Security researchers have discovered and successfully exploited a vulnerability which gave them access to over 100,000 private employee records belonging to the United Nations Environmental Programme (UNEP).
The discovery was made by the ethical hacking and security research group Sakura Samurai after its members Jackson Henry, Nick Sahler, John Jackson and Aubrey Cottle came across the UN's Vulnerability Disclosure Program and Hall of Fame.
In trying to find vulnerabilities to report to the UN, the researchers came across exposed Git directories (.git) and Git credential files (.git-credentials) on domains associated with the UNEP and UN's International Labour Organization (ILO). Sakura Samurai then dumped the contents of these Git files and cloned entire repositories using git-dumper.
- We've put together a list of the best disaster recovery services available
- Keep your devices virus free with the best malware removal software
- Also check out our roundup of the best ...
Copyright of this story solely belongs to techradar.com . To see the full text click HERE