Navy Sites Spring Security Leaks

Thursday, 7 November 2002, 12:28 PM EST

The U.S. Navy took one of its websites offline Tuesday and added new security controls to a second site after Internet surfers discovered they could access confidential Navy databases.

The exposed Navy files included material designed to support a machine for testing the electronics of weapon systems called the Consolidated Automated Support System. Web surfers were able to browse through hundreds of trouble tickets, dating back to 1989.

Also accessible by Internet users was a site operated by the Naval Supply Systems Command that enables Navy personnel to order commercial software or internally developed applications. One section of the database, known as QUADS, allowed visitors to pull up records on who registered to use the system and included their passwords.

A group of French security enthusiasts known as Kitetoa discovered the vulnerable sites, which were running IBM's Lotus Domino software. Kitetoa has reported similar security problems with Lotus software on other government and private websites.

[ Read more ]




Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Sep 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //