Short Bytes: What if the website of the man appointed to safeguard the US government from cyber threats is hackable itself. It has been known the President-elect Donalds Trump’s cybersecurity advisor’s company runs a website which uses outdated versions of PHP, Joomla CMS, and unsafe Adobe Flash plugin. It doesn’t even enable HTTPS connections.It was recently announced that former NYC Mayor Rudy Guiliani would be President-elect Trump’s Cyber Security Advisor, considering Guiliani’s 16 years of experience in this field. But you’ll be surprised to know that the website operated by Rudy’s security company is unsafe as hell.
The insecure nature of the Giuliani Security & Safety’s website is pointed out by Dan Tentler who is the founder of the Phobos Group. It uses an outdated version of the free-to-use CMS Joomla (Joomla) which was released almost four years ago. Since then, a number of vulnerabilities have been revealed about the CMS version.
The story doesn’t end here. The website doesn’t even enable HTTPS connection and uses Adobe “Flash”, I guess there is nothing more to say and forget the fact that HSTS exists at all. Also, the SSL certificate is expired and it uses an outdated version of PHP.
“Our [cyber] offense is way ahead of our defense. We’ve let our defense fall behind. Starting, it seems, with his very own security firm,” said Giuliani while addressing the reporters on Thursday.
Having said that, it isn’t about questioning the personal capabilities of Giuliani. What needs to be observed is how he’s going to protect the US government from cyber threats.
What are your thoughts on this? Drop them in the comments.