> > However, you could acknowledge that we were not the > > only one at the same time. Untold security companies > > and sites were defaced by PoizonB0x and others > > in that very same period. Including: SecurityNewsportal, CNet, > > Attrition, Lucent. Microsoft (18 times in total?), SANS, > > CERT, SecurityFocus and many others. > > Was SecurityFocus actually defaced? I thought they wacked an add server > that then placed a hacked banner on the SF site. I could be wrong though.
Defaced, yes. Compromised, no. http://www.attrition.org/security/commentary/secfocus.html See http://www.attrition.org/errata/irony.html for similar amusement ;-) Also see the ton of RFC1918 addresses and MTA banners littering the SMTP headers of "security" firms on this list... Cheers. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
