BT has had two of its UK websites defaced by hackers over the last three days.
On Sunday hackers left a rant about ADSL on the search.bt.com site, and yesterday btworldwide.com was defaced by the Prime Suspectz group of hackers.
Paul Rogers, network security analyst at MIS, informed vnunet that although BT had patched its btworldwide.com server against the well-known hackers' favourite 'unicode bug', it still had other vulnerabilities present.
"It's surprising that it's still not fully secure," he said. "You'd expect a big company like BT to follow its own in-house security procedures, even down to the web servers."
Rogers added that a vulnerability still exists on btcellnet.net servers allowing an intruder to compromise customer accounts.
"We warned BT Cellnet about this months ago, but it still hasn't been patched," he said. "This is another case of people not following proper security procedure," he added.
Credit card company Visa's German home page was also broken into yesterday, another case of vulnerable versions of NT and IIS 4 not being updated properly. The hackers, Reflux and Asouza, also left a worrying message in their native Portuguese on the site: "We will now buy a webcam with the credit card numbers we stole," it said.
The comment would appear to be nothing more than a scare tactic, however, as no credit card details are kept on the site.
"That still doesn't bode well for Visa's reputation with customers," warned Rogers. "Would you still want to use your credit card online with a company that can't even secure a web server?"
Rogers added that a company "should never place a machine as a publicly facing server unless it can be sure the system is secure".
Out of 28 website defacements so far today, five of them are redefacements - they have already been hacked in the past, and this is something hackers love reminding system administrators about.
But it would appear that webmasters are not listening to the intruders, who often leave messages claiming the hack was done "to prove how insecure the server is" and instructions on how to secure the machine.
'Sunlit wet sidewalk' provides evidence of methane rainfall on the north pole of Saturn's moon Titan
Methane rainfall indicates the start of the summer season in Titan's northern hemisphere
Scientists believe there could be other hydrides or superhydrides with super conducting properties
Resetting the telemetry circuits and associated boards brought the instrument back to operations mode
Fortnite news and updates: Flaw in Fortnite authentication could have helped attackers steal player login credentials
Attackers could have used Fortnite security flaw to buy in-game currency on players' stored credit cards