CyberNews Briefs

Security Alert as Researchers Discover 400,000 Exposed Databases

Researchers at Group-IB have discovered hundreds of thousands of databases that have been exposed to the public facing internet over the past year. The databases were subject to compromise during the time that they were left unsecured, according to researchers. Group-IB’s Attack Surface Management team stated that it continually scans the IPv4 landscape to identify exposed databases, malware, and other threats. The team claimed to have found 399,200 exposed databases via these efforts from Q1 2021 to Q1 2022.

Most of the exposed databases utilized the Redis database management system, followed by MongoDB. The same techniques used by Group-IB to discover the databases could be used by attackers, the team explained. Last month 90% of a random sample of Russian databases the team found exposed had been access and either deleted or had their names changed by pro-Ukrainian actors, leading researchers to believe that the databases were easy to find. Organizations often struggle to gain visibility into and control the exposed assets, and Group-IB stated that it took an average of 170 days for database owners to fix the exposure issues.

Read More: Security Alert as Researchers Discover 400,000 Exposed Databases

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.