Ryan Singel from Wired.com outted Pfizer yesterday in a great article based on Support Intelligence data.

The article highlights the ongoing security difficulties at the pharmaceutical giant despite our efforts to inform them of the situation over the past few months. And if I wasn't crying about how bad things are I'd be laughing because frequently the spam their bots send touts illegitimate knock-offs of their own flagship product, Viagra.

The spam also promotes black-market versions of Cialis produced by competitor Eli Lilly, and Levitra by Bayer. Ruh roh.

The good news for Pfizer is the makers of "Mandik", another spammed pharmaceutical coming out of their servers, are unlikely to sue anybody any time soon. Phew.

On a more serious note - we've received spam from an absolute heap of Pfizer addresses, along with everyone else. In total 138 separate Pfizer IP addresses have turned up on various black lists. Holy cow Houston! This isn't a single employee surfing warez and getting infected - this is a serious breakdown of systemic control over their corporate network.

The unfortunate bit about all this is the company was informed of the scope of the problem back in early April - over five months ago. It's hard to imagine that as an industry of security professionals we can't do better than this.