Security Companies

Sec Co Fail This page is a showcase of security companies that epitomize irony. Corporations and groups that espouse the ideals of secure computing and even go so far as to offer (and profit from) products and services promising such security, while unable to keep their own systems from being attacked and compromised. These incidents range from corporate web defacements to virus/worm infections and other embarassing events. In the case of multiple articles, follow-ups are included below. We also maintain a list of security companies that spam as well as security companies with auto-update mechanism problems.



When Company & Incident
2013-10-08 [AVG, Avira, PureVPN] Security compromised at security companies during Cyber Security Month
2013-09-13 Darkleech Says Hello (FireEye Serves Malware)
2013-07-24 KPMG found leaking data, as it criticises every single company in the FTSE 350 for doing the same
2013-07-24 Server Misconfiguration Discloses Passwords of All Barracuda Network Employees
2013-07-08 Information Leak in OWASP Information Leak Wiki Page
2013-06-20 TAC Security Solutions (tacsecurity.co.in) Threatens Lawsuit Against attrition.org
2013-06-07 Flash-based XSS Mayhem: Most Security Solution Vendors Vulnerable [Symantec, AVG, Avira, BitDefender, McAfee, TrendMicro]
2013-06-04 Fortinet Claims Google's Disclosure Policy Irresponsible
2013-05-28 Secunia Broadcasts Zero-day Vulnerability via Email
2013-05-20 XSS in eval.symantec.com
2013-05-20 Kali Linux DOM Based XSS Writeup
2013-05-12 XSS in The Hacker News
2013-05-12 XSS in Offensive Security
2013-03-21 XSS in InfoSec Institute
2013-03-20 DOM Based XSS In Microsoft
2013-03-16 Man who conned a country - Police hunt for dubious cyber hero they posed with
2013-03-15 Researcher: Security appliances are riddled with serious vulnerabilities
2013-03-14 [NIST NVD] Downed US vuln catalog infected for at least TWO MONTHS
2013-03-13 Cisco accused of data theft
2013-03-13 Cops Arrest Tech Whiz For Allegedly Drugging, Assaulting Women
2013-03-13 Security News Website Among 30 QuinStreet Compromised Sites
2013-03-12 Avast Germany Hacked & 20,000 Credentials leaked with payment information
2013-02-24 DOM Based XSS in AVG
2013-02-23 S2Security Twitter Account Compromised
2013-02-15 Directory Traversal and XSS Vulnerabilities Found in Avira’s BetaCenter
2013-02-08 Security Firm Bit9 Hacked, Used to Spread Malware (After not using their own product)
2013-02-03 Self Proclaimed Ethical Hacker Trishneet Arora website hacked by Team Cyber-Rog
2013-01-30 GIAC Cross-Site Scripting
2013-01-25 Rafay Baloch found Non-persistent XSS vulnerability in Mcafee and Symantec
2013-01-18 Zscaler Accused of Throwing Stones From a Glass House Over XSS Vulnerability


2012


2012-12-11 ExploitHub.com Hacked
2012-11-05 PayPal, Symantec hacked as Anonymous begins November 5 hacking spree
2012-11-06 Cyberheists 'A Helluva Wake-up Call' to Small Biz (Primary Systems)
2012-11-05 Attorney Adds Security Company, State IT Department to Data Breach Lawsuit (Trustwave)
2012-10-31 Persistent XSS and SQL Injection Flaws on ESET Taiwan Website Fixed
2012-10-22 Cisco machine gets listed by blackhat org that rents out hacked PCs
2012-10-11 Eleven GmbH Twitter Compromised, Blamed on "Hack Attack"
2012-10-05 McAfee, Trust Guard certifications can make websites less safe
2012-10-03 'Scareware' trickster fined $163m by US authorities
2012-09-28 Security Researchers Troll Hakin9 Magazine
2012-08-27 GlobalCerts hacked, data leaked by #Anonymous
2012-08-22 Symantec XSS
2012-08-10 Kaspersky admits counterhacking
2012-07-31 Apple Security Team's Oh-So-Brief Black Hat Appearance
2012-07-30 BT backpedals on claims almost every Android device has malware
2012-07-14 Irony: Verbose IIS Error on Apple.com
2012-07-12 [AusCERT] Digital disaster as online security firm loses personal data in the mail
2012-07-03 Hacker Leaks Emails Allegedly Stolen from Trend Micro, Firm Denies Claims
2012-06-22 Dear Microsoft: fsf.org is not a "gambling site"
2012-06-03 Microsoft certification authority signing certificates added to the Untrusted Certificate Store
2012-05-20 Hackers hit cyber security agency's site
2012-05-02 7 Ways Oracle Puts Database Customers At Risk
2012-05-01 Oracle scrambles to contain 0-day disclosure snafu
2012-04-03 Email cock-up blamed in Check Point domain expiry snafu
2012-03-07 Microsoft.com XSS
2012-03-07 Panda Security defaced, disingenuous reply follows
2012-03-06 Ex Employee Hacked and Defaced Crezone Technologies
2012-03-06 Microsoft Bosnia Hacked and Defaced By Turkey Cyber Army
2012-02-25 Anonymous hacks Infragard again
2012-02-13 Microsoft India's Online Store Hacked; Reportedly Stored User Data In Plain Text
2012-02-08 Trustwave admits issuing man-in-the-middle digital certificate
2012-02-02 Key Internet operator VeriSign hit by hackers
2012-01-18 McAfee to plug 'spammer' hole this week
2012-01-11 Pentestmag.com Hacked, Serving Malware
2012-01-09 Top German cop uses spyware on daughter, gets hacked in retaliation
2012-01-06 Symantec Confirms Norton AV Source Code Exposed


