HP and Circuit City spreading malware. I read these two malware notices from SANS http://www.sans.org June 6th NewsBites newsletter: One of HP's printer drivers was infected with the Funlove virus. According to Stephen Northcutt, this is the third time HP has released a printer driver with the FunLove virus embedded. City City's web site contained malware that could have infected unpatched IE users for over a mo HP and Circuit City spreading malware.I read these two malware notices from SANS https://www.sans.org June 6th NewsBites newsletter:One of HP’s printer drivers was infected with the Funlove virus. According to Stephen Northcutt, this is the third time HP has released a printer driver with the FunLove virus embedded.City City’s web site contained malware that could have infected unpatched IE users for over a month. While commercial companies accidentally releasing malware to legitimate customers is nothing new, it isn’t that common these days. Over a decade ago, it was. Many vendors, including Microsoft, accidentally released viruses with legitimate content and software.What is so surprising to me is how badly HP and Circuit City’s computer security division/outsource team must be to not have noticed the injected malware. Is there no authentication going on? Is there no change control? When you see symptoms like this, the problems are deep and systematic.Particularly in HP’s case, if this is indeed the third time, will someone be held responsible and fired? First time is a learning experience, second time is no fun. Third time is embarassing. Related content analysis The 5 types of cyber attack you're most likely to face Don't be distracted by the exploit of the week. Invest your time and money defending against the threats you're apt to confront By Roger Grimes Aug 21, 2017 7 mins Phishing Malware Social Engineering analysis 'Jump boxes' and SAWs improve security, if you set them up right Organizations consistently and reliably using one or both of these approaches have far less risk than those that do not. By Roger Grimes Jul 26, 2017 13 mins Authentication Access Control Data and Information Security analysis Attention, 'red team' hackers: Stay on target You hire elite hackers to break your defenses and expose vulnerabilities -- not to be distracted by the pursuit of obscure flaws By Roger Grimes Dec 08, 2015 4 mins Hacking Data and Information Security Network Security analysis 4 do's and don'ts for safer holiday computing It's the season for scams, hacks, and malware attacks. But contrary to what you've heard, you can avoid being a victim pretty easily By Roger Grimes Dec 01, 2015 4 mins Phishing Malware Patch Management Software Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe