« Who's afraid of the big bad worm (or the death of security as we know it) | Main | Make sure the stones are real »

August 16, 2006

People in glass houses, ....

Filed under the people in glass houses, shouldn't throw stones banner, comes this tidbit from Brian Krebs at the Washington Post.  It seems a Russian Security blog by Valery Marchuk, http://www.securitylab.ru, has posted a list of sites that have vulnerabilities around cross-site scripting flaws.  These vulnerabilities make it easy for phishers and other hackers to use these URLs in scams to get people to give up their legitimate personal and financial data.  Low and behold among the sites listed is none other than eEye Digital Security.  For those who may not know, eEye is a company that has made their bones by exposing vulnerabilities in other security companies products.  You can read more about it (if you read Russian) here.  I wonder what their Chief Hacking Officer is going to say about this. 

By the way, eEye was not alone, other sites and companies including Verisign, Cisco, Snort.org and even the NSA were listed as being guilty of the above.  Scary stuff!

Posted at 12:00 AM in other security companies, VAM |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83451e4d369e200d834a91a8653ef

Listed below are links to weblogs that reference People in glass houses, ....:

Comments

My Photo

Subscribe to my blog

Enter your email address:

Delivered by FeedBurner

Lijit Search

Blog Networks

Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 2.5 License.

Search

Lijit Search

Attend a Computer Forensics Boot Camp to better your skills and become a better worker

Categories

Track my blog stats

Blog powered by TypePad
Member since 10/2005

About