Thursday, November 29, 2018

2018 - Year of Data Leak + Data Breach - The sad part is "Data Leak" can be easily avoided if we can overcome SIS (Security Ignorance Syndrome)



ElasticSearch server database containing the information of nearly 57 million U.S. residents was found to have been left exposed without a password.

The data base was first indexed by Shodan on November 14, 2018 and contained the information including first and last names, employers, job titles, email, addresses, state, zip codes, phone numbers, and IP addresses. Diachenko also reportedly discovered a second cached database named “Yellow Pages,” which reportedly held an additional 25,917,820 records, which appeared to be business entries.

Overprivileged identities are one of the biggest threats facing enterprises with complex, multi-cloud environments, and we will continue to see database leaks like this one until companies get better at assessing and managing unused, high-risk privileges

https://www.scmagazine.com/home/security-news/elasticsearch-server-exposed-data-of-nearly-57m-u-s-residents/

No comments:

Post a Comment