[telecom] U.S. gov. accidentally publishes own short-URL 'admin' API key

U.S. gov. accidentally publishes own short-URL 'admin' API key

Summary: Days after the Go.USA.gov short-URL service's API became available to U.S. government employees, the department accidentally published the admin username and API key, allowing hackers to potentially create short URLs to phishing, scam or malware-ridden sites.

By Zack Whittaker for Zero Day November 1, 2012 ZDNet

The U.S. government mistakenly published a secret administrator's username and private API key on its short URL website that could have potentially allowed anyone to redirect Web users to malware-ridden pages through the official U.S. government short URL service, ZDNet has learned.

..

formatting link

Reply to
Monty Solomon
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.