2011


2011-12-20 The Dark Side of B-Sides; Mike Dahn
2011-11-30 Oops! McAfee discloses 1k customer e-mails
2011-11-27 'Charlatans' Said to Exaggerate Mobile Malware Fears
2011-11-27 EC-Council - CEH - Unethical Behavior
2011-10-15 [AiPlex Software] Anti-Piracy Outfit Tries to Erase History
2011-10-11 Don't worry about zero-days, says Microsoft
2011-10-04 Firefox advises users to disable McAfee plugin
2011-09-29 WebMax : Laptop Virus Removal Experts (laptopvirusrepair.co.uk) hacked, serves malicious code
2011-09-28 Strategic Security (strategicsec.com) Defaced
2011-09-26 Oracle's MySQL.com hacked for 2nd time, serves up malware
2011-09-22 Core Security (coresecurity.com) defaced via DNS hijacking
2011-09-21 Symantec/Norton's cybercrime numbers don't add up
2011-09-16 INSA, Top Spy Website Hacked
2011-09-12 GlobalSign finds no sign of fake certificates after hack
2011-09-10 DigiNotar breached, hundreds of forged SSL certificates issued
2011-09-09 Microsoft leaks patch info four days early
2011-08-30 Absolute Software Sued for Spying on Sex Chats
2011-08-25 RankMyHack.com Defaced
2011-08-25 Ethicalhackingcourses.com Defaced
2011-08-19 Anonymous breaches US defense contractor Vanguard
2011-08-18 McAfee's 'Shady RAT' report called alarmist, flawed
2011-08-09 PCI Council revokes company's QSA status
2011-07-29 Anonymous releases documents it says came from ManTech
2011-07-25 Anonymous hacks Italy's cybercrime police
2011-07-22 Abhaxas teaches Joseph K Black a lesson to learn
2011-07-22 German national cyber security centre attacked by hackers
2011-07-21 Cyberdouchery of Kasperskian Proportions
2011-07-11 [Updated]Hackers claim they exposed Booz Allen Hamilton data
2011-07-11 MS security centre search poisoned with infectious smut
2011-07-05 AusCERT jumps the gun on BIND bug release
2011-06-23 Black & Berg Cybersecurity Consulting Hacked Again
2011-06-09 [Black & Berg] Security 'expert' offers $10K reward for site hack, LulzSec obliges
2011-06-09 Certigna publishes SSL private key by mistake
2011-06-06 Unveillance faces troubled waters in the wake of LulzSec visit
2011-06-03 [Updated] LulzSec Hacks FBI Affiliate Infragard
2011-06-03 [Updated] Cisco deceived Canadian courts in audacious ploy to jail executive, judge finds
2011-05-31 New Apple antivirus signatures bypassed within hours by malware authors
2011-05-24 New hack on Comodo reseller exposes private data
2011-05-05 LastPass Says Hackers May Have Stolen Password Data
2011-04-27 Oracle hedging its vulnerability reports?
2011-04-21 Hundreds log into a rogue wireless hotspot at Infosec conference
2011-04-21 [Ashampoo] Hackers breach security vendor's defences
2011-04-18 Whitehats pierce giant hole in Microsoft security shield
2011-04-11 [Barracuda] Hack attack spills web security firm's confidential data
2011-03-23 [Comodo] Phony SSL Certificates issued for Google, Yahoo, Skype, Others
2011-03-17 RSA warns SecurID customers after company is hacked
2011-02-09 How one man tracked down Anonymous - and paid a heavy price (HBGary Federal)
2011-01-28 Kaspersky Anti-Virus Source Code Leaks Online


