The websites of NASA s Instrument Systems and Technology unit and Software Engineering division were broken into by taking advantage of SQL Injection flaws and poor access controls. Adobe says the two critical flaws (CVE-2020-24407) could allow arbitrary code execution as well as read or write access to the database. Researchers lack confidence in organizations’ defenses against looming Russian #cyberattacks, @wirelesswench report https://t.co/Q8lpOqhc1n.
Source: https://threatpost.com/nasa-hacked-sql-injection-120709/73217/