-->
Viacom Left Sensitive Information In Addition To Hugger-Mugger Access Cardinal On Unsecured Amazon Server

Viacom Left Sensitive Information In Addition To Hugger-Mugger Access Cardinal On Unsecured Amazon Server

Viacom Left Sensitive Information In Addition To Hugger-Mugger Access Cardinal On Unsecured Amazon Server

the pop amusement too media companionship that owns Paramount Pictures Viacom Left Sensitive Data And Secret Access Key On Unsecured Amazon Server
Viacom—the pop amusement too media companionship that owns Paramount Pictures, Comedy Central, MTV, too hundreds of other properties—has exposed the keys to its kingdom on an unsecured Amazon S3 server.

H5N1 safety researcher working for California-based cyber resiliency trouble solid UpGuard has late discovered a wide-open, public-facing misconfigured Amazon Web Server S3 cloud storage bucket containing approximately a gigabyte's worth of credentials too configuration files for the backend of dozens of Viacom properties.

These exposed credentials discovered past times UpGuard researcher Chris Vickery would direct hold been plenty for hackers to direct hold downwards Viacom's internal information technology infrastructure too cyberspace presence, allowing them to access cloud servers belonging to MTV, Paramount Pictures too Nickelodeon.

Among the information exposed inwards the leak was Viacom's master copy cardinal to its Amazon Web Services account, too the credentials required to cook too keep Viacom servers across its many subsidiaries too dozens of brands.
"Perhaps virtually damaging amid the exposed information are Viacom's hush-hush cloud keys, an exposure that, inwards the virtually damaging circumstances, could position the international media conglomerate's cloud-based servers inwards the hands of hackers," an UpGuard spider web log postal service says. 
"Such a scenario could enable malicious actors to launch a host of damaging attacks, using the information technology infrastructure of i of the world's largest broadcast too media companies."
In other words, the access cardinal too hush-hush cardinal for the company's AWS trouble organisation human relationship would direct hold allowed hackers to compromise Viacom's servers, storage, too databases nether the AWS account.
the pop amusement too media companionship that owns Paramount Pictures Viacom Left Sensitive Data And Secret Access Key On Unsecured Amazon Server
According to the analysis performed past times UpGuard, a number of cloud instances used inside the media company's information technology toolchain, including Docker, Splunk, New Relic, too Jenkins, could direct hold "thus been compromised inwards this manner."

In add-on to these damaging leaks, the unprotected server also contained GPG decryption keys, which tin ship away endure used to unlock sensitive data. However, the server did non incorporate whatever client or employee information.

Although it is unclear whether hackers were able to exploit this information to access of import files belonging to Viacom too the firms it owns, the media giant said there's no prove anyone had abused its data.
"We direct hold analyzed the information inwards enquiry too determined at that topographic point was no cloth impact," the companionship said inwards a statement.

"Once Viacom became aware that information on a server—including technical information, exactly no employee or client information—was publicly accessible, nosotros rectified the issue."
All the credentials direct hold instantly been changed after UpGuard contacted Viacom executives privately, too the server was secured soon afterwards.

This is non the start fourth dimension when Vickery has discovered a company's sensitive information stored on an unprotected AWS C3 server.

Vickery has previously tracked downwards many exposed datasets on the Internet, including personal details of over 14 meg Verizon customers, a cache of 60,000 documents from a States military, information of over 191 Million States voter records, too 13 Million MacKeeper users.
Blogger
Disqus
Pilih Sistem Komentar

No comments

Advertiser