Date: Sun, 25 Aug 2002 00:54:16 +1000 From: "Dorsey Morrow" <dmorrow@isc2.org> To: freebsd-questions@FreeBSD.ORG Subject: Update to your case Message-ID: <003801c24b7e$1eff5e50$0300a8c0@dmorrowisc2org>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_0035_01C24BD1.F031D180 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Dear Reader =20 You have received this E-Mail as an update to an incident that happened = a few months ago, where our mail server was hacked. This letter is meant as an apology for the Spam that you have received = in that incident. =20 (ISC)2 is a world known security organization and would not be involved = in the Spamming of mail. =20 Our Mail server was successfully attacked and numerous worms and trojans = that having been custom made, planted on our systems. As Symantec only deals with viruses and trojans that are targeted at the = general consumer they where VERY slow in responding to our situation. As = of this date we have received 10 000 complaints against us, regarding = the incident with the mail server alone. The hacker is targeting us = because we once had a racial policy that affected him negatively and = seeks retribution in this way. Our organization saw fit to fail him on = an exam that he took with us. We regret this but we have to stand by our = decision, by his actions he has shown us right in our decision. =20 We eventually had to reformat our entire computer systems and purge all = our data. We take this very seriously and we are looking into the = hackers activities. As of now we know that our entire exam database was = compromised. It will take us many months to recover from this as our = exams need to be rewritten. We know that various underground sites such as http://www.wzor.net/ and = http://www.onlinereferences.net/ have copies of our exams but as of yet = have not published them. We are currently in legal contact with them but, as these servers run in = Russia and China we have no way of legally stopping them from publishing = the material. If anyone has any information about this hacker \ hackers please contact = us. =20 Information & Inquiries=20 Contact E-Mail info@isc2.org=20 =20 Managing Director=20 James E. Duffy, CISSP jeduffy@isc2.org=20 =20 General Counsel & Manager of Corporate Operations=20 Dorsey Morrow, CISSP dmorrow@isc2.org=20 =20 Manager of Professional Programs=20 Anthony Baratta, CISSP abaratta@isc2.org=20 =20 Manager of Constituent Services=20 Carolan Gozzi cgozzi@isc2.org=20 =20 Webmaster=20 Wilfred L. Camilleri, CISSP webmaster@isc2.org ------=_NextPart_000_0035_01C24BD1.F031D180 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.2719.2200" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">Dear = Reader<?xml:namespace prefix=20 =3D o ns =3D "urn:schemas-microsoft-com:office:office" /><o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><o:p> </o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">You have received = this E-Mail as=20 an update to an incident that happened a few months ago, where our mail = server=20 was hacked.<o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">This letter is meant = as an=20 apology for the Spam that you have received in that = incident.<o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><o:p> </o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">(ISC)2 is a world = known security=20 organization and would not be involved in the Spamming of = mail.<o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><o:p> </o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">Our Mail server was = successfully=20 attacked and numerous worms and trojans that having been custom made, = planted on=20 our systems.<o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">As Symantec only = deals with=20 viruses and trojans that are targeted at the general consumer they where = VERY=20 slow in responding to our situation. As of this date we have received 10 = 000=20 complaints against us, regarding the incident with the mail server = alone. The=20 hacker is targeting us because we once had a racial policy that affected = him=20 negatively and seeks retribution in this way. Our organization saw fit = to fail=20 him on an exam that he took with us. We regret this but we have to stand = by our=20 decision, by his actions he has shown us right in our = decision.<o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><o:p> </o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">We eventually had to = reformat our=20 entire computer systems and purge all our data. We take this very = seriously and=20 we are looking into the hackers activities. As of now we know that our = entire=20 exam database was compromised. It will take us many months to recover = from this=20 as our exams need to be rewritten.</P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">We know that various = underground=20 sites such as <A href=3D"http://www.wzor.net/">http://www.wzor.net/</A>; = and <A=20 href=3D"http://www.onlinereferences.net/">http://www.onlinereferences.net= /</A>=20 have copies of our exams but as of yet have not published them.</P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">We are currently in = legal contact=20 with them but, as these servers run in <?xml:namespace prefix =3D st1 ns = =3D=20 "urn:schemas-microsoft-com:office:smarttags"=20 /><st1:country-region><st1:place>Russia</st1:place></st1:country-region> = and=20 <st1:country-region><st1:place>China</st1:place></st1:country-region> we = have no=20 way of legally stopping them from publishing the material.</P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><o:p><FONT = face=3DArial=20 size=3D2></FONT></o:p> </P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">If anyone has any = information=20 about this hacker \ hackers please contact us.<o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><o:p> </o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">Information & = Inquiries=20 <o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">Contact E-Mail = info@isc2.org=20 <o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><SPAN=20 style=3D"mso-spacerun: yes"> </SPAN><o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">Managing Director = <o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">James E. Duffy, CISSP = jeduffy@isc2.org <o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><SPAN=20 style=3D"mso-spacerun: yes"> </SPAN><o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">General Counsel & = Manager of=20 Corporate Operations <o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">Dorsey Morrow, CISSP=20 dmorrow@isc2.org <o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><SPAN=20 style=3D"mso-spacerun: yes"> </SPAN><o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">Manager of = Professional Programs=20 <o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">Anthony Baratta, = CISSP=20 abaratta@isc2.org <o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><SPAN=20 style=3D"mso-spacerun: yes"> </SPAN><o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">Manager of = Constituent Services=20 <o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">Carolan Gozzi = cgozzi@isc2.org=20 <o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><SPAN=20 style=3D"mso-spacerun: yes"> </SPAN><o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">Webmaster = <o:p></o:p></P> <P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt">Wilfred L. Camilleri, = CISSP=20 webmaster@isc2.org</P> <DIV><FONT face=3DArial size=3D2></FONT> </DIV></BODY></HTML> ------=_NextPart_000_0035_01C24BD1.F031D180-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?003801c24b7e$1eff5e50$0300a8c0>