A security incident disclosed that hackers exploited over 3,000 publicly available ASP.NET machine keys to execute remote code on IIS servers using ViewState code injection. This breach underscores developers’ vulnerabilities in managing machine keys, critical for web application security. Microsoft advises regular key rotation, enhanced monitoring, and using security tools to mitigate these risks and detect potential attacks.
Update: Kering confirms Gucci and other brands hacked; claims no conversations with hackers?
On September 11, DataBreaches broke the story that customers of several high-end fashion brands owned by Paris-headquartered Kering had their personal information acquired by ShinyHunters
