We received quite a bit of reports of people saying that Secunias web site has been defaced. And indeed, when I visit Secunias web site from my machine (located in Europe), I see a defaced web site as below:
However, after double checking it appears that their DNS records have been modified. The defaced web site is located (for me) at the following IP address:
$ host www.secunia.com
www.secunia.com is an alias for secunia.com.
secunia.com has address 220.127.116.11
secunia.com mail is handled by 0 secunia.com.
Checking my passive DNS system, I can see that previously www.secunia.com was at 18.104.22.168.
And, as suspected, after checking manually we can see that the original Secunias web site is still there:
$ telnet 22.214.171.124 80
Connected to secunia.com (126.96.36.199).
Escape character is '^]'.
GET / HTTP/1.0
HTTP/1.1 200 OK
Date: Thu, 25 Nov 2010 08:46:29 GMT
meta name=Title content=Secunia.com
link rel=stylesheet type=text/css href=/css/secunia.css
Checking WHOISentries will show more, but this defacement again shows how DNS is a critical resource.
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.