I'm shocked, shocked! Websites are created by incompetents!
Russian airline Aeroflot has exposed to the public internet the internal blueprints for its website, aeroflot.ru, The Register has learned. Specifically, the biz has left a Docker registry server open to all the world to see: if asked nicely, with no authentication, it will cough up compressed archives of the confidential …
”We have decided not to link to the server exposing the information, nor go into detail on the data-leaking vulnerability, in the interests of responsible disclosure.”
In other words, “...because we don’t want to come into work one day and find Novichok smeared on our door handles”
Salisbury Cathedral is terrible to visit at this time of year - very little mud and slush so most people go to Stonehenge instead.
Much better to go in late winter when the cooler temperatures provide a good excuse for not hanging around for very long and getting back on the train to London before anyone asks questions.
I am at a loss, here ... does this mean that OpenBSD, FreeBSD, Linux kernel, tar, nc, and many other pieces of software are a risk ? I mean, ok, here, somebody can run a copycat website on, say www.aerofloat.ru and potentially trick ppl into given away their hard earned cash ... but anything can siphon the website looks ... I fail to grasp ... of course, they might find sqlinjection points and with a database flavor it is easier to mount an attack ... but still ... meh
Biting the hand that feeds IT © 1998–2019