- Security
- By Sergiu Gatlan
- December 12th, 2018
Campaign Drops Coinminer on Linux Boxes Using Old Elasticsearch Vulnerabilities
Actors pivot to other network devices from infected machines
- Security
- By Sergiu Gatlan
- November 28th, 2018
57 Million Personal Info Records Leaked by Unprotected ElasticSearch Server
The open database contained only US citizens' PII data
- Security
- By Catalin Cimpanu
- December 3rd, 2015
Elasticsearch Servers Targeted by Linux-Based Botnet Operators
30+ bots detected over a 3-month honeypot experiment
- Security
- By Catalin Cimpanu
- August 15th, 2015
Administrators Continue to Fail in Securing Databases by Using Proper Configs
Redis, MongoDB, ElasticSearch, and Memcached servers are not properly configured by their administrators
- Security
- By Ionut Ilascu
- May 11th, 2015
Honeypot Records 8,000 Attacks Exploiting RCE Flaw in Elasticsearch
Most of the assaults originate from machines in China
- Security
- By Ionut Ilascu
- March 10th, 2015
Exploit Code Published for Elasticsearch Remote Code Execution Flaw
There is indication that the glitch is exploited in the wild