1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Top global network service provider apparently leaks hundreds of

    From TechnologyDaily@1337:1/100 to All on Wed Feb 14 14:00:05 2024
    Top global network service provider apparently leaks hundreds of millions of user accounts

    Date:
    Wed, 14 Feb 2024 13:54:41 +0000

    Description:
    Unprotected databases remain one of the biggest causes of data leaks around.

    FULL STORY ======================================================================

    A top global network service provider kept a database with sensitive internal and customer information unlocked on the internet, available to anyone who knew where to look.

    The breach was discovered by cybersecurity researcher Jeremiah Fowler , who reported it to its operator, who subsequently locked it down.

    The company in question is Zenlayer, a global network services provider with more than 290 data centers across the world, and offices in Mumbai,
    Singapore, Hong Kong, and elsewhere. Valuable data for hackers

    Fowler found a non-password protected database with 380 million records, including Zenlayer internal data and customer information. The database, Fowler says, contained a considerable number of server, error, and monitoring logs, that detailed internal information and customer data.

    Among the databases files were folders with logging records labeled as application, dashboard, vendor, notification, messaging, project management, workflow, and security.

    In one instance, Fowler found a name of a person that might be a dedicated salesperson within Zenlayer, assigned to specific accounts. In another, he found customer records of a company described as a leading provider of international capacity for telecom carriers in Russia. He also saw registration and filing documents which suggested the company was owned, in part, by a Russian state-controlled entity that was sanctioned by the West.

    He also saw logs indicating VPN records and numerous IP addresses which, Fowler speculates, could be used by threat actors to map the network,
    identify potential targets, and plan for a future cyberattack.

    While Zenlayer locked the database down as soon as Fowler reached out, the company never got back to him with any details. At press time, we didnt know just how long the database went unprotected, or if anyone, potentially a malicious player, accessed it before. We also dont know how many people, or organizations, could be affected by this misconfiguration. We have reached
    out to Zenlayer with a few questions and will update the article if we get a reply. More from TechRadar Pro Major data breach exposes database of 200 million users Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/top-global-network-service-provider-app arently-leaks-hundreds-of-millions-of-user-accounts


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)