1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Credentials stored in Ashley Madison's source code might have helped attackers

Discussion in 'CSO' started by RSS, Sep 8, 2015.

  1. RSS

    RSS New Member Member

    If you're a company that makes its own websites and applications, make sure your developers don't do what the Ashley Madison coders did: store sensitive credentials like database passwords, API secrets, authentication tokens or SSL private keys in source code repositories.

    Judging by the massive amount of data leaked last month by Impact Team from AshleyMadison.com's owner Avid Life Media (ALM), the hackers gained extensive access to the Canadian company's IT infrastructure.

    [ ALSO ON CSO: Ashley Madison still a top lure for scammers and crooks ]

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page