A zero-day flaw in Drupal is now being said to be how hackers penetrated the network of law firm Mossack Fonseca and siphoned out more than 11.5 million files, according to The Hacker News.The theft of around 2.6 terabytes of data in what is now being termed the Panama Papers – which revealed confidential details of individuals' tax-avoidance schemes and implicated 72 heads of state – was originally believed to be the result of an unpatched vulnerability in the widely used open source Drupal content management system.Critical patches are scheduled to be released on Wednesday to address a number of security issues in Drupal contributed modules used on between 1,000 and 10,000 sites, including several highly critical remote code execution (RCE) flaws. In an advisory, the Drupal Security Team advised users to update modules ASAP as "exploits are expected to be developed within hours/days."
Threat Management, Incident Response, Network Security, Patch/Configuration Management, TDR, Vulnerability Management
Drupal zero-day opened door of Panama Papers law firm, report
An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



