Security Scene Errata - Security Companies

Security Companies

This page is a showcase of computer security companies that epitomize irony. Corporations and groups that espouse the ideals of secure computing and even go so far as to offer products and services promising such but have also been unable to keep their own systems from being attacked and compromised. These incidents range from corporate web defacements to virus/worm infections to spamming and other embarassing events. In the case of multiple articles, followups are included below.

[--Date--] - Site/Incident

[08.04.30] - McAfee 'Hacker Safe' cert sheds more cred
[08.03.26] - Protexx Spams
[08.03.19] - Ecora Software ambulance chases after Hannaford data loss
[08.03.17] - Trend Micro hit by massive Web hack
[08.02.09] - Antivirus company's website downloads ... a virus
[08.01.07] - 'Hacker Safe' Geeks.com Hacked
[08.01.04] - CA's Web site hacked by malware authors
[08.01.04] - McAfee spies malware in legit JavaScript apps
[07.12.21] - Kaspersky inadvertently quarantines Windows Explorer
[07.12.14] - Deloitte partner, principal confidential information on stolen laptop
[07.12.07] - Symantec Screwup Is 'Worse Than Any Virus'
[07.11.08] - First Forensic Forum: Website for computer security experts hacked
[07.11.06] - WabiSabiLabi founder arrested for alleged spying
[07.10.02] - Chinese internet security response team under attack
[07.09.25] - VeriSign: DoS attack could shut down internet
[07.09.22] - Symantec issues bogus warning of full-scale Internet meltdown
[07.09.13] - Confidential Chicago terrorist threat assessment leaked over P2P
[07.08.27] - Microsoft Piracy Check Snafu Mislabels Authentic Windows Copies
[07.07.25] - Spyware Terminator Spams
[07.07.24] - Researchers blast TRUSTe on user privacy
[07.07.13] - Oracle UK systems accused in 'SSH hacking spree'
[07.07.03] - Microsoft UK site hacked
[07.06.27] - Symantec presenter spotted using KAV
[07.06.27] - HP insider with "0day to sell"?
[07.06.25] - ISC^2/CISSP websites vulnerable to XSS
[07.06.20] - ITSecurity.com Spams
[07.05.28] - University of Colorado at Boulder blames human error not Symantec for data breach
[07.05.08] - ISACA ISACA ISACA
[07.04.16] - Microsoft’s advisories giving clues to hackers
[07.04.03] - FTC Approves Final Guidance Settlement
[07.03.07] - Microsoft OneCare fails again
[07.03.04] - It's official: Pirates crack Vista at last
[07.01.23] - Zone-H "defaced" via DNS hijack
[06.12.11] - Vista vulnerable to a third of malware
[06.11.28] - SecureIT Online Spams
[06.11.02] - Ex-CEO of Computer Associates sentenced to 12 years
[06.09.22] - Cybersecurity chief quits after unusual contract expires
[06.08.29] - Gartner says coin flip could be better than product analysis
[06.08.12] - Vista hacked at Black Hat
[06.06.20] - Bill Gates' piracy confession
[06.06.20] - Microsoft France site cracked
[06.06.14] - Sourcefire tries to scam competition
[06.06.02] - HP printer drivers hit with Funlove virus
[06.05.17] - Blue Security DDoS'd after shutting down service
[06.05.12] - Does Comodo's LaunchPad install adware?
[06.05.12] - The dishonor of Blue Security
[06.05.08] - Expert: McAfee Mac Security Report Is 'Scaremongering'
[06.05.08] - Blue Security Inc. harrassed by spammers?
