Skip to main content

Credentials in the Ashley Madison Sources

One of the security risks of software development is passwords and other credentials hard-coded into the source code.

A quick analysis of the leaked Ashley Madison dumps shows that software developers of AM forgot about these risks. Their source code contains AWS tokens, database credentials, certificate private keys and other secret credentials.

The consequence of this is a more vulnerable infrastructure, which probable made the lateral movement easier for the Impact Team.

Read More