Elasticsearch | Breaking Cybersecurity News | The Hacker News

Unsurprisingly, here at  Rewind , we've got a lot of data to protect (over 2 petabytes worth). One of the databases we use is called Elasticsearch (ES or Opensearch, as it is currently known in AWS). To put it simply, ES is a document database that facilitates lightning-fast search results. Speed is essential when customers are looking for a particular file or item that they need to restore using  Rewind . Every second of downtime counts, so our search results need to be fast, accurate, and reliable. Another consideration was disaster  recovery . As part of our  System and Organization Controls Level 2 (SOC2)  certification process, we needed to ensure we had a working disaster recovery plan to restore service in the unlikely event that the entire AWS region was down. "An entire AWS region?? That will never happen!" (Except for  when it did )  Anything is possible, things go wrong, and in order to meet our SOC2 requirements we needed to have a work...

The U.S. multinational computer software company Adobe has suffered a serious security breach earlier this month that exposed user records' database belonging to the company's popular Creative Cloud service. With an estimated 15 million subscribers, Adobe Creative Cloud or Adobe CC is a subscription service that gives users access to the company's full suite of popular creative software for desktop and mobile, including Photoshop, Illustrator, Premiere Pro, InDesign, Lightroom, and many more. What happened? — Earlier this month, security researcher Bob Diachenko collaborated with the cybersecurity firm Comparitech to uncover an unsecured Elasticsearch database belonging to Adobe Creative Cloud subscription service that was accessible to anyone without any password or authentication. How many victims? — The inadvertently exposed database, which has now been secured, contained personal information of nearly 7.5 million Adobe Creative Cloud user accounts. What type ...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

Ecuador officials have arrested the general manager of IT consulting firm Novaestrat after the personal details of almost the entire population of the Republic of Ecuador left exposed online in what seems to be the most significant data breach in the country's history. Personal records of more than 20 million adults and children, both dead and alive, were found publicly exposed on an unsecured Elasticsearch server by security firm vpnMentor, which made the discovery during its large-scale mapping project. For a country with a population of over 16 million people, the breach exposed details of almost every Ecuadorian citizen, including President Lenín Moreno as well as WikiLeaks CEO Julian Assange , who was given political asylum in the country in 2012. The unsecured Elasticsearch server, which was based in Miami and owned by Ecuadorian company Novaestrat, contained 18GB cache of data appeared to have come from a variety of sources including government registries, an automot...

Elastic, the company behind the most widely used enterprise search engine ElasticSearch and the Elastic Stack, today announced that it has decided to make core security features of the Elastic Stack free and accessible to all users. ELK Stack or Elastic Stack is a collection of three powerful open source projects—Elasticsearch, Logstash, and Kibana—that many large and small companies are using to format, search, analyze, and visualize a large amount of data in real time. In recent months, we have seen how thousands of instances of insecure, poorly configured Elasticsearch and Kibana servers had left millions of users sensitive data exposed on the Internet. Since the free version of Elastic Stack by default does not have any authentication or authorization mechanism, many developers and administrators fail to properly implement important security features manually. The core security features—like encrypted communication, role-based access control, authentication realms—in p...

In today's world, data plays a crucial role in the success of any organization, but if left unprotected, it could be a cybercriminal's dream come true. Poorly protected MongoDB, CouchDB, and Elasticsearch databases recently got a lot more attention from cybersecurity firms and media lately. More than half of the known cases of massive data breaches over the past year originated from unsecured database servers that were accessible to anyone without any password. Since the database of an organization contains its most valuable and easily exploitable data, cybercriminals have also started paying closer attention to find other insecure entry points. Though the problems with unprotected databases are no news and are widely discussed on the Internet, I want cybersecurity community and industry experts to pay some attention to thousands of unsafe Kibana instances that are exposed on the Internet, posing a huge risk to many companies. Kibana is an open-source analytics and visualiz...