[06.04.25] - Computer Associates' Sanjay Kumar pleads guilty to fraud
[06.04.18] - Symantec hit with $1 billion tax bill
[06.04.11] - Oracle accidentally discloses unpatched vulnerability to customer web site
[06.04.03] - Trend Micro data revealed due to virus
[06.03.29] - Fred Cohen endorses book plug spam from Chet Uber (SecurityPosture.com)
[06.03.16] - Norton security software updates blocks AOL users' internet access
[06.03.13] - McAfee virus definition deletes or quarantines legitimate files
[06.03.05] - Brickwall Security spams
[06.02.25] - Personal information on stolen Ernst & Young laptop
[06.02.23] - Deloitte & Touche loses McAfee employee data
[06.02.17] - Iron Mountain dumped by client due to blackout
[06.01.17] - Web attack crashes TippingPoint IPS
[06.01.13] - Zone Labs denies ZoneAlarm "phones home"
[06.01.12] - Symantec uses rootkit-like technology in Norton SystemWorks
[05.12.19] - Guidance Software database hacked to reveal 3,800 credit card numbers
[05.12.14] - NIST web site vulnerable to XSS attacks
[05.09.22] - Determina hit with denial of service attack during business conference
[05.09.06] - Microsoft UK security chief falls victim to malware
[05.08.27] - Microsoft anti-phishing tool tracks user surfing habits
[05.08.17] - Tippingpoint ambulance chases after Zotob worm
[05.08.14] - RSA vulnerable to cross-site scripting attacks
[05.08.03] - Cisco doesn't disclose vulnerability to feds
[05.08.03] - Cisco.com web site breached
[05.07.30] - Defcon 13 "Wall of Sheep"
[05.07.29] - ISS threatens infowarrior.org
[05.07.29] - Cisco stifles discussion about vulnerability at Black Hat
[05.01.24] - Defacement: ISSA UK
[04.08.19] - Former Enterasys executive pleads guilty
[04.06.03] - ISC2 member information vulnerable
[04.02.26] - F-Secure mass-mails Netsky.B to customers
[04.02.24] - Dan Verton testifies to Congress on "cyber-terrorism"
[04.02.20] - mi2g report on security incidents questioned
[04.01.10] - Verisign forgets to renew master digital cert
[03.10.29] - Bill Gates downplays secure coding practices
[03.09.30] - Forensitech head indicted on hacking charges
[03.08.30] - Trend Micro site vulnerable
[03.08.23] - CERT Staffer faces sex charge
[03.08.18] - McAfee spam advertises, doesn't follow RFCs
[03.08.15] - Microsoft Security Tool has bugs
[03.08.09] - ISC2 spams and threatens
[03.08.06] - Microsoft security lapse reveals beta info
[03.08.06] - McAfee VirusScan "bugs"?
[03.07.15] - Symantec distributes rootkit
[03.07.12] - Deconstructing the Defacer Challenge Hoax/FUD (ISS, mi2g)
[03.07.11] - Foundstone wants to fabricate product recommendations
[03.06.16] - CERT vulnerability reports leaked again
[03.06.09] - Foundstone accused of software piracy
[03.06.05] - DHS Official suspended, purchases college degrees
[03.06.05] - Dan Verton meta content spam
[03.06.03] - Microsoft's expert 'pin' testers
[03.05.30] - Microsoft misleads customers over vulnerability
[03.05.27] - Microsoft XP Security Update recalled
[03.05.10] - ISS web sites, many vulnerabilities
[03.05.07] - Netegrity site vulnerable
[03.05.07] - Computer Associates site vulnerable
[03.05.07] - e-matters.de security site vulnerable
[03.05.05] - ISS defaced, breaches ethics and lies
[03.05.05] - Progenic.com security site vulnerable
[03.05.05] - hackinthebox.org security site vulnerable
[03.05.05] - hackerscenter.com security site vulnerable
[03.05.05] - codeingtheweb.net security site vulnerable
[03.05.05] - ebcvg.com security site vulnerable
[03.04.03] - InfoWorld Security Adviser infected with Slammer Worm
