Panama Papers and the importance of updated scripts
Saturday, April 9th, 2016 - General
I thought this was interesting.
As you may be aware the law firm Mossack Fonseca in Panama was recently hacked exposing quite a bit of customer data – the so called Panama Papers. While the actual root cause of this hack is still unknown some are speculating that this may have been done through known vulnerabilities in different outdated CMS software used on their website.
According to Wired the Mossack Fonseca website was using a 3 month old version of WordPress and nearly a 2.5 year old version of Drupal. Each of these versions are known to be susceptible to multiple vulnerabilities.
All of this serves to underscore the importance of keeping software – especially web facing software – up to date. If you don’t, you may just find yourself being a victim of a hack or compromise, much like Mossack Fonseca.
At AMS Computer Services we try to do our best to inform our users of when a new script update is available. We encourage users to sign up for announcements or mailing lists directly from the script developers so that you will know precisely when a new version is release.
• WordPress – WordPress Announcement Email list
• Joomla! – Joomla! Announcement RSS Feed
• Drupal – Drupal Security Twitter Account
• Magento – Magento Announcement Email list
• WHMCS – WHMCS Announcement RSS Feed
It is important to note that script developers can only do so much. If a script developer is not releasing security patches in a timely manner that is the fault of the script developer. But if a script developer is releasing security updates, but end-users are not installing those security updates, then there’s really nothing more that the script developer can do. It is up to the end-users – people that install these scripts – to be responsible for keeping them up to date.
Matt
AMS Support