2010


When Company & Incident
2010-11-19 Arbor Networks responds to Media Hype/FUD RE: "China Hijacks 15% of Internet Traffic!" reports
2010-11-11 Reflex Security CEO Accused Of Sex With Child Prostitute
2010-11-09 InfoSec Institute XSS
2010-11-03 Security Consultants Claim New Terrorist Bombs May Mean No More In-Flight WiFi
2010-10-19 Kaspersky download site hacked to spread fake AV
2010-10-07 McAfee Offers (not so) 'Safe' URL Shortener
2010-10-05 Symantec Backs Off Its "Beg For Mercy" Warning Message
2010-10-04 Anti-virus vendor trio plug website flaws
2010-10-01 MasterCard and Visa sites bitten by XSS bugs
2010-09-20 ZoneAlarm Marketing Resembles Scareware Tactics
2010-09-15 Cyber security challenge organisers in email privacy blunder
2010-09-09 Symantec HackIsWack site still open to rickrolling
2010-09-03 Full Disclosure about 20 XSS bugs on Symantec.com and related domains
2010-09-03 Symantec Snoop Dogg rap contest site rickrolled
2010-08-18 Ideco Biometrics Serving Malware via SQL Injection
2010-08-18 M86 Security XSS
2010-08-16 GFI XSS
2010-08-15 VeriSign Security Center XSS
2010-08-14 Trustwave XSS
2010-08-10 Comodo XSS
2010-08-10 Symantec Website Vulnerable to XSS
2010-08-07 Tenable Network Security XSS Defacement
2010-08-05 CSO Online XSS
2010-08-04 Tech Target Search Security XSS
2010-08-03 Black Hat Schedule website XSS vulnerability
2010-07-29 The Irony - Black Hat Video Stream Hack
2010-07-11 SAINT Corporation XSS Defacement
2010-06-28 If the DHS Is Serving Malware, Should It Be Our Internet Cop?
2010-06-23 Comodo pirates Adobe software
2010-06-14 NitroSecurity XSS
2010-05-28 XSS on Tenable Network Security
2010-05-03 eEye confesses their business model should be a crime
2010-04-30 XSS: Cyber Security Challenge UK
2010-04-30 Defacement: Kaspersky Knowledgebase (kasperskykb.com)
2010-04-24 Splunk warns that it exposed users' passwords
2010-04-23 Symantec hit by XSS from SecurityFocus Import [Screenshot]
2010-04-22 Verizon draws line in sand over Narcissistic Vulnerability Pimps
2010-04-16 How To Wreck Your Reputation: John McAfee Edition
2010-04-12 Clear Skies Security doesn't know history of vulnerabilities
2010-04-06 Trend Micro Open CC's Hosted Security Clients
2010-03-29 Innovative Marketing Inc. sold fake anti-virus software for years
2010-03-19 Website Security Seals Smackdown
2010-03-12 Application Security Inc. Uses Malware Laden Site for News
2010-03-10 RSA Conference Site Vulnerable To XSS
2010-02-25 ControlScan Nailed For Misleading Customers
2010-02-18 ISACA Fails Basic Security on Password Reset Email
2010-01-22 Johnny / ihackstuff hit by spammers
2010-01-22 Police arrest MD of dowsing-rod 'bomb detector' firm (ATSC)
2010-01-06 XSS on Cisco.com
2010-01-05 Symantec Endpoint Protection Manager falls victim to Y2K Style Bug


2009


When Company & Incident
2009-12-28 XSS on Pandasecurity Site Search
2009-12-24 Dennis Montgomery / eTreppid Technologies sells fraudulent software to CIA
2009-12-18 Defacement: Nod32.de of ESET
2009-12-11 Symantec CEO says they don't hire hackers
2009-12-02 Prevx creates FUD, then backpedals
2009-11-29 Kaspersky (Portugal) vulnerable to SQL Injection (www.kaspersky.com.pt)
2009-11-23 Symantec Online Store Hacked
2009-11-03 Malwarebytes accuses rival of software theft (IOBit)
2009-10-27 XSS on CSI 2009 Site (CSI)
2009-10-03 Defacement: Cisco Saudi Arabia (cisco.com.sa)
2009-10-03 Defacement: Kaspersky Labs Vietnam (kaspersky.nts.com.vn)
2009-09-30 Defacement: Kaspersky Knowledgebase (kasperskykb.com)
2009-09-22 Defacement: Kaspersky Labs Singapore (kaspersky.com.sg)
2009-08-13 Isfahan University of Technology CERT team staffed by irresponsible morons
2009-08-13 Top Security Firm RSA Tries to Silence Blog
2009-07-31 McAfee Leaks 1,400 Security Pro Details
2009-07-25 Defacement: Matasano (matasano.com)
2009-07-14 EBay / Paypal Reports Security Blog To FBI For Phish Screenshot
2009-07-03 McAfee false-positive glitch fells PCs worldwide
2009-07-03 XSS on BlueCoat Site Review site
2009-07-02 Symtrex shows their penetration testing service is sub-par
2009-06-29 Blue chip FTP logins found on cybercrime server
2009-06-16 Antivirus giants fined over automatic renewals
2009-06-15 Symantec vulnerable to XSS
2009-06-15 Trend Micro vulnerable to XSS
2009-06-15 Norman vulnerable to XSS
2009-06-15 Kaspersky vulnerable to XSS
2009-06-13 Kaspersky demonstrates responsible disclosure isn't a concern
2009-06-09 McAfee downplays service pack fail
2009-05-06 Swedish Hacker Indicted in Cisco, NASA Attacks
2009-05-05 McAfee Gets Worked. Hard.
2009-05-04 Story on McAfee Security Hole Triggers Another
2009-05-03 McAfee: Enabling Malware Distribution and Fraud
2009-04-27 RSA.com Search Engine XSS
2009-04-16 RSA.com Password Change Code Leak
2009-04-15 Attention Symantec: There's a bug crawling on your website
2009-04-15 RSA.com Registered Account Manipulation Vulnerability
2009-04-15 RSA.com Open Redirect Vulnerability
2009-03-23 Symantec Says Credit Card Data May Have Leaked From India
2009-03-16 BBC Click paid cybercrooks to buy botnet
2009-03-10 Mary-Ann Davidson of Oracle lies to Congress and spouts ridiculous ideas of a virtual Monroe Doctrine
2009-03-09 Yahoo! paid for hacker's training at e2 Labs
2009-03-03 Gary McGraw / Reality Check needs a reality check of their own
2009-02-27 EthicalHacker.net Compromised
2009-02-16 BitDefender site exposes private data (yet again)
2009-02-13 Defacement: Zone-h.org defacement mirror
2009-02-12 F-Secure.com SQL Injection and Cross-Site Scripting
2009-02-11 BitDefender Partner Site Hit by Hackers
2009-02-09 Kaspersky hires expert to analyze Web site hack
2009-02-08 Kaspersky breach exposes sensitive database, says hacker


