Guide to Interpreting Security Incident #Announcements:
"extremely sophisticated attack" : The attackers put more time into the attack than we spent designing our defences.
"no evidence customer #data was accessed" : We lack audit records and the logs have been rotated out.
"due to a misconfiguration issue" : We deployed with default #insecure settings.
"possible for only a short window" : We didn't dig too deep to determine how far back the bug existed.
"crafted invalid request data" : We forgot to add input #validation.
"supplementary fix" : We didn't understand the problem as well as we thought, so our previous fix was insufficient.
"may have been exploited" : We're positive they got away with data, but they deleted our #logs.
"multiple threat actors" : Everyone was in our systems before we noticed.
"most customers are unaffected" : There are corner cases that aren't as #vulnerable.
"error in a third-party component" : We forgot to update our dependencies.
"could lead to remote code execution" : You're #p0wned.
"malicious activity has been observed" : The issue has already appeared in the press.
"review equipment inventory to verify if devices require other mitigations" : You need to buy new stuff.
"remotely exploited to allow authentication bypass" : We forgot to require #login for this function.
"not aware of any exploits in the wild" : The attackers aren't bragging on darkweb fora yet.
