Cybersecurity large Comodo can’t even maintain its personal web site safe

Cybersecurity large Comodo can’t even maintain its personal web site safe

Comodo, which payments itself as a “world chief in cybersecurity options,” stated its discussion board was hacked.

The admission got here in at least a discussion board put up, which confirmed a hacker exploited a lately disclosed vulnerability in vBulletin, a well-liked discussion board software program utilized by Comodo. The flaw, which requires little ability to use, permits an attacker to remotely run malicious code on a susceptible discussion board. On this case, the exploit was used to dump all the consumer database.

Exploit code was launched on September 23. Two days later, vBulletin launched patches for the software program.

However regardless of claiming in its disclosure that it takes “safety very significantly” and is its “highest precedence,” the corporate didn’t instantly patch its discussion board software program. 4 days after the patches have been launched, its discussion board was hacked.

Based on the disclosure, Comodo stated the hackers stole usernames, names and e-mail addresses, in addition to the consumer’s final IP handle used to entry the discussion board. Some social media handles have been additionally stolen within the breach.

Comodo stated it has about 245,000 registered discussion board customers.

It’s not probably the most damaging breach on report, but it surely’s a bruising safety lapse for a corporation that claims to be half-decent at these things.

That is Comodo’s second safety snafu this 12 months following one other breach involving an uncovered password, which allowed a safety researcher entry to the corporate’s intranet — and entry to inner information and paperwork.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.