attrition.org received several tips from people affiliated with InfoSec Institute (infosecinstitute.com), all indicating that ISI employees would write text and attribute to other contracted instructors without their knowledge. It must be noted that in reply to the plagiarism of Corelan.be's material, ISI wrote an apology (and then removed it during legal discussion) attributing the plagiarism to "a contractor". As a result of this information, we contacted the listed author of a specific article and asked if he was the author, to which he replied 'no':
From: Keatron Evans (kevans[at]blinkdigitalsecurity.com) To: "attrition.org Errata Project" (errata[at]attrition.org) Date: Sat, 5 Nov 2011 22:41:45 -0500 Subject: Re: Question about an article of yours. I did author the video. Not the text. On Nov 5, 2011, at 10:40 PM, jericho wrote: : Mr. Keatron Evans; : : It has been brought to our attention recently that a person or persons : affiliated with the InfoSec Institute (infosecinstitute.com) has : plagiarized material in one of their courses. The entire story along with : evidence has been posted at the following URL: : : http://attrition.org/errata/plagiarism/infosec_institute/ : : Shortly after this, we began reviewing additional material on the ISI web : site and found an article credited to you that contains plagiarized : content. We have also been told by several people formerly affiliated with : ISI that employees will often times include their own additional material : not written by an author, or simply attribute an instructors name to text : they wrote. Because of this, we'd like to determine if the following : article text was written by you: : : http://resources.infosecinstitute.com/dll-hijacking/ : : What is DLL Hijacking? : April 28th, 2011 : By: Keatron Evans : : Any information or insight you can provide would be appreciated. : : attrition.org : Errata Project
Based on this, the plagiarism found in the article 'What is DLL Hijacking' is being attributed to InfoSec Institute. Our review of Mr. Evans' other articles found no indication of plagiarism, and there is no evidence of plagiarism in any writing attributed to him that we could find on any other website.
Update: Before this article was published, Jack Koziol emailed attrition.org and this article was discussed. After we pointed out the plagiarism, Koziol mailed the original author of the material (Siva Ram) and obtained permission to use it going forward.
The following three table details an article from the InfoSec Institute's web page, credited to Mr. Evans, but believed to be written by an ISI employee. This was the only article attributed to him that was found to contain plagiarized content.
|Relevant Text||Original Source / Comments|
|Paragraph starting "When programs are not written..."||DLL Hijacking Attacks by Siva Ram / maravis.com. Text changes infosec.exe to program.exe and learn.dll to library.dll.|
|Paragraph starting "If a malicious hacker has placed..."||DLL Hijacking Attacks by Siva Ram / maravis.com.|
|Paragraph starting "The vulnerability requires an attacker..."||DLL Hijacking Attacks by Siva Ram / maravis.com.|