Meow

#ElasticSearch, one of the database engines targeted by the #MeowDbAttack, has long had ZARRO authentication and security features in its free version.

(Security was added in only release 6.8, in May 2019, the database itself was released in 2010 https://www.elastic.co/guide/en/elasticsearch/reference/6.8/release-notes-6.8.0.html)

Instructions on securing the databse which remains unsecured by default are dated Februarry 2020:
https://www.elastic.co/blog/how-to-prevent-elasticsearch-server-breach-securing-elasticsearch

ElasticSearch is "trusted, used, and loved by" #Bayer, #Adobe, #Lenovo, #WalMart, and #Kroeger (https://www.elastic.co/elasticsearch/) and is the featured search utility on #AmazonAWS (https://aws.amazon.com/elasticsearch-service/)

The (strongly justified IMO) attack has removed nearly 4,000 unsecured databases since July 22:

One of the first publicly known examples of a Meow attack is an Elasticsearch database belonging to a VPN provider that claimed not to keep any logs.

https://arstechnica.com/information-technology/2020/07/more-than-1000-databases-have-been-nuked-by-mystery-meow-attack/

I'd really like to hear from #ElasticNV or founder/CEO #ShayBanon. For now, crickets:

https://twitter.com/kimchy

https://twitter.com/elastic

HN: https://news.ycombinator.com/item?id=23957510

SO: https://stackoverflow.com/questions/63067062/elastic-search-indexes-gets-deleted-frequently

Vendor, service, client, and deployment bullshit like this is a major cause of my frustrations (and worse) with the IT industry.

Other targets include #MongoDB #Cassandra #CouchDB #Redis #Hadoop #Jenkins, and unsecured network-attached storage devices (NAS).

Hats off to Meow's authors.

#sysadmin #dbadmin #netadmin #devops #infosec #schadenfreude

1