Blog
Share This Post
[ad_1]
More than 330,000 internet-exposed Prometheus monitoring and alerting toolkit servers and exporters could be subjected to data exfiltration and denial-of-service attacks due to improper authentication and exposed “debug//pprof” endpoints, respectively, reports The Hacker News.
Aside from disrupting servers through a deluge of requests to “debug/pprof/heap” and other endpoints, attackers could also exploit Prometheus’ “metrics” endpoint to obtain information from internal API endpoints, Docker registries, subdomains, and images that could be leveraged for reconnaissance efforts, according to an analysis from Aqua Security’s Nautilus threat researchers. Additional findings revealed eight Prometheus exporters to be susceptible to repojacking intrusions. “Unsuspecting users following the documentation could unknowingly clone and deploy this malicious exporter, leading to remote code execution on their systems,” said researchers, who urged the immediate implementation of sufficient authentication approaches and limited public access for Prometheus servers and exporters. Organizations have also been recommended to track endpoints and adopt repojacking mitigations.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
