Your ship comms app is ‘secured’ with a Flash interface, doesn’t sanitise SQL inputs and leaks user data, you say?

A software suite intended to let merchant ships’ crews digitally communicate with the world ashore was riddled with security vulnerabilities including undocumented admin accounts with hardcoded passwords and widespread use of Adobe Flash. Infosec consultancy Pen Test Partners said it took all of 90 minutes to discover enough problems with Dualog Connection Suite to submit six CVE number requests.

Read full article on The Register

 


Date:

Categorie(s):