Wednesday, July 8, 2020
Home Lead Story Hackers Gain Access to Internal Files of US-Based Cyber Security Company

Hackers Gain Access to Internal Files of US-Based Cyber Security Company

According to Ursem, the account allowed him to access internal Comodo files, including sales documents and spreadsheets in the company's OneDrive

Using an email address and password mistakenly exposed on the Internet, a hacker gained access to the internal files of US-based cyber security company Comodo, bringing the credibility of the company under question.

The credentials were found in a public GitHub repository owned by a Comodo software developer, TechCrunch reported on Saturday. The account was not protected with two-factor authentication and with the email address and password in hand, the hacker could enter the company’s Microsoft-hosted Cloud services. The leaked credentials were discovered by a Netherlands-based security researcher Jelle Ursem who reached out to Comodo Vice-President Rajaswi Das.

According to Ursem, the account allowed him to access internal Comodo files, including sales documents and spreadsheets in the company’s OneDrive and the company’s organisation graph on SharePoint, allowing him to see the team’s biographies, contact information, like phone numbers and email addresses, photos, customer documents and calendar.

hackers, cyber security
According to Ursem, the account allowed him to access internal Comodo files, including sales documents and spreadsheets in the company’s OneDrive. Pixabay

ALSO READ: Email Attacks: IT Professionals Struggle in Spotting Suspicious Emails

Screenshots of folders containing agreements and contracts with several customers — with names of customers in each filename, such as hospitals and US state governments.

“Seeing as they’re a security company and give out Secure Sockets Layer (SSL) certificates, you’d think the security of their own environment would come above all else,” the report quoted the Userm as saying. Earlier this year Ursem found a similarly exposed set of internal Asus passwords on an employee’s GitHub public account. (IANS)

STAY CONNECTED

18,993FansLike
362FollowersFollow
1,781FollowersFollow

Most Popular

Here’s How you can Manage Flu at Home

The monsoon has begun, and while it brings relief from summer heat it also brings perils of humidity. With the rain showers comes the...

Top Selection Criteria for a Voltage Stabilizer

In our power grids, voltage fluctuation is a common phenomenon. But it also is a concerning one as it can harm sensitive electrical appliances...

Dalai Lama Turns 85, Tibetans Dedicate Year 2020 to him

In the wake of the coronavirus outbreak, the Central Tibetan Administration (CTA), also known as Tibetan government-in-exile, on Monday announced to dedicate this year...

Here’s What to Expect When You Catch a Flight from the Airport

Hustling sounds, frequent announcements, savvy travelers glued to their gadgets, emotional families waiting to receive or see-off their loved ones-- it's perhaps the opening...

A Must have Adventure Bucket List

The worldwide lockdown due to coronavirus has brought a screeching halt to every industry, including the travel and hospitality. With restrictions on international travel...

Picture Perfect Living Room Decor Ideas

A cosy and comfortable sofa set, a coffee table for tete-a-tete and a perfect TV unit to keep the entertainment mode on, all these...

‘Covid’ Now the most Searched Word of 2020

The term 'Covid' - the commonly used shorthand for Covid-19 or Coronavirus disease caused by the SARS CoV-2 virus - is the top word...

Beauty of Indian Culture: William Dalrymple on his Experience Living in India

India is one of the most religiously and ethnically diverse nations with the oldest culture in the World. The Indian culture varies like its...

Recent Comments