[03.03.27] - IBM exec's son charged with hacking
[03.03.21] - CERT vulnerability reports leaked again
[03.03.19] - CERT vulnerability reports leaked
[03.02.26] - Cryptome.org defaced
[03.02.13] - ISSA Bans Kevin Mitnick, Hypocrites
[03.02.10] - Defensivethinking.com defaced
[03.02.01] - Dartmouth ISTS mail list problems
[03.01.31] - ISS Ships Vulnerable Products, Uses as Pitch for More Products
[03.01.29] - Symantec's "Submit a Deal" Flawed
[03.01.25] - Symantec and the Slammer Fiasco
[03.01.17] - Court: Network Associates can't gag users
[03.01.15] - ITAA works against security
[02.11.08] - Kaspersky emails worm to customers
[02.08.21] - Forensitech Solutions investigated by feds
[02.05.12] - Securityjobs.net defaced
[02.05.12] - Secure-space.net hosting defaced
[02.05.01] - Booz Allen Hamilton (BAH) fails to protect Navy, themselves
[02.04.24] - Cisco online registration not secure
[02.03.18] - SourceSecurity.com resorts to spam
[02.03.18] - Frank Jones/Codex dupe security professionals
[02.03.15] - Microsoft blunders another security patch
[02.03.14] - Frank Jonez/Codex site hacked, DIRT info revealed
[02.03.13] - Jon Lasser reveals CISSP a waste of time
[02.02.28] - NAI caught in "anti censorship" lie
[02.02.25] - Steve Gibson re-invents SynCookies (but broken)
[02.02.18] - Cigital's ITS4 "security" utility is very lacking
[02.02.12] - SafeWeb's anon-surfing technology not safe
[02.01.30] - Multiple security sites vulnerable to cross site scripting attacks
[02.01.20] - eSafe Defaced
[01.12.31] - Global Network Security Services ambulance chases
[01.12.27] - NIMDA Infection of Microsoft.com Network
[01.12.27] - Secureroot Computer Security Resource Defaced
[01.12.26] - TASC Defaced
[01.12.10] - Technotronic Defaced
[01.11.29] - SecurityFocus Defaced? Kind of
[01.11.15] - Trinux site defaced
[01.10.29] - Defacement: BIH Security (www.bih-security.com) 
[01.10.27] - NAI/PGP infected with Nimda Worm
[01.10.23] - Defacement: SecurityNewsPortal
[01.10.08] - Code Red Infection of Microsoft.com Network
[01.09.29] - ANTIVIRUS Ltda. Defaced
[01.09.19] - NIPC shares info with Symantec who doesn't give credit where due
[01.09.07] - Defacement: Co-Logic (www.e-secure-it.co.nz) 
[01.08.26] - Microsoft Network compromised via Win2k Hole
[01.08.25] - E*Trade & Ross Oliver botch simple security test
[01.08.24] - iDefense files for bankruptcy
[01.08.21] - Code Red II Infection on Deloitte & Touche Security Services network
[01.08.14] - Code Red II Infection on NAS-Corp.com network
[01.08.14] - Code Red II Infection on CyberCash.com network
[01.08.04] - VeriSign Japan defaced
[01.08.03] - SANS chases ambulances after Code Red
[01.08.01] - Defacement: Enterasys Networks Brasil
[01.08.01] - Defacement: eCertifications 
[01.07.30] - Vigilinx uses fear-mongering and overhypes a worm
[01.07.30] - High-Technology Crime Investigators Association infected with SirCam
[01.07.30] - Defacement: www.ipssecurity.com
[01.07.30] - Defacement: www.brownsecurity.com
[01.07.30] - Defacement: www.digitalsecurity.com
[01.07.30] - Defacement: www.win2k-security.com
[01.07.30] - Defacement: www.securitysolutions-usa.com
[01.07.30] - Defacement: www.securitysolutions-intl.com
[01.07.30] - Defacement: www.securityfedbank.com
[01.07.30] - Defacement: www.securityawareness.org
[01.07.30] - Defacement: www.securityswitch.com
[01.07.30] - Defacement: www.securitycanada.com
[01.07.30] - Defacement: www.securityiss.com
[01.07.30] - Defacement: www.security-resources.com
[01.07.30] - Defacement: www.security-books.com
[01.07.30] - Defacement: www.securityawareness.org
