Cyber News

Thu, 5 Jan 2017 Personal Information

Confidential Files Found on Search Engines

data leak

The confidential files of online file sharing and content management provider were found via Google, Bing, and other search engines after a flaw was identified. The flaw lies in the invite URL generated for participants to access or collaborate with a cloud storage account. The invite URL directs participants to a landing page that is typically indexed by search engines. As a result, attackers are able to access sensitive data stored on collaborative accounts using a simple search engine query. They are also able to upload malware to a collaborative project, and attach malicious attachments in emails sent to participating employees.


References: Plugs Account Data Leakage Flaw

Certis CISCO Terms of Use Privacy Policy © 2017 Quann
Back to top