elasticsearch
Removing Search Guard from the Central Repository
We at Sonatype take our responsibility as stewards of the Central Repository (Central) very seriously, and for well over a decade we have been dedicated to the ideal of immutability when it ...
Exposed internal database reveals vulnerable unpatched systems at Honda
Automotive giant Honda has shut down an exposed database that contained sensitive information about the security — specifically the weak points — of its internal network. Security researcher Justin Paine discovered the ...
Misconfigured ElasticSearch Cluster Exposed Over 90 Million Records
A security researcher found a misconfigured ElasticSearch cluster that exposed over 90 million personal and businesses data records. On 1 July, GDI Foundation member and an independent security researcher Sanyam Jain found ...
Unsecured databases found leaking half a billion resumes on the net
A staggering 590,497 million resumes have leaked from poorly-secured Chinese companies in just the last three months. The post Unsecured databases found leaking half a billion resumes on the net appeared first ...
Preventing Security Breaches Within Company Search Applications
Far too many organizations found their names in headlines during the first month of 2019. Many came after a security researcher discovered a trove of Elasticsearch database misconfigurations that left data exposed ...
Data of 32 million SKY Brasil customers easily accessible on unprotected ElasticSearch server
Brazil’s largest subscription television services company, SKY Brasil, leaked private data of 32 million customers on ElasticSearch, a search engine favored by enterprises, reported independent security researcher Fabio Castro on Twitter last ...
The Shared Security Weekly Blaze – Mobile App Data Leaks, The California Privacy Act, Third-party Gmail Access
This is the Shared Security Weekly Blaze for July 2nd, 2018 sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions and Silent Pocket. This episode was ...
The Shared Security Weekly Blaze – New WPA3 Wireless Standard, Malicious Smartphone Batteries, Exactis Data Leak
This is the Shared Security Weekly Blaze for July 2nd, 2018 sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions, Silent Pocket and CISOBox. This episode ...
toolsmith #132 – The HELK vs APTSimulator – Part 2
Continuing where we left off in The HELK vs APTSimulator - Part 1, I will focus our attention on additional, useful HELK features to aid you in your threat hunting practice. HELK ...
All of Yahoo’s 3 Billion Accounts Compromised in 2013
The massive data breach announced by Yahoo in December was believed to have affected around 1 billion accounts, but it turns out it actually affected the company’s entire user base of around ...