2008


-->
When Company & Incident
2008-12-16 AmEx, PCI founding member, fails PCI standards
2008-12-10 Court Halts Bogus Computer Scans
2008-11-13 Symantec Corporation Data Breach
2008-11-05 Rick Fleming gets 20 years for porn [Digital Defense]
2008-10-31 Defense Intelligence Agency Fixes Risky Web Site Code
2008-10-21 McAfee update classifies Vista component as a Trojan
2008-07-28 A decade of Oracle security [commentary]
2008-07-20 Kaspersky Malaysian Site / Shop Hacked
2008-07-09 Grisoft modifies its free AVG product after complaints
2008-06-13 Scripting bugs blight security giants' websites [McAfee, Symantec and VeriSign]
2008-05-19 'Hacker Safe' leader defrauded investors, prosecutors say
2008-05-18 ID theft protection firm sued [LifeLock]
2008-05-15 Debian, Ubuntu SSH Under Attack
2008-05-12 Vendor assailed for unfair marketing [Mobile Armor]
2008-04-30 McAfee 'Hacker Safe' cert sheds more cred
2008-03-18 Rapid7 backpedals after PCI compliant customer breached
2008-03-17 Trend Micro hit by massive Web hack
2008-02-09 Antivirus company's website downloads ... a virus
2008-01-07 'Hacker Safe' Geeks.com Hacked
2008-01-04 CA's Web site hacked by malware authors
2008-01-04 McAfee spies malware in legit JavaScript apps


2007


When Company & Incident
2007-12-14 Deloitte partner, principal confidential information on stolen laptop
2007-11-08 First Forensic Forum: Website for computer security experts hacked
2007-11-06 WabiSabiLabi founder arrested for alleged spying
2007-10-02 Chinese internet security response team under attack
2007-09-25 VeriSign: DoS attack could shut down internet
2007-09-22 Symantec issues bogus warning of full-scale Internet meltdown
2007-09-13 Confidential Chicago terrorist threat assessment leaked over P2P
2007-07-24 Researchers blast TRUSTe on user privacy
2007-07-13 Oracle UK systems accused in 'SSH hacking spree'
2007-07-03 Defacement: Microsoft UK (#26) (microsoft.co.uk)
2007-06-27 Symantec presenter spotted using KAV
2007-06-27 HP insider sells 0day exploits
2007-06-25 ISC^2/CISSP websites vulnerable to XSS
2007-05-28 University of Colorado at Boulder blames human error not Symantec for data breach
2007-05-20 Microsoft says, "Send us your passwords!"
2007-05-08 ISACA ISACA ISACA
2007-04-16 Microsoft's advisories giving clues to hackers
2007-04-03 FTC Approves Final Guidance Settlement
2007-03-07 Microsoft OneCare fails again
2007-03-04 It's official: Pirates crack Vista at last
2007-01-23 Zone-H "defaced" via DNS hijack


