Since last week the 17 years old security pentester has been in headlines for his activities of ‘raising security awareness’ among the government and educational organizations after they neglected his reports of such flaws, and the efforts seem to paid off for the duo ‘Kapustkiy’ and ‘Kasimierz.’
While giving an interview to the SecurityAffairs, the young pentester said he has ambitions to work in the Cyber Security industry.
Last week, Kapustkiy breached the Paraguay Embassy of Taiwan exploiting same SQLi injection flaw to demonstrate inadequate security in Asia.
While searching for simple SQLi flaws, the pentester found and breached two subdomains of the University of Wisconsin and the subdomain of the University of Virginia; the data was spilled on Pastebin including names, passwords, logins, phone, and other information related to students and the staff.
Earlier this month, the pentester with the moniker ‘Kapustkiy’ breached the Indian Embassy of 7 countries Switzerland, Romania, Mali, Italy, Libya, and Malawi. But the Indian Embassy didn’t fix the security issues, which led to another breach of Indian Embassy in New York and a leak of a small portion of breached data excluding US personnel.
