all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Apache Superset: A story of insecure default keys, thousands of vulnerable systems, few paying attention

Add to bookmarks
April 25, 2023, 10:35 p.m. | Thomas Claburn

The Register - Security www.theregister.com

Two out of three public-facing app instances open to hijacking

Apache Superset until earlier this year shipped with an insecure default configuration that miscreants could exploit to login and take over the data visualization application, steal data, and execute malicious code.…

apache apache superset app application attention code configuration data data visualization default exploit hijacking insecure keys login malicious public steal story superset systems visualization vulnerable

Visit resource

More from www.theregister.com / The Register - Security

Mandiant: Orgs are detecting cybercriminals faster than ever 13 minutes ago | www.theregister.com
big cyberattacks cybercriminals detect +8
UnitedHealth admits breach could 'cover substantial proportion of people in America' 48 minutes ago | www.theregister.com
america breach change change healthcare +14
Leicester streetlights take ransomware attack personally, shine on 24/7 2 hours ago | www.theregister.com
attack city control council +13
Over a million Neighbourhood Watch members exposed through web app bug 4 hours ago | www.theregister.com
app bug can communications +15
Misconfigured cloud server leaked clues of North Korean animation scam 7 hours ago | www.theregister.com
address amazon animation bbc +19
Old Windows print spooler bug is latest target of Russia's Fancy Bear gang 12 hours ago | www.theregister.com
attacks bear bug called +34
FBI and friends get two more years of warrantless FISA Section 702 snooping 16 hours ago | www.theregister.com
biden bill can fbi +15
Europol becomes latest law enforcement group to plead with big tech to ditch E2EE 20 hours ago | www.theregister.com
big big tech bore can +18
Germany arrests trio accused of trying to smuggle naval military tech to China 21 hours ago | www.theregister.com
arrested arrests beijing china +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Penetration Tester

@ Resillion | Bengaluru, India
View on infosec-jobs.com

Senior Backend Software Engineer (Java) - Privacy Engineering (Open to remote across ANZ)

@ Canva | Sydney, Australia
View on infosec-jobs.com

(Senior) Information Security Professional (w/m/d)

@ IONOS | Deutschland - Remote
View on infosec-jobs.com

Information Security (Incident Response) Intern

@ Eurofins | Katowice, Poland
View on infosec-jobs.com

Game Penetration Tester

@ Magic Media | Belgrade, Vojvodina, Serbia - Remote
View on infosec-jobs.com
View more jobs