2006


When Company & Incident
2006-12-11 Vista vulnerable to a third of malware
2006-11-02 Ex-CEO of Computer Associates sentenced to 12 years
2006-09-22 Cybersecurity chief quits after unusual contract expires
2006-09-05 Phone Scam Charge Rocks HP
2006-08-29 Gartner says coin flip could be better than product analysis
2006-08-12 Vista hacked at Black Hat
2006-07-20 eEye uses pirated copy of software for presentation
2006-07-14 Flaw Discovered in McAfee ePolicy Orchestrator
2006-06-20 Bill Gates' piracy confession
2006-06-20 Microsoft France site cracked
2006-06-12 Homeland Security accepts fake ID
2006-06-14 Sourcefire tries to scam competition
2006-05-17 Blue Security DDoS'd after shutting down service
2006-05-12 Does Comodo's LaunchPad install adware?
2006-05-12 The dishonor of Blue Security
2006-05-08 Expert: McAfee Mac Security Report Is 'Scaremongering'
2006-05-08 Blue Security Inc. harrassed by spammers?
2006-04-25 Computer Associates' (CA) Sanjay Kumar pleads guilty to fraud
2006-04-18 Symantec hit with $1 billion tax bill
2006-04-11 Oracle accidentally discloses unpatched vulnerability to customer web site
2006-04-03 Trend Micro data revealed due to virus
2006-03-29 Fred Cohen endorses book plug spam from Chet Uber (SecurityPosture.com)
2006-03-16 Norton security software updates blocks AOL users' internet access
2006-03-13 McAfee virus definition deletes or quarantines legitimate files
2006-02-25 Personal information on stolen Ernst & Young laptop
2006-02-23 Auditor loses McAfee employee data [Deloitte & Touche]
2006-02-23 Iron Mountain dumped by client due to blackout
2006-02-12 Official (ISC)2 Guide Plagiarism
2006-01-17 Web attack crashes TippingPoint IPS
2006-01-13 Zone Labs denies ZoneAlarm "phones home"
2006-01-12 Symantec uses rootkit-like technology in Norton SystemWorks


2005


When Company & Incident
2005-12-19 Guidance Software database hacked to reveal 3,800 credit card numbers
2005-12-14 NIST web site vulnerable to XSS attacks
2005-09-22 Determina hit with denial of service attack during business conference
2005-09-06 Microsoft UK security chief falls victim to malware
2005-08-27 Microsoft anti-phishing tool tracks user surfing habits
2005-08-17 Tippingpoint ambulance chases after Zotob worm
2005-08-14 RSA vulnerable to XSS
2005-08-03 Cisco doesn't disclose vulnerability to feds
2005-08-03 Cisco.com web site breached
2005-07-30 Defcon 13 "Wall of Sheep"
2005-07-29 ISS threatens infowarrior.org
2005-07-29 Cisco stifles discussion about vulnerability at Black Hat
2005-01-24 Defacement: ISSA UK (www.issa-uk.org)


2004


When Company & Incident
2004-08-19 Former Enterasys executive pleads guilty
2004-06-03 ISC2 member information vulnerable
2004-05-25 Defacement: Microsoft UK (#25) (microsoft.co.uk)
2004-02-26 F-Secure mass-mails Netsky.B to customers
2004-02-24 Dan Verton testifies to Congress on "cyber-terrorism"
2004-02-20 mi2g report on security incidents questioned
2004-01-10 Verisign forgets to renew master digital cert


2003


When Company & Incident
2003-10-29 Bill Gates downplays secure coding practices
2003-09-30 Forensitech head indicted on hacking charges
2003-09-10 Richard D. Pethia / CERT Congressional Testimony
2003-08-30 Trend Micro site vulnerable
2003-08-23 CERT Staffer faces sex charge
2003-08-15 Microsoft Security Tool has bugs
2003-08-06 Microsoft security lapse reveals beta info
2003-08-06 McAfee VirusScan "bugs"?
2003-07-22 Rubi-Con Site Defaced
2003-07-15 Symantec distributes rootkit
2003-07-12 Deconstructing the Defacer Challenge Hoax/FUD (ISS, mi2g)
2003-07-11 Foundstone wants to fabricate product recommendations
2003-07-10 Defacement: Attrition.org
2003-06-16 CERT vulnerability reports leaked again
2003-06-09 Foundstone accused of software piracy
2003-06-05 DHS Official suspended, purchases college degrees
2003-06-05 Dan Verton meta content spam
2003-06-03 Microsoft's expert 'pin' testers
2003-05-30 Microsoft misleads customers over vulnerability
2003-05-27 Microsoft XP Security Update recalled
2003-05-10 ISS web sites, many vulnerabilities
2003-05-08 Fluffi Bunni worked for Siemens
2003-05-07 Defacement: Internet Security Systems (ISS) (iss.net)
2003-05-07 Netegrity site vulnerable
2003-05-07 Computer Associates site vulnerable
2003-05-07 e-matters.de security site vulnerable
2003-05-05 ISS defaced, breaches ethics and lies
2003-05-05 Progenic.com security site vulnerable
2003-05-05 hackinthebox.org security site vulnerable
2003-05-05 hackerscenter.com security site vulnerable
2003-05-05 codeingtheweb.net security site vulnerable
2003-05-05 ebcvg.com security site vulnerable
2003-04-03 InfoWorld Security Adviser infected with Slammer Worm
2003-03-27 IBM exec's son charged with hacking
2003-03-21 CERT vulnerability reports leaked again
2003-03-19 CERT vulnerability reports leaked
2003-03-12 Dan Verton pads resume, ignores team members
2003-02-26 Cryptome.org defaced
2003-02-13 ISSA Bans Kevin Mitnick, Hypocrites
2003-02-10 Defacement: Defensivethinking.com
2003-02-01 Dartmouth ISTS mail list problems
2003-01-31 ISS Ships Vulnerable Products, Uses as Pitch for More Products
2003-01-29 Symantec's "Submit a Deal" Flawed
2003-01-25 Symantec and the Slammer Fiasco
2003-01-17 Court: Network Associates can't gag users
2003-01-15 ITAA works against security


