34 C
Jaipur
Tuesday, October 20, 2020

250,000 Legal Document Leaked Online via Unsecured AWS Cluster

Must read

Ahmedabad Top Indian City for Mobile Gaming, Suggests OpenSignal Study

Mobile analytics platform OpenSignal recently conducted an analysis of the network experience across 48 Indian cities when it comes to gaming. OpenSignal ranked these...

Chrome Allows Google, YouTube to Bypass Settings and Keep Tracking Users

An alleged bug in Google’s Chrome web-browser apparently allows the US tech giant to continue tracking its users even after it has been explicitly...

How to Remove Data Plan from Apple Watch

If you have had a cellular Apple Watch, chances are you already have it set up with your data plan. However, if, like me,...

Security researchers discovered 257,287 legal documents from unprotected Elasticsearch cluster that hosted on a US-based Amazon AWS server.

The unprotected sensitive documents labeled as “not designated for publication‘” and the data contains 4.7GB highly sensitive legal documents.

Further investigation reveals that the data managed by Lex Machina, an IP litigation research company and division of LexisNexis.

LexisNexis responsible for develops legal analytics data and software, and sent them a security notification alert.

This unprotected Elasticsearch cluster discovered by Bob Diachenko, security researcher from securitydiscovery and the research is part of
identify and alert organizations that are misconfiguring noSql databases, such as MongoDB, CouchDB, Elasticsearch etc.

All the 250K sensitive documents were publicly available at the time when researcher discovered this unprotected Elasticsearch cluster let any one can access the all the files.

Researcher said, “However, upon a closer look at