fail. It is fair game for MS to say "we've been hacked and yeah our Macs got hacked too" if it is true. It is also in their best interest to make sure that their competitors get included in the sound bits about the problem (and the source of the problem too of course) so that they don't get stuck with all the blame.
Re:As expected (Score:4, Insightful)
Anyone with a Linux server had information regarding these activities.
Look at your SSH logs, and you'll find 99.99999% of brute force attempts these days are coming from China.
Who the heck still has SSH open to the Internet? I haven't been set up this way for years, so I have no brute force attempts in my logs, on any of the dozens of Linux servers I maintain. Everything requires an OpenVPN connection first, then SSH over that.
As far as I'm concerned, an open SSH port is barely better than an open telnet port. The only improvement is that it prevents cleartext traffic sniffing.