The website of America's new cyberczar — former New York Mayor Rudy Giuliani— is running on outdated, unprotected software that even the most basic attacker could breach, said security researchers.
The person or people who set up Giulianisecurity.com — which as of Friday afternoon is offline — made no effort to fortify the site from hackers and had not updated the software since it was downloaded in 2012, said Dan Tentler founder of security company Phobos Group. (This problem was first reported by Gizmodo.)
While on a plane from his mobile device, Tentler was able to pull up a browser and quickly see "read me" files that even the most basic web administrator would remove from view to make it harder for an attacker to compromise a website, he said.
"This is really, really, really basic — it barely even qualifies as security," he said. "Those files give you all the information you need to do nefarious things."