CyberNews Briefs

NASA internal app leaked employee emails, project names

A NASA server running Jira, an application used by the space agency to track internal bugs for apps and projects, was leaking sensitive information including staff usernames, names and project names last year. Bug hunter Avinash Jain detected and reported the issue in early September 2018, but NASA only fixed the problem over 3 weeks later, without notifying or thanking Jain.

The information being revealed by the leaky web app was not very detailed, but could be used by attackers to carry out highly targeted spear phishing attacks directed at NASA employees.

Read more:

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.