Multiple unsecured entry points allowed researchers to access data belonging to Fermilab, a national particle physics and accelerator lab supported by the Department of Energy.
This week, security researchers Robert Willis, John Jackson, and Jackson Henry of the Sakura Samurai ethical hacking group have shared details on how they were able to get their hands on sensitive systems and data hosted at Fermilab.
After enumerating and peeking inside the fnal.gov subdomains using commonly available tools like amass, dirsearch, and nmap, the researchers discovered open directories, open ports, and unsecured services that attackers could have used to extract proprietary data.
Author: Ars Contributors
Source: Ars Contributors.” Researchers peek at proprietary data of US particle physics lab Fermilab”. Retrieved From https://arstechnica.com/?p=1763117
All Rights Of This Article Reserved To Ars Technica