Type
Research
Actors
Pub. date
October 26, 2022
Initial access
Software misconfig
Impact
Data exfiltration
Observed techniques
Public exposure abuse
Targeted technologies
Elasticsearch
References
https://cybernews.com/security/thomson-reuters-leaked-terabytes-sensitive-data/
Status
Stub
Last edited
Jun 2, 2024 11:57 AM
- publicly exposed ElasticSearch databases
- two DBs were designed to be publicly accessible
- while the third was a non-production server
- meant for collecting application logs from pre-production environment
- contained access credentials to third-party servers in plaintext
- possibly caused by misconfigured AWS ELB