SBN

Credentials in the Ashley Madison Sources

One of the security risks of software development is passwords and other credentials hard-coded into the source code.

A quick analysis of the leaked Ashley Madison dumps shows that software developers of AM forgot about these risks. Their source code contains AWS tokens, database credentials, certificate private keys and other secret credentials.

The consequence of this is a more vulnerable infrastructure, which probable made the lateral movement easier for the Impact Team.

The post Credentials in the Ashley Madison Sources appeared first on Rainbow and Unicorn.

*** This is a Security Bloggers Network syndicated blog from Rainbow and Unicorn authored by Gabor. Read the original post at: https://blog.gaborszathmari.me/credentials-in-the-ashley-madison-sources/