Like we really needed this.

Hacker’s Blog

August 18, 2015

SecureWorld is insecure?

Filed under: Security,Uncategorized — Hacker @ 6:01 am

Since I have my own domain, I can give out email addresses that are tagged to an organization. If I receive a malicious email or spam on that address, then I know that that address has leaked somehow. Attribution only goes so far though, as some organizations will sell or distribute the email to others. That’s the case for SecureWorld. The email address I used was handed out to several vendors at the conference, so I don’t know who was compromised.

It is clear that someone was.

SecureWorld Leak

This email wasn’t spam. It actually came with a virus. Congratulations SecureWorld, you’ve got clientele worth owning. Though I can’t imagine too many of them are going to fall for opening the attachment, I know that even the best trained security practitioners are sometimes going too fast and will make mistakes.

• • •
Like we really needed this.