Another Dutch Security firm "Gemnet" get compromised. The hack appears to have started when someone discovered a publicly accessible instance of phpMyAdmin without a password. phpMyAdmin is a web interface for managing SQL databases that should not be facing the open internet, password required or not.
By manipulating the databases the attacker was allegedly able to gain control over the system and all of the documents contained on it. The parent company, KPN, insists the documents contained on the server were all publicly available.
webwereld reports that the hacker claims to have accessed non-public documents that outlined the secure communication networks and procedures for communication between KPN and governments and customers.
Gemnet CSP, KPN's certificate authority division, has also suspended access to their website. While KPN believes that Gemnet CSP has not been compromised, it would appear they are taking precautions while they investigate the incident. The attacker reportedly was able to obtain the password (braTica4) used for administrative tasks on the server as well.
Gemnet provide security consulting and authentication technologies to nearly all parts of the Dutch government including the Ministry of Security and Justice, Bank of Dutch Municipalities and the police.
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
Categories:
cyber-crime
,
ROT
,
security-news
,
vulnerablity