Almost everybody by now is workings from home and 84 percent are worried that new security vulnerabilities have been generated with the quick move towards 100 percent remote working.
Cloud service providers built their administration panels' user interface purposefully to mislead consumers and charge for more services than originally intended.
Although it was never demonstrated as a systematic business strategy, reports and alerts of a data breach have overwhelmed the internet in recent years since a cloud-based database has indeed been misconfigured and confidential information ultimately leaked.
Throughout the past month, Censys, a security company that specializes in census-like inspections on the internet, looked closely at the cloud-based services, hoping to uncover what the best potential origin of misconfiguration might be for cloud-based businesses. As per the study, Censys has found over 1.93 million cloud server databases that have been displayed publicly without even any firewall or other authentication measures. The security company arguments that threat actors will discover and target these databases utilizing older vulnerability exploits. In addition, if the database was unintentionally leaked, it could also use a weak or even no password at all, disclosing it to all those who have detected its IP address.
Censys reported having been used to scan MySQL, Postgres, Redis, MSSQL, MongoDB, Elasticsearch, Memcached, and Oracle and that nearly 60 percent of all disclosed servers were MySQL databases which represent 1.15 million of the 1.93 million overall exposed DBs.
The security agency also searched to find ports that could also be exposed by clouds service as they are normally used for remote management applications like SSH, RDP, VNC, SMB, Telnet, Team Viewer, and PC An ..
Support the originator by clicking the read the rest link below.
