Martin's selection of few interesting IT Security, Privacy, and free tools from the Net: Another (in)security admin error - By not properly protecting the administration console, Weight Watchers provided all the keys and information needed to gain full root access to their entire cluster. It was too easy.

Tuesday, June 12, 2018

Another (in)security admin error - By not properly protecting the administration console, Weight Watchers provided all the keys and information needed to gain full root access to their entire cluster. It was too easy.

A critical server for popular weight-loss service Weight Watchers was left unprotected, allowing researchers to take a bite out of dozens of exposed S3 buckets containing company data and AWS access keys.

Researchers at Kromtech Security said that they discovered a Weight Watchers Kubernetes administration console earlier this month that was accessible over the Internet – without any password protection

https://threatpost.com/unprotected-server-exposes-weight-watchers-internal-it-infrastructure/132713/

Martin's selection of few interesting IT Security, Privacy, and free tools from the Net

Tuesday, June 12, 2018

Another (in)security admin error - By not properly protecting the administration console, Weight Watchers provided all the keys and information needed to gain full root access to their entire cluster. It was too easy.

No comments:

Post a Comment

Popular Posts

Categories

Blog Archive