2002


When Company & Incident
2002-11-08 Kaspersky emails worm to customers
2002-08-21 Forensitech Solutions investigated by feds
2002-05-12 Defacement: Securityjobs.net
2002-05-12 Defacement: Secure-space.net hosting
2002-05-01 Booz Allen Hamilton (BAH) fails to protect Navy, themselves
2002-04-24 Cisco online registration not secure
2002-03-25 Defacement: Microsoft Research's Social Computing Group (#24) (olab2.research.microsoft.com)
2002-03-24 Defacement: Microsoft Customer Support Chat (#23) (cust-supp-chat.one.microsoft.com)
2002-03-16 Defacement: Microsoft Office Suite Advisory Group (#22) (officecouncil.rte.microsoft.com)
2002-03-15 Defacement: Microsoft Customer Support Chat (#21) (cust-supp-chat.one.microsoft.com)
2002-03-18 Frank Jones/Codex dupe security professionals
2002-03-15 Microsoft blunders another security patch
2002-03-14 Frank Jonez/Codex site hacked, DIRT info revealed
2002-03-13 Jon Lasser reveals CISSP a waste of time
2002-02-28 NAI caught in "anti censorship" lie
2002-02-25 Steve Gibson re-invents SynCookies (but broken)
2002-02-18 Cigital's ITS4 "security" utility is very lacking
2002-02-12 SafeWeb's anon-surfing technology not safe
2002-01-30 Multiple security sites vulnerable to XSS
2002-01-20 Defacement: eSafe / Aladdin (aladdin.co.il)


