Date: Sun, 25 Aug 2002 00:54:16 +1000 From: "Dorsey Morrow" <dmorrow@isc2.org> To: freebsd-questions@FreeBSD.ORG Subject: Update to your case Message-ID: <003801c24b7e$1eff5e50$0300a8c0@dmorrowisc2org>
next in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Dear Reader You have received this E-Mail as an update to an incident that happened a few months ago, where our mail server was hacked. This letter is meant as an apology for the Spam that you have received in that incident. (ISC)2 is a world known security organization and would not be involved in the Spamming of mail. Our Mail server was successfully attacked and numerous worms and trojans that having been custom made, planted on our systems. As Symantec only deals with viruses and trojans that are targeted at the general consumer they where VERY slow in responding to our situation. As of this date we have received 10 000 complaints against us, regarding the incident with the mail server alone. The hacker is targeting us because we once had a racial policy that affected him negatively and seeks retribution in this way. Our organization saw fit to fail him on an exam that he took with us. We regret this but we have to stand by our decision, by his actions he has shown us right in our decision. We eventually had to reformat our entire computer systems and purge all our data. We take this very seriously and we are looking into the hackers activities. As of now we know that our entire exam database was compromised. It will take us many months to recover from this as our exams need to be rewritten. We know that various underground sites such as http://www.wzor.net/ and http://www.onlinereferences.net/ have copies of our exams but as of yet have not published them. We are currently in legal contact with them but, as these servers run in Russia and China we have no way of legally stopping them from publishing the material. If anyone has any information about this hacker \ hackers please contact us. Information & Inquiries Contact E-Mail info@isc2.org Managing Director James E. Duffy, CISSP jeduffy@isc2.org General Counsel & Manager of Corporate Operations Dorsey Morrow, CISSP dmorrow@isc2.org Manager of Professional Programs Anthony Baratta, CISSP abaratta@isc2.org Manager of Constituent Services Carolan Gozzi cgozzi@isc2.org Webmaster Wilfred L. Camilleri, CISSP webmaster@isc2.org [-- Attachment #2 --] <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=Content-Type content="text/html; charset=iso-8859-1"> <META content="MSHTML 6.00.2719.2200" name=GENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=#ffffff> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">Dear Reader<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><o:p> </o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">You have received this E-Mail as an update to an incident that happened a few months ago, where our mail server was hacked.<o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">This letter is meant as an apology for the Spam that you have received in that incident.<o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><o:p> </o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">(ISC)2 is a world known security organization and would not be involved in the Spamming of mail.<o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><o:p> </o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">Our Mail server was successfully attacked and numerous worms and trojans that having been custom made, planted on our systems.<o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">As Symantec only deals with viruses and trojans that are targeted at the general consumer they where VERY slow in responding to our situation. As of this date we have received 10 000 complaints against us, regarding the incident with the mail server alone. The hacker is targeting us because we once had a racial policy that affected him negatively and seeks retribution in this way. Our organization saw fit to fail him on an exam that he took with us. We regret this but we have to stand by our decision, by his actions he has shown us right in our decision.<o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><o:p> </o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">We eventually had to reformat our entire computer systems and purge all our data. We take this very seriously and we are looking into the hackers activities. As of now we know that our entire exam database was compromised. It will take us many months to recover from this as our exams need to be rewritten.</P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">We know that various underground sites such as <A href="http://www.wzor.net/">http://www.wzor.net/</A>; and <A href="http://www.onlinereferences.net/">http://www.onlinereferences.net/</A>; have copies of our exams but as of yet have not published them.</P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">We are currently in legal contact with them but, as these servers run in <?xml:namespace prefix = st1 ns = "urn:schemas-microsoft-com:office:smarttags" /><st1:country-region><st1:place>Russia</st1:place></st1:country-region> and <st1:country-region><st1:place>China</st1:place></st1:country-region> we have no way of legally stopping them from publishing the material.</P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><o:p><FONT face=Arial size=2></FONT></o:p> </P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">If anyone has any information about this hacker \ hackers please contact us.<o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><o:p> </o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">Information & Inquiries <o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">Contact E-Mail info@isc2.org <o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><SPAN style="mso-spacerun: yes"> </SPAN><o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">Managing Director <o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">James E. Duffy, CISSP jeduffy@isc2.org <o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><SPAN style="mso-spacerun: yes"> </SPAN><o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">General Counsel & Manager of Corporate Operations <o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">Dorsey Morrow, CISSP dmorrow@isc2.org <o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><SPAN style="mso-spacerun: yes"> </SPAN><o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">Manager of Professional Programs <o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">Anthony Baratta, CISSP abaratta@isc2.org <o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><SPAN style="mso-spacerun: yes"> </SPAN><o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">Manager of Constituent Services <o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">Carolan Gozzi cgozzi@isc2.org <o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><SPAN style="mso-spacerun: yes"> </SPAN><o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">Webmaster <o:p></o:p></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt">Wilfred L. Camilleri, CISSP webmaster@isc2.org</P> <DIV><FONT face=Arial size=2></FONT> </DIV></BODY></HTML>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?003801c24b7e$1eff5e50$0300a8c0>