Profile picture
Jake Williams @MalwareJake
, 7 tweets, 3 min read Read on Twitter
Real talk about the @marriott announcement. The issue was discovered on September 8th. This wasn't simply an issue of "the logs had evidence on the 8th." We know this because they changed something on the 10th (see the end of paragraph 1). 1/n
news.marriott.com/2018/11/marrio…
What does this even mean? It's either intentionally misleading or so vague as to be meaningless. Was the data discovered on the dark web? Probably not since it was encrypted. Was it discovered on another internal machine? How did Marriott know it was sensitive? 2/n
That sentence specifically leaves me with more questions than answers. Infosec peeps: work with your PR teams to draft statements that don't leave experts (and press) scratching their heads wondering if you know what you're talking about. 3/n
Given the timeline of the breach, it's clear that either Marriott bought the system in a breached condition or they were given a copy of the data (perhaps for due diligence) and failed to secure it themselves. This sentence seems to imply the former. 4/n
But given the inarticulate wording in the rest of the post, I'm not going to read too much into a statement from the CEO (which could be intentionally worded to lead people to that conclusion). 5/n
Starwood had crossover rewards programs with at least @delta (pretty sure there were others). No word yet on how those systems might have been impacted. Why not? They've had months to investigate this and draft the statement. 6/n
For a breach of this magnitude, with almost 3 months to investigate, the lack of detail in this statement is underwhelming. I'll be using this as a case study with clients on how NOT to announce a breach. 7/7
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Jake Williams
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @MalwareJake see all

Profile picture
Twas the night before Christmas and all over the ‘net,
Not a creature was stirring except China hacking Tibet.

The IPS were strung by the egress with care,
In hopes that St WannaCry soon would be stopped there.
1/n
The children were nestled all snug in their beds,
While IoT devices mined the dreams from their heads.

Mama with her EDR and I with my IDS
Were ready to tackle an infosec mess.

Down in the SOC there arose such a clatter,
I logged into my dashboard to see what was the matter 2/
This thing had better work, it cost so much cash.
But gosh darnit, I can’t use it until I update Adobe Flash…

Pondering the alarms I thought “Oh heck no!”
That’s because the threshold for alerting was configured so low.
3/n
Read 14 tweets
Profile picture
I certainly don't agree with everything in this thread, but it is very thought provoking nonetheless. I tell clients regularly that cyber security IS warfare if APT is in your threat model. We often fight nation state hackers with nearly infinite resources by deploying a CEH. 1/n
This obviously doesn't work. When you step back and look at resources that APT groups have, it's obvious they can comrpomise almost any organization. My favorite example is the China/Bit9 example. Picture being an attacker who can't get into a top tier target. 2/n
Now imagine that you think "Bit 9 is standing in our way, so we'll 'just' go comrpomise them." Um, that's a moonshot. Ask yourself:
1. What kind of organization dedicates resources to moonshots?
2. How many moonshots do we not know about?
3. How valuable was that target?
3/n
Read 7 tweets
Profile picture
I'm writing a new blog post but I need some help. We have a problem in the tech industry with consent vs. informed consent. Problems with confusing the two are not unique to infosec. Medicine has been practiced for millennia, but informed consent is at best ~50 years old. 1/n
Legalese terms of service can't be comprehended by a large percentage of a user base. Even if you understand what is being collected, do you understand how it will be used? A patient can't give informed consent without a discussion of risk. 2/n
Doctors don't routinely downplay risk in a procedure. This comes from two sources:
1. Liability
2. In most cases (electives are a counter-example), the doctor has a product (the procedure) the patient needs

These do not hold true in the technology field. 3/n
Read 7 tweets

Related threads

Profile picture
A Christmas Border Wall take: In 1985, a couple of hoods robbed a bank in Yuma and got into a high-speed chase e/b on I-8 towards San Diego. @jimgreff
At some point they turned south and headed towards Mexico and the border fence. After crashing into the fence, they climbed over into Mexico and got into a shootout with Mexican police.
More like a shoot at, actually. It was September and the Mexican were celebrating Independence Day with a parade. There were lots of police along the route when they came over the fence.
Read 11 tweets
Profile picture
Real talk, the 90s in the comic industry felt like that hour before closing where there are still a few people in the restaurant, but staff is putting chairs on tables, pulling out the mop, wiping down the bar, etc.

LAST CALL. KITCHEN'S CLOSING.
Like, it was CONCEIVABLE we were all genuinely watching, and taking part in, the wind-down of an entire industry. That it would never really come back from the one-two punch of the black-and-white glut and the speculator bust.
(Both of which are threads in and of themselves, honestly.)

"Ha ha comics are dying we're all doomed" literally goes back to the 70s, but it didn't feel real until the 90s. Pros were advising li'l bright-eyed wannabes to not make comics, cuz "It won't be here in ten years."
Read 4 tweets
Profile picture
Real talk, I STILL miss Vine.
"Do it for the Vine." "I ain't gon' do it!" will probably be one of the things we all gum at one another in the nursing home to perplex the aides.
I think of this and still giggle to myself, sometimes.

Read 5 tweets
Profile picture
#Evidence
1. On June 18, 1957, after checking with Maulana Kalam Azad and Dr.Rajendra Prasad, Durga Das wrote the following line in his weekly column in The Hindustan Times, “if he (Nehru) is consciously trying to build anyone as his successor, he is building up his daughter.”
More #Evidence Mr. Tharoor-
2. Indira Gandhi went with Nehru to all political and administrative functions and got introduced to all the state leaders of the Congress party 🤔
#Evidence
3. Indira addressed election meetings, presided over Congress women’s committees, acted as hostess when Nehru entertained visitors and he took her with him when he traveled abroad😌
Read 6 tweets
Profile picture
September 11, 2001 is a date Americans will never forget, changing us forever. But what Americans often don’t remember is how that date also changed the rest of the world, especially the Middle East.
Seventeen years ago, I was 10-years-old, growing up in Baghdad under the regime of Saddam Hussein. I remember watching the buildings collapse, having no idea that the smoke and debris would transform my life, too.
My younger self could never have imagined that one day I would become a refugee and end up in the same country where those buildings came crashing down -- essentially because that horrific attack happened.
Read 17 tweets
Profile picture
Real talk? @CynthiaNixon is the real deal. I meet politicians all the time. And there’s something completely different about her.

I was on the panel about Black maternal health last night, and let me tell you, it was like an event I have never been to before.

#CynthiaForNY
@CynthiaNixon Last week, @JamilahLemieux emailed to see if would happen to be in NYC and could be on this panel. I said yes, because I happened to be in NYC, always want to talk BW health & because I’ll do whatever Jamilah asks — she believed in me early on in my writing career.

#CynthiaForNY
@CynthiaNixon @JamilahLemieux When I got there yesterday, the room was PACKED. Standing room only. Folks sitting on the floor. And it was HOT. We were all sweating. But folks were chatting, snacking, getting friendly with their neighbors, and using all the #CynthiaForNY leaflets as church fans.
Read 18 tweets

Trending hashtags

#northern #Mexico #CynthiaForNY #Dishonored2 #interactive #bioinformatique #city #electroneum #Thérèse #address #Thésolie #FARA #own #sujetComplique #evidence #genre #MuellerTime #H1N1 #thèseFatigueThèseUsée #ScienceDenial #mobile #EDI #ploymère #SorryJack #LIBOR

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!