Submitted via IRC for Bytram
US president-elect Donald Trump's freshly minted cyber-tsar Rudy Giuliani runs a website with a content management system years out of date and potentially utterly hackable.
Former New York City mayor and Donald loyalist Giuliani was [...] unveiled by Trump's transition team as the future president's cybersecurity adviser – meaning Giuliani will play a crucial role in the defense of America's computer infrastructure.
Giulianisecurity.com, the website for the ex-mayor's eponymous infosec consultancy firm, is powered by a roughly five-year-old build of Joomla! that is packed with vulnerabilities. Some of those bugs can be potentially exploited by miscreants using basic SQL injection techniques to compromise the server.
This seemingly insecure system also has a surprising number of network ports open – from MySQL and anonymous LDAP to a very out-of-date OpenSSH 4.7 that was released in 2007.
[Editor's note: The website in question appears to have been taken down after this story went public.]
Source: The Register
(Score: 2) by Bot on Saturday January 14 2017, @12:18PM
why taking it down, then?
I yet have nothing bad to say on Trump other than his eyes being empty (like Obama's eyes are evil, Berlusconi's are downright scary, while good man Putin's are better... probably because he's a lookalike).
But if Giuliani server is outdated, let the other camp have a lil' fun with it. He had all the emailgate scandal period to fix his sh*t and did not care. Now karma has bitten.
Account abandoned.
(Score: 0) by Anonymous Coward on Saturday January 14 2017, @12:41PM
HEY EVERBODY COME HACK MY SITE
IT'S A LEGIT SITE WINK WINK
NOT A HONEYPOT I PROMISE