""Finding a 4TB SQL backup exposed to the public internet is like finding the master blueprint and the physical keys to a vault, just sitting there," it said. "With a note that says 'free to a good home.' [The lead researcher had] investigated breaches that started with less. Way less. He once traced an entire ransomware incident back to a single web.config file that leaked a connection string. That was 8 kilobytes. This was four terabytes."
"The researcher, who was not named in the company's report, downloaded the first thousand bytes of the file and found that the BAK file was also unencrypted. It became exposed via a classic cloud bucket misconfiguration. Neo Security said the case was reminiscent of a similar breach it saw years ago when investigating a ransomware case. In that case, one of its engineers was caught being lazy during a database migration."
Neo Security's lead researcher discovered a 4TB+ unencrypted Microsoft SQL Server .BAK backup belonging to EY publicly exposed due to a cloud storage bucket misconfiguration. The backup contained API keys, cached authentication tokens, session tokens, service account passwords, and user credentials, exposing critical access and proprietary information. The researcher downloaded initial bytes to confirm the file was unencrypted. The exposure resembled prior incidents where brief public bucket access allowed automated attackers to harvest full backups, credentials, and trade secrets. Short public exposures can enable rapid automated compromise and severe business consequences.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]