2001


When Company & Incident
2001-12-31 Global Network Security Services ambulance chases
2001-12-27 NIMDA Infection of Microsoft.com Network
2001-12-27 Defacement: Secureroot Computer Security Resource (secureroot.com)
2001-12-26 Defacement: TASC (fwb.tasc.com)
2001-12-10 Defacement: Technotronic (technotronic.com)
2001-11-29 SecurityFocus Defaced? Kind of
2001-11-15 Defacement: Trinux web site (trinux.org)
2001-10-29 Defacement: BIH Security (www.bih-security.com)
2001-10-27 NAI/PGP infected with Nimda Worm
2001-10-23 Defacement: SecurityNewsPortal (securitynewsportal.com)
2001-10-23 Defacement: Kim Schmitz (aka Kimble) (kimble.org)
2001-10-08 Code Red Infection of Microsoft.com Network
2001-09-29 Defacement: ANTIVIRUS Ltda. (antivirus.com.co)
2001-09-19 NIPC shares info with Symantec who doesn't give credit where due
2001-09-07 Defacement: Co-Logic (www.e-secure-it.co.nz)
2001-08-26 Microsoft Network compromised via Win2k Hole
2001-08-25 E*Trade & Ross Oliver botch simple security test
2001-08-24 iDefense files for bankruptcy
2001-08-21 Code Red II Infection on Deloitte & Touche Security Services network
2001-08-14 Code Red II Infection on NAS-Corp.com network
2001-08-14 Code Red II Infection on CyberCash.com network
2001-08-13 Defacement: Tripwire.com Forums
2001-08-11 Defacement: Linuxsecurity Brazil (linuxsecurity.com.br)
2001-08-04 Defacement: VeriSign Japan (verisign.co.jp)
2001-08-03 SANS ambulance chases after Code Red
2001-08-01 Defacement: Enterasys Networks Brasil (enterasys.com.br)
2001-08-01 Defacement: eCertifications (www.evalidations.com)
2001-07-30 Vigilinx uses fear-mongering and overhypes a worm
2001-07-30 High-Technology Crime Investigators Association infected with SirCam
2001-07-30 Defacement: www.ipssecurity.com
2001-07-30 Defacement: www.brownsecurity.com
2001-07-30 Defacement: www.digitalsecurity.com
2001-07-30 Defacement: www.win2k-security.com
2001-07-30 Defacement: www.securitysolutions-usa.com
2001-07-30 Defacement: www.securitysolutions-intl.com
2001-07-30 Defacement: www.securityfedbank.com
2001-07-30 Defacement: www.securityawareness.org
2001-07-30 Defacement: www.securityswitch.com
2001-07-30 Defacement: www.securitycanada.com
2001-07-30 Defacement: www.securityiss.com
2001-07-30 Defacement: www.security-resources.com
2001-07-30 Defacement: www.security-books.com
2001-07-30 Defacement: www.securityandmore.com
2001-07-28 Defacement: Attrition.org
2001-07-27 Defacement: Microsoft Saudi Arabia (#20) (microsoft.com.sa)
2001-07-27 Lucent (xl.com) defaced twice in hours
2001-07-27 Defacement: Secure E-Commerce Server IPD Hosting (www.secure.nl)
2001-07-25 Defacement: Secure Card Payments
2001-07-25 FBI NIPC agent infected with Sircam worm
2001-07-22 Defacement: Microsoft MSN Careers (#19) (content.mswh.careers.msn.com)
2001-07-21 SecurityFocus milks data from community, pushes it off as their own
2001-07-20 Symantec displays sheer stupidity in their claims about Code Red solutions
2001-07-20 Entercept has no clue about Code Red infections
2001-07-19 Defacement: Microsoft MSN IE Site (#18) (explorer.msn.com)
2001-07-19 Defacement: Microsoft Windows Update (#17) (windowsupdate.microsoft.com)
2001-07-18 Verisign uses 1x1 Web Bugs
2001-07-13 Defacement: The SANS Institute (www.sans.org)
2001-06-26 Defacement: Alldas.de Defacement Mirror
2001-06-25 Defacement: I-Secure.com.au (www.i-secure.com.au)
2001-06-24 Defacement: J. Baskow and Associates, LTD (www.baskowsecure.com)
2001-06-24 Defacement: Secure-Archives by Evolusoft (www.secure-archives.com)
2001-06-23 Defacement: Vsecure Technologies (www.v-secure.com)
2001-06-23 Defacement: US Secure Pay (www.ussecurepay.com)
2001-06-23 Defacement: SecureAgent Software (www.securenotes.com)
2001-06-23 Defacement: SecuredLink (www.securedlink.com)
2001-06-21 Defacement: Microsoft RTE (arulk) (#16) (arulk.rte.microsoft.com)
2001-06-21 Defacement: Microsoft RTE (redsand) (#15) (redsand.rte.microsoft.com)
2001-06-21 Defacement: Microsoft Mobile Feeds (#14) (feeds.mobile.msn.com)
2001-06-19 Defacement: Microsoft South Africa (#13) (interface.microsoft.co.za)
2001-06-18 Defacement: Anti-Hacker Online (www.hackerwatch.org)
2001-06-15 Nightkingdoms Progressive blatantly ambulance chases after recently defaced web sites
2001-06-15 GNSS/Global NSS blatantly ambulance chases after recently defaced web sites
2001-06-15 Defacement: E-Secure-IT (www.e-secure-it.co.nz)
2001-06-14 Defacement: COMSECURE.NET (www.comsecure.net)
2001-06-13 Defacement: E-Security, Real-Time Security and Awareness Software (www.esecurityinc.com)
2001-06-13 Defacement: Hauser Technology Integration, Inc. (www.compasssecurity.com)
2001-06-09 Defacement: Network World (www.nww.com)
2001-05-17 Defacement: Microsoft Romania (#12) (microsoft.ro)
2001-05-15 Interpol virus site contains little useful information
2001-05-10 Defacement: United States Internet Crime Taskforce (www.usict.org)
2001-05-07 Defacement: Microsoft (#11) (streamer.microsoft.com)
2001-05-04 Defacement: Exodus Communications (security.exodus.net) [mirror]
2001-05-04 Defacement: Federal Law Enforcement Training Center (www.fletc.gov)
2001-05-03 Defacement: Microsoft Mexico (#10) (microsoft.com.mx)
2001-05-03 Defacement: Microsoft Saudi Arabia (#9) (microsoft.com.sa)
2001-05-03 Defacement: Microsoft UK (#8) (microsoft.co.uk)
2001-05-01 Defacement: HTTP Tunnel (www.http-tunnel.com)
2001-04-25 Argus Pitbull Security Challenge - PitBull Protected Server Compormised
2001-04-21 Defacement: #3 Cybernanny, Inc. (www.cybernanny.net)
2001-04-19 John Chirillo asks for a book plug
2001-04-17 CPS Technology blatantly ambulance chases after recently defaced web sites
2001-04-16 Sentinel Systems blatantly ambulance chases after recently defaced web sites
2001-04-11 Defacement: RADGUARD: Enabling Secure e-Business (us.radguard.com)
2001-03-20 Defacement: Digital Delivery Inc - Secure Data Distribution (www.digitaldelivery.com)
2001-03-08 Defacement: RapidStream - Secure Virtual Private Networking (www.securitydogs.com)
2001-02-20 Defacement: Tiger Testing Inc. (www.tigertesting.com)
2001-02-09 Defacement: Computer Security Auditing Network (www.csanetworks.com)
2001-02-05 Hypocrisy: Price Waterhouse tells people not to "sell fear"
2001-01-31 Defacement: Breakwater Security Associates, Inc. (www.breakwater.net)
2001-01-28 RSA Security investigated by SEC
2001-01-25 Kaspersky peddles Attrition.org data as their own
2001-01-25 Defacement: Microsoft New Zealand (#7) (microsoft.co.nz)
2001-01-19 Symantec Corp Small Business server (smallbiz.symantec.com)
2001-01-03 Andrew Rosen of ASR Data misleads forensic community


