Rapid7, Hannaford Supermarkets – Massive LULZ
I am a pretty bitter person these days. Not bitter in my personal life (ok a bit) but mostly bitter towards IT and IT Security and towards all of the vendors out there trying to shill their warez at all costs. Most of you by now have heard of the Hannaford Supermarkets credit card breach — it was a big one apparently over 1800 known fraud cases from data stolen from Hannaford.
When I read about this I thought about doing a post here ranting and raving about how now we will see all of the vendors (also known as Ambulance Chasers) coming out of the woodwork saying that this could have been avoided if only they had bought our solution and if you want to avoid this then you need to quickly sign that PO and order up some cool software or even some cool hardware.
Of course we all know that the cool software and hardware will not work as advertised, support will suck, and you will have been suckered out of a good chunk of your yearly budget not to mention will have added yet another security solution to add frustration in management. Oh, but don’t worry because the vendor will deliver what you need next release so please renew your license.
I never got around to that blog post as some other things (read: I went drinking) took this off my mind and I never got around to doing it. Tonight, I was going to get around to it but to be honest lost motivation and really, picking on the Ambulance Chasing vendors (not all are.. so don’t email me complaining) is kind of like picking on that downs syndrome kid next door — too easy (you expected retarded didn’t you?).
Much to my pleasant surprise, the great minds at Attrition (shout out to D2D) posted this masterpiece. Even better, they are not picking on the retard (there I said it) that is trying to sell a solution based on this. They are picking on the bigger retards that already sold a solution that obviously didn’t help then tried to cover up that their solution was being used.
Please read, enjoy and LOL like I did.