Bit9, a leading provider in trust-based security with products to protect endpoints from advanced malware, failed to install its own product on a handful of computers within its network. It was hacked to gain access to one of its digital code-signing certificates, which was then used to illegitimately sign malware and distribute. http://alrt.co/VPGzFP
Takeaway: This shows that the threat from malicious actors is very real, extremely sophisticated, and that they will try to infect and use the trusted brand names in security. And lastly, follow the best practices that you really recommend to your customers.