A case-study on the quality of infosec reporting