2000


When Company & Incident
2000-12-17 Defacement: Microsoft Slovenia (#6) (microsoft.si)
2000-12-15 Defacement: eEye Digital Security (www.eeye.com) [mirror]
2000-12-14 Defacement: Microsoft Slovenia (#5) (microsoft.si)
2000-12-14 Defacement: Kaspersky AntiVirus, Brazil (www.kasperskylab.com.br)
2000-12-14 Defacement: AVP 2000 Brazil (www.avp2000.com.br)
2000-12-11 DefendNet Solutions blatantly ambulance chases after recently defaced web sites
2000-11-29 Defacement: Network Associates do Brasil (www.nai.com.br)
2000-11-29 Defacement: McAfee - Network Associates do Brasil (www.mcafee.com.br)
2000-11-15 Tigerteam Online Security responds to mention on attrition.org
2000-11-07 Defacement: Microsoft Events (#4) (events.microsoft.com)
2000-11-05 E-Security Laboratories blatantly ambulance chases after recently defaced web sites
2000-10-31 Defacement: 0x7f Security Research (www.0x7f.org)
2000-10-16 ICSA criticized for underwriting efforts
2000-09-29 Tigerteam Online Security resorts to SPAM
2000-09-29 Ernst & Young hires hackers
2000-09-27 E*Trade security hole still not bunged
2000-09-25 Max Butler of Whitehats.com pleads guilty to computer hacking
2000-09-12 Defacement: r00tabega (www.r00tabega.org)
2000-08-22 Disappearing E-mail makes naive claims about their technology
2000-07-29 Defacement: #2 Defcon Web site (www.defcon.org)
2000-07-25 PWC's Fred Rica not a stellar pen-tester
2000-06-15 Cybercops Class Under Cover - Omni Tech & Sullivan
2000-06-14 Defacement: RISX Security (risx.mine.nu)
2000-06-08 CD Universe evidence compromised by Kroll O'Gara, NAI, Infowar.com
2000-06-03 Defacement: Microsoft Brazil (#3) (microsoft.com.br)
2000-06-03 Defacement: #2 AntiOnline's AntiCode Archive (www.anticode.com)
2000-05-15 Why hire IBM?
2000-03-01 Defacement: AntiOnline's AntiCode (www.anticode.com)
2000-02-15 US Data Security & crypto misinformation
2000-02-15 Meganet & crypto misinformation
2000-02-12 Defacement: RSA Security Inc. (www.rsa.com)
2000-01-04 Defacement: Microsoft Taiwan (#2) (microsoft.com.tw)


Legacy


When Company & Incident
1999-11-07 Defacement: Internet Security (internetsecurity.com)
1999-10-24 Defacement: Microsoft (#1) (msrconf.microsoft.com)
1999-10-19 MTV made to look ridiculous by fake hacker (Shamrock)
1999-09-21 Defacement: Rootfest Security Con (www.rootfest.org)
1999-09-02 Defacement: SecurityNet (www.securitynet.net)
1999-08-05 Defacement: AntiOnline Security Site (www.antionline.com)
1999-08-02 Defacement: Symantec (www.symantec.com)
1999-07-22 Lockdown2000 testing and hostile response
1999-07-09 Defacement: Defcon (www.defcon.org)
1999-05-08 Hacker Trackers Safeguard Secrets, They Practice what they Breech
1999-02-17 CERT security software found vulnerable
1999-02-08 Rational Software doesn't care about their vulnerabilities
1999-02-01 NAI botches basic definitions like 'virus' and 'worm'
1999-01-22 CERT TCPWrapper advisory has serious errors
1999-01-15 SEC Accuses of PWC of Conflict with some Audit Clients
1999-01-01 NAI hypes up Remote Explorer Problem, witholds info from CARO
1998-10-14 NAI/PGP questions why anyone would use encryption
1998-03-23 IBM claims they don't hire hackers
1997-10-01 Hackers spoof SANS security newsletter


Articles about these defacements and more

VictimPublicationArticleDate
FBI NIPCNewsbytesFBI Computer Experts Feel SirCam Worm's Bite07/24/2001
SANSSecurityWatchLook mummy i'm on sans!07/13/2001
U.S. Commerce Dept.Wired'Secure' U.S. Site Wasn't Very 07/06/2001
Alldas.deZDNet UKHacker-tracker site whacked06/27/2001
Alldas.deThe RegisterAlldas defaced!06/27/2001
GeneralZDNetSecurity sites hit by graffiti gang06/13/2001
Argus SystemsWiredHackers Win Security Challenge04/23/2001
CyberNannyThe RegisterCyberNanny Web site defaced with obscenities04/20/2001
Network AssociatesWiredSecurity Firm's Site Defaced11/30/2000
Network AssociatesVNUNetNetwork Associates hit by cyber criminals11/30/2000
AntiOnlineVNUNetSecurity information website hacked10/30/2000
RSA SecurityNewsbytesCrackers Cripple RSA Server02/15/2000
RSA SecurityZDNet UKRSA Security site defaced02/14/2000
RSA SecurityThe RegisterInternet security firm RSA's Web site hacked02/14/2000




Copyright 2007-2011 by Attrition.org. Permission is granted to quote, reprint or redistribute provided the text is not altered, and appropriate credit is given.


main page ATTRITION feedback