India’s income tax department patched a bug on its website last week, that allowed attackers to gain control of the site. Thankfully, there was no loss of data. Security researcher Dhiraj Mishra discovered the vulnerability, and informed CERT-In, the country’s nodal agency to deal with cybersecurity threats. The agency acknowledged the bug and it was patched silently. [Read: Mozilla launches a VPN app for Android and Windows] The website was vulnerable to SharePoint RCE (Remote Code Execution) — code CVE-2019-0604 — which was discovered last year. The exploit allows attackers to run arbitrary code on the server to affect operations of the…
This story continues at The Next Web
Or just read more coverage about: Security
from The Next Web https://ift.tt/2SHxjKR
No comments:
Post a Comment