Fortune 500 computers sending spam
You would expect Fortune 500 companies to have high end antivirus, antispyware and antimalware software yes and have their networks set up to block the end result of PCs that may be infected? Apparently not.
Check out this article at the Washington Post by Brian Krebs:
http://blog.washingtonpost.com/securityfix/2007/03/fortune_500s_unwittingly_becom.html
The outted companies are:
Oracle Corp - spam seen as far back as 21 February - http://psbl.surriel.com/listing?ip=148.87.13.7
American Electric Power - infected hardware apparently owned by a contractor - spam seen as far back as 7 December - http://psbl.surriel.com/listing?ip=167.239.128.222. AEP's excuse for the problem is that "AEP was obligated to set up the contractors with Web mail, instant messaging and other communications tools that generally are not allowed inside of the company's network".
Hewlett-Packard - declined to comment about the incident
ExxonMobil - oh yay, spam from that IP as far back as October last year!! - http://psbl.surriel.com/listing?ip=158.21.255.8
IndyMac Bank - February 2007 - http://psbl.surriel.com/listing?ip=65.214.149.253
Home Depot
Electronic Arts
Dow Jones - spam seen back in mid March - http://psbl.surriel.com/listing?ip=205.203.128.199&list=PSBL+list+query
Best Buy - infected since October 2006!! (http://bl.csma.biz/cgi-bin/listing.cgi?ip=198.22.122.118 and http://psbl.surriel.com/listing?ip=198.22.122.118&list=PSBL+list+query)