[01.07.30] - Defacement: www.securityandmore.com
[01.07.28] - Defacement: Attrition.org 
[01.07.27] - Lucent (xl.com) defaced twice in hours
[01.07.27] - Defacement: Secure E-Commerce Server IPD Hosting (www.secure.nl)
[01.07.25] - Defacement: Secure Card Payments 
[01.07.25] - FBI NIPC agent infected with Sircam worm
[01.07.24] - 18th Microsoft Server defaced
[01.07.21] - SecurityFocus milks data from community, pushes it off as their own
[01.07.20] - Symantec displays sheer stupidity in their claims about Code Red solutions
[01.07.20] - Entercept has no clue about Code Red infections
[01.07.18] - Verisign uses 1x1 Web Bugs
[01.07.17] - NAI resorts to sending SPAM
[01.07.13] - Defacement: The SANS Institute (www.sans.org)
[01.06.25] - Defacement: I-Secure.com.au (www.i-secure.com.au)
[01.06.24] - Defacement: Secure-Archives by Evolusoft (www.secure-archives.com)
[01.06.24] - Defacement: J. Baskow and Associates, LTD (www.baskowsecure.com)
[01.06.24] - Secure-Archives by Evolusoft
[01.06.23] - Defacement: Vsecure Technologies (www.v-secure.com)
[01.06.23] - Defacement: US Secure Pay (www.ussecurepay.com)
[01.06.23] - Defacement: SecureAgent Software (www.securenotes.com)
[01.06.23] - Defacement: SecuredLink (www.securedlink.com)
[01.06.18] - Defacement: Anti-Hacker Online (www.hackerwatch.org)
[01.06.15] - Nightkingdoms Progressive blatantly ambulance chases after recently defaced web sites
[01.06.15] - GNSS/Global NSS blatantly ambulance chases after recently defaced web sites
[01.06.15] - Defacement: E-Secure-IT (www.e-secure-it.co.nz)
[01.06.14] - Defacement: COMSECURE.NET (www.comsecure.net)
[01.06.13] - Defacement: E-Security, Real-Time Security and Awareness Software (www.esecurityinc.com)
[01.06.13] - Defacement: Hauser Technology Integration, Inc. (www.compasssecurity.com)
[01.06.09] - Defacement: Network World (www.nww.com)
[01.05.15] - Interpol virus site contains little useful information
[01.05.10] - Defacement: United States Internet Crime Taskforce (www.usict.org)
[01.05.04] - Defacement: Exodus Communications (mirror) 
[01.05.04] - Defacement: Federal Law Enforcement Training Center (www.fletc.gov) 
[01.05.05] - TruSecure resorts to heavy SPAM campaign
[01.05.01] - Defacement: HTTP Tunnel (www.http-tunnel.com)
[01.04.25] - Argus Pitbull Security Challenge - PitBull Protected Server Compormised
[01.04.19] - John Chirillo asks for a book plug
[01.04.21] - Defacement: #3 Cybernanny, Inc. (www.cybernanny.net)
[01.04.17] - CPS Technology blatantly ambulance chases after recently defaced web sites
[01.04.16] - Sentinel Systems blatantly ambulance chases after recently defaced web sites
[01.04.11] - Defacement: RADGUARD: Enabling Secure e-Business (us.radguard.com)
[01.03.20] - Defacement: Digital Delivery Inc - Secure Data Distribution (www.digitaldelivery.com)
[01.03.08] - Defacement: RapidStream - Secure Virtual Private Networking (www.securitydogs.com)
[01.02.20] - Defacement: Tiger Testing Inc. (www.tigertesting.com)
[01.02.09] - Defacement: Computer Security Auditing Network (www.csanetworks.com)
[01.02.05] - Hypocrisy: Price Waterhouse tells people not to "sell fear"
[01.01.31] - Defacement: Breakwater Security Associates, Inc. (www.breakwater.net)
[01.01.28] - RSA Security investigated by SEC
[01.01.25] - Kaspersky peddles Attrition data as their own
[01.01.19] - Symantec Corp Small Business server (smallbiz.symantec.com)
[00.12.21] - eCertain.com resorts to SPAM
[00.12.15] - Defacement: eEye Digital Security (mirror)
[00.12.14] - Defacement: Kaspersky AntiVirus, Brazil (www.kasperskylab.com.br)
