HP pays to end kickback probe

This doesn't mean we're guilty


HP is taking a two cents per share charge to end a Department of Justice investigation into bribery allegations.

The company stressed that it was not admitting any wrongdoing, of course.

The DOJ investigation began in 2007 and included Accenture and Sun.

It centred on allegations that the three companies improperly charged for government contracts by either snaffling discounts or handing them onto channel partners rather than back to the government. The DOJ said at the time: "These alliance relationships and the resulting alliance benefits amount to kickbacks and undisclosed conflict of interest relationships."

HP said the deal with the DOJ would have "a negative impact of approximately 2 cents on third quarter fiscal year 2010 earnings per share". It did not otherwise update guidance.

HP's statement is here.

The settlement still needs court approval. ®

Narrower topics


Other stories you might like

  • Feds raid dark web market selling data on 24 million Americans
    SSNDOB sold email addresses, passwords, credit card numbers, SSNs and more

    US law enforcement has shut down another dark web market, seizing and dismantling SSNDOB, a site dealing in stolen personal information.

    Led by the IRS' criminal investigation division, the DOJ, and the FBI, the investigation gained control of four of SSNDOB's domains, hobbling its ability to generate cash. The agents said it raked in more than $19 million since coming online in 2015.

    Continue reading
  • It's 2022 and there are still malware-laden PDFs in emails exploiting bugs from 2017
    Crafty file names, encrypted malicious code, Office flaws – ah, it's like the Before Times

    HP's cybersecurity folks have uncovered an email campaign that ticks all the boxes: messages with a PDF attached that embeds a Word document that upon opening infects the victim's Windows PC with malware by exploiting a four-year-old code-execution vulnerability in Microsoft Office.

    Booby-trapping a PDF with a malicious Word document goes against the norm of the past 10 years, according to the HP Wolf Security researchers. For a decade, miscreants have preferred Office file formats, such as Word and Excel, to deliver malicious code rather than PDFs, as users are more used to getting and opening .docx and .xlsx files. About 45 percent of malware stopped by HP's threat intelligence team in the first quarter of the year leveraged Office formats.

    "The reasons are clear: users are familiar with these file types, the applications used to open them are ubiquitous, and they are suited to social engineering lures," Patrick Schläpfer, malware analyst at HP, explained in a write-up, adding that in this latest campaign, "the malware arrived in a PDF document – a format attackers less commonly use to infect PCs."

    Continue reading
  • US won’t prosecute ‘good faith’ security researchers under CFAA
    Well, that clears things up? Maybe not

    The US Justice Department has directed prosecutors not to charge "good-faith security researchers" with violating the Computer Fraud and Abuse Act (CFAA) if their reasons for hacking are ethical — things like bug hunting, responsible vulnerability disclosure, or above-board penetration testing.

    Good-faith, according to the policy [PDF], means using a computer "solely for purposes of good-faith testing, investigation, and/or correction of a security flaw or vulnerability."

    Additionally, this activity must be "carried out in a manner designed to avoid any harm to individuals or the public, and where the information derived from the activity is used primarily to promote the security or safety of the class of devices, machines, or online services to which the accessed computer belongs, or those who use such devices, machines, or online services."

    Continue reading

Biting the hand that feeds IT © 1998–2022