Last edited Mon Feb 20, 2017, 10:25 AM - Edit history (1)
Trump's cyber-guru Giuliani runs ancient 'easily hackable website'
...
Giulianisecurity.com, the
website for the ex-mayor's eponymous infosec consultancy firm, is powered by a roughly five-year-old build of Joomla! that is packed
with vulnerabilities. Some of those bugs can be potentially exploited by miscreants using
basic SQL injection techniques to compromise the server.
This seemingly insecure system also has a surprising number of network ports open from MySQL and anonymous LDAP to a very out-of-date OpenSSH 4.7 that was released in 2007. It also runs a rather old version of FreeBSD.
Security gurus are right now tearing strips off Trump's cyber-wizard pick. Top hacker Dan Tentler was first to point out the severely out-of-date Joomla! install.
"It speaks volumes," Tentler told The Register, referring to Giuliani's computer security credentials, or lack of, and fitness for the top post. "Seventy-year-old luddite autocrats who often brag about not using technology are somehow put in charge of technology: it's like setting our country on fire and giving every extranational hacker a roman candle or, rather, not setting on fire, but dousing in gasoline."
http://www.theregister.co.uk/2017/01/13/giuliani_joomla_outdated_site/