Thursday, March 4, 2021
Home Lead Story Hackers Gain Access to Internal Files of US-Based Cyber Security Company

Hackers Gain Access to Internal Files of US-Based Cyber Security Company

According to Ursem, the account allowed him to access internal Comodo files, including sales documents and spreadsheets in the company's OneDrive

Using an email address and password mistakenly exposed on the Internet, a hacker gained access to the internal files of US-based cyber security company Comodo, bringing the credibility of the company under question.

The credentials were found in a public GitHub repository owned by a Comodo software developer, TechCrunch reported on Saturday. The account was not protected with two-factor authentication and with the email address and password in hand, the hacker could enter the company’s Microsoft-hosted Cloud services. The leaked credentials were discovered by a Netherlands-based security researcher Jelle Ursem who reached out to Comodo Vice-President Rajaswi Das.

According to Ursem, the account allowed him to access internal Comodo files, including sales documents and spreadsheets in the company’s OneDrive and the company’s organisation graph on SharePoint, allowing him to see the team’s biographies, contact information, like phone numbers and email addresses, photos, customer documents and calendar.

hackers, cyber security
According to Ursem, the account allowed him to access internal Comodo files, including sales documents and spreadsheets in the company’s OneDrive. Pixabay

ALSO READ: Email Attacks: IT Professionals Struggle in Spotting Suspicious Emails

Screenshots of folders containing agreements and contracts with several customers — with names of customers in each filename, such as hospitals and US state governments.

“Seeing as they’re a security company and give out Secure Sockets Layer (SSL) certificates, you’d think the security of their own environment would come above all else,” the report quoted the Userm as saying. Earlier this year Ursem found a similarly exposed set of internal Asus passwords on an employee’s GitHub public account. (IANS)

STAY CONNECTED

19,120FansLike
362FollowersFollow
1,773FollowersFollow

Most Popular

Best Sites To Play Andar Bahar Online

By John Graham Playing Andar Bahar is fun, especially when playing on a user-friendly site. It’s a game where you play and win. Besides, it’s...

7 Tips On How To Always Wake Up On Time In College

By Grace Johnson Many students complain that waking up early to go to classes seems to be getting more and more difficult day by day....

US Based OAC To Make The World’s First Space Hotel

If you are a space enthusiast, there is more exciting news as a US-based space construction company, Orbital Assembly Corporation (OAC), is planning to...

Gut Instinct To Figure Out Between Fake And Genuine Reviews

While booking a hotel online, travelers should trust their gut instinct rather than relying on computer algorithms to figure out between fake and genuine...

Study: Customized Diets Could Be Key To Optimizing Mental Health

Lifestyle changes and customized diets could be key to optimizing mental health, a new study suggests. The study indicates that significant customized diets and...

Study: One In Four People, Maybe Living With Some Degree Of Hearing Loss By 2050

Nearly 2.5 billion people worldwide, or one in four people, maybe living with some degree of hearing loss by 2050, and at least 700...

Rare India: Commit To A Life That Puts Planet And People First

The Climate crisis is real, and the travel industry is affected in so many ways that there is an immediate need to address how...

World Wildlife Day: Here Are Some Wildlife Sanctuaries Worth Visiting

With millions of species breathing on earth, the world celebrates Wildlife Day today, March 3, to raise awareness of global flora and fauna. There...

Recent Comments