. home.aspx



Hackers access files of US-based cyber security firm

July 28, 2019 / Sify

Using an email address and password mistakenly exposed on the Internet, a hacker gained access to the internal files of US-based cyber security company Comodo, bringing the credibility of the company under question. The credentials were found in a public GitHub repository owned by a Comodo software developer, TechCrunch reported on Saturday. The account was not protected with two-factor authentication and with the email address and password in hand, the hacker could enter the company's Microsoft-hosted Cloud services. The leaked credentials were discovered by a Netherlands-based security researcher Jelle Ursem who reached out to Comodo Vice-President Rajaswi Das. According to Ursem, the account allowed him to access internal Comodo files, including sales documents and spreadsheets in the company's OneDrive and the company's organisation graph on SharePoint, allowing him to see the team's biographies, contact information, like phone numbers and email addresses, photos, c...