#amazonaws

ws01@diasp.org

So sehr ihr aus :-)

<p style=3D"margin: 0px 0px 16px;">Um die offene Ford=
erung einzusehen und zu begleichen, bitten wir Sie, sich =C3=BCber den=
 folgenden Link bei der SCHUFA anzumelden: <a href=3D"https://bitly.ne=
t/3Vvxl9l">https://www.schufa.de/s4b-registrierungseite.jsp</a></p>

Lustig ist, in der text/plain-Variante, bei deren Darstellung Thunderbird syntakisch korrekte Links ungefragt ebenfalls als Links anbietet, würde man tatsächlich bei der Schufa landen - keine Ahnung, ob es die Seite da tatsächlich gibt. Wenn ich die Schufa wäre ...

Tatsächlich kommt die Phishing-Mail von einem Host aus dem IP-Range von Amazon AWS.

#phishing #mail #fischersfritzefischtfrischefische #schufa #amazonaws

dredmorbius@joindiaspora.com

Meow

#ElasticSearch, one of the database engines targeted by the #MeowDbAttack, has long had ZARRO authentication and security features in its free version.

(Security was added in only release 6.8, in May 2019, the database itself was released in 2010 https://www.elastic.co/guide/en/elasticsearch/reference/6.8/release-notes-6.8.0.html)

Instructions on securing the databse which remains unsecured by default are dated Februarry 2020:
https://www.elastic.co/blog/how-to-prevent-elasticsearch-server-breach-securing-elasticsearch

ElasticSearch is "trusted, used, and loved by" #Bayer, #Adobe, #Lenovo, #WalMart, and #Kroeger (https://www.elastic.co/elasticsearch/) and is the featured search utility on #AmazonAWS (https://aws.amazon.com/elasticsearch-service/)

The (strongly justified IMO) attack has removed nearly 4,000 unsecured databases since July 22:

One of the first publicly known examples of a Meow attack is an Elasticsearch database belonging to a VPN provider that claimed not to keep any logs.

https://arstechnica.com/information-technology/2020/07/more-than-1000-databases-have-been-nuked-by-mystery-meow-attack/

I'd really like to hear from #ElasticNV or founder/CEO #ShayBanon. For now, crickets:

https://twitter.com/kimchy

https://twitter.com/elastic

HN: https://news.ycombinator.com/item?id=23957510

SO: https://stackoverflow.com/questions/63067062/elastic-search-indexes-gets-deleted-frequently

Vendor, service, client, and deployment bullshit like this is a major cause of my frustrations (and worse) with the IT industry.

Other targets include #MongoDB #Cassandra #CouchDB #Redis #Hadoop #Jenkins, and unsecured network-attached storage devices (NAS).

Hats off to Meow's authors.

#sysadmin #dbadmin #netadmin #devops #infosec #schadenfreude