Author

Topic: MongoDB comprimised (Read 185 times)

sr. member
Activity: 406
Merit: 330
January 22, 2024, 04:18:10 AM
#6
The attack on MongoDB that happened last month was against their corporate systems.
The vulnerability that seoincorporation mentioned was against the DB server that you host yourself. (and it's been patched)

Yes there are ways to test against it, but you are going to have to do some digging through the code.

And, since it's only on Mac / Windows and it's because it's not verifying some certificates properly that means that you have your DB server exposed to the public internet without having some security in front of it that will filter for this attack. And why would you be hosting a public DB server on Mac or Windows anyway?

-Dave

you can send me the code, i want dig with you Cheesy
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
January 21, 2024, 09:05:22 AM
#5
The attack on MongoDB that happened last month was against their corporate systems.
The vulnerability that seoincorporation mentioned was against the DB server that you host yourself. (and it's been patched)

Yes there are ways to test against it, but you are going to have to do some digging through the code.

And, since it's only on Mac / Windows and it's because it's not verifying some certificates properly that means that you have your DB server exposed to the public internet without having some security in front of it that will filter for this attack. And why would you be hosting a public DB server on Mac or Windows anyway?

-Dave
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
January 07, 2024, 04:36:58 AM
#4
Fuck, I guess it's time to finally turn on the MFA for Atlas.  Sad
sr. member
Activity: 406
Merit: 330
January 07, 2024, 02:00:21 AM
#3
Is there a way to test the vulnerability or replicate the error?
legendary
Activity: 3346
Merit: 3130
December 24, 2023, 11:56:42 AM
#2
I was looking at the CVE list for MongoDB and a couple of months ago there was a vulnerability that only affects Windows or macOS, but in the risk ranking it was 7.5.

https://www.cvedetails.com/cve/CVE-2023-1409/

In this attack that Vod mentioned was the company that got exploited, and their customers' data, but there is no information on how the attack happened, even could be an inside job, who knows. But that doesn't mean we can't trust the software anymore, with the right configuration should be secure enough.

By the way, this is important for the crypto community because tons of crypto projects use this DB to store the blockchain, these are some examples:

https://github.com/Iamparsa/DogeCoinDBSync
https://github.com/thelinuxkid/bitcoinquery
Vod
legendary
Activity: 3668
Merit: 3010
Licking my boob since 1970
December 19, 2023, 01:28:57 PM
#1
For those of you that use databases in their project:

Quote
MongoDB is investigating a security incident involving unauthorized access to certain MongoDB corporate systems. This includes exposure of customer account metadata and contact information. At this time, we are NOT aware of any exposure to the data that customers store in MongoDB Atlas.

We detected suspicious activity on Wednesday (Dec. 13th, 2023) evening US Eastern Standard Time and immediately activated our incident response process. We are still conducting an active investigation and believe that this unauthorized access has been going on for some period of time before discovery. We have also started notifying relevant authorities.

What should you do next?

Since we are aware that some customer account metadata and contact information was accessed, please be vigilant for social engineering and phishing attacks.
If not already implemented, we encourage all customers to activate phishing-resistant multi-factor authentication (MFA) and regularly rotate passwords.
MongoDB will continue to update mongodb.com/alerts with additional information as we continue to investigate the matter.
Jump to: