For EC-Council, Mum's the word

[InfoSec News <alerts () infosecnews org>]

http://www.infosecnews.org/for-ec-council-mums-the-word/

By William Knowles
Senior Editor
InfoSec News
March 12, 2013

We have been following the compromise, Web defacement, and subsequent 
silence of EC-Council for a couple of weeks now. On February 22nd the 
Albuquerque, NM based EC-Council Web site was broken into and defaced 
three separate times.  If you hold a certification from EC-Council your 
confidential information is rumored to have been stolen during this 
period.

After the EC-Council administrators wrested back control of their site the 
first time, a known password was used to deface the Web site again. The 
second defacement showed the mail from Edward Snowden's Yokota Air Base 
email address requesting an exam code, along with a copy of his U.S. 
Passport and a letter signed by John A. Niescier, an Information Security 
Officer with the Department of Defense Special Representative, Japan.

All told, the website was compromised three times in a single week.

Conspiracy rumors abound about who attacked the EC-Council Web site. 
Foreign training companies, Secret Squirrels, The Chinese, The Russians, 
Non-state actors were all considered possible suspects. However, the folks 
at r000t's blag did some digging and their conclusions provide pretty 
damning evidence identifying the likely culprit.

Since the attack, EC-Council has kept a very low profile, InfoSec News has 
reached out several times to Founder Jay Bavisi for a comment, but the attempts 
have fallen on deaf ears. Now nearly three weeks later, the EC-Council finally 
commented on the attack.

[...]



--
Find the best IT Security talent without breaking your recruiting budget.
Jobs cross-posted to Simply Hired, Facebook and LinkedIn.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/