More unpatched web servers out there!
A subsite of the US Department of Homeland Security (DHS) was recently hacked as a result of poor security best practices for web servers. Apparently the site was vulnerable to what's known as a directory traversal vulnerability. We would assume that governments around the world would have good security processes in place, such as, making sure that all websites are updated with the latest security updates for both front and backend components, and use basic security measures to secure and configure their websites! For more critical websites, we would assume additional measures such as, protecting websites using web application firewalls, and performing regular security tests and monitoring.