Business Continuity Management / Disaster Recovery , Critical Infrastructure Security , Cybercrime

Elasticsearch Attack: The Problem of Unsecured Databases

Also: The Politics of Supply Chain Attacks; Combating Mobile Fraud
Elasticsearch Attack: The Problem of Unsecured Databases

The latest edition of the ISMG Security Report discusses how security researchers have warned of a new attack campaign targeting 1,200 cloud-based Elasticsearch databases. It also revisits the Kaseya supply chain attack and examines how we can mitigate mobile phone fraud.

In this report, you'll hear (click on player beneath image to listen):

  • ISMG's Mathew Schwartz discuss how security researchers have identified indexes of multiple unsecured, internet-facing Elasticsearch databases replaced with ransom notes;
  • ISMG's Jeremy Kirk share a taster of a bonus edition of "The Ransomware Files" that tells the story of a Dutch company that was affected by the Kaseya ransomware software supply chain attack last year;
  • Kristi Wilson of T-Mobile outline what the telecoms industry is doing to spot and stop the scale of mobile phone fraud.

The ISMG Security Report appears weekly on this and other ISMG websites. Don't miss the May 20 and May 27 editions, which respectively discuss the big changes to the ransomware ecosystem since Colonial Pipeline and how money lost in BEC scams hit $4.3 billion in 2021.

Theme music for the ISMG Security Report is by Ithaca Audio under a Creative Commons license.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.