[00.12.14] - Defacement: AVP 2000 Brazil (www.avp2000.com.br)
[00.12.11] - DefendNet Solutions blatantly ambulance chases after recently defaced web sites
[00.11.29] - Defacement: Network Associates do Brasil (www.nai.com.br)
[00.11.29] - Defacement: McAfee - Network Associates do Brasil (www.mcafee.com.br)
[00.11.15] - Tigerteam Online Security responds to mention on attrition.org
[00.11.05] - E-Security Laboratories blatantly ambulance chases after recently defaced web sites
[00.10.31] - Defacement: 0x7f Security Research (www.0x7f.org)
[00.10.16] - ICSA criticized for underwriting efforts
[00.09.29] - Tigerteam Online Security resorts to SPAM
[00.09.28] - Gillian Technologies resorts to SPAM (with reply)
[00.09.27] - E*Trade security hole still not bunged
[00.09.25] - Max Butler of Whitehats.com pleads guilty to computer hacking
[00.09.12] - Defacement: r00tabega (www.r00tabega.org)
[00.08.24] - Gillian Technologies resorts to SPAM
[00.07.29] - Defacement: #2 Def Con Web site (www.defcon.org) 
[00.07.25] - PWC's Fred Rica not a stellar pen-tester
[00.06.15] - Cybercops Class Under Cover - Omni Tech & Sullivan
[00.06.14] - Defacement: RISX Security (risx.mine.nu)
[00.06.08] - CD Universe evidence compromised by Kroll O'Gara, NAI, Infowar.com
[00.06.03] - Defacement: #2 AntiOnline's AntiCode Archive (www.anticode.com)
[00.05.15] - Why hire IBM?
[00.04.15] - Defacement: Goat Security (www.goatse.cx)
[00.03.01] - Defacement: AntiOnline's AntiCode (www.anticode.com)
[00.02.15] - US Data Security & crypto misinformation
[00.02.15] - Meganet & crypto misinformation
[00.02.12] - Defacement: RSA Security Inc. (www.rsa.com)
[99.11.07] - Defacement: Internet Security (internetsecurity.com)
[99.10.21] - Internet Security Systems (ISS) resorts to SPAM
[99.10.19] - MTV made to look ridiculous by fake hacker (Shamrock)
[99.09.21] - Defacement: Rootfest Security Con (www.rootfest.org)
[99.09.02] - Defacement: SecurityNet (www.securitynet.net)
[99.08.05] - Defacement: AntiOnline Security Site (www.antionline.com)
[99.08.02] - Defacement: Symantec (www.symantec.com)
[99.07.22] - Lockdown2000 testing and hostile response
[99.07.09] - Defacement: Defcon (www.defcon.org)
[99.02.01] - NAI botches basic definitions like 'virus' and 'worm'
[99.01.15] - SEC Accuses of PWC of Conflict with some Audit Clients
[99.01.01] - NAI hypes up Remote Explorer Problem, witholds info from CARO
[98.10.19] - SAFLINK resorts to SPAM
[98.10.14] - NAI/PGP questions why anyone would use encryption
[97.10.01] - Hackers spoof security newsletter
Articles about these defacements and more

Victim	Publication	Article	Date
FBI NIPC	Newsbytes	FBI Computer Experts Feel SirCam Worm's Bite	07/24/2001
SANS	SecurityWatch	Look mummy i'm on sans!	07/13/2001
U.S. Commerce Dept.	Wired	'Secure' U.S. Site Wasn't Very	07/06/2001
Alldas.de	ZDNet UK	Hacker-tracker site whacked	06/27/2001
Alldas.de	The Register	Alldas defaced!	06/27/2001
General	ZDNet	Security sites hit by graffiti gang	06/13/2001
Argus Systems	Wired	Hackers Win Security Challenge	04/23/2001
CyberNanny	The Register	CyberNanny Web site defaced with obscenities	04/20/2001
Network Associates	Wired	Security Firm's Site Defaced	11/30/2000
Network Associates	VNUNet	Network Associates hit by cyber criminals	11/30/2000
AntiOnline	VNUNet	Security information website hacked	10/30/2000
RSA Security	Newsbytes	Crackers Cripple RSA Server	02/15/2000
RSA Security	ZDNet UK	RSA Security site defaced	02/14/2000
RSA Security	The Register	Internet security firm RSA's Web site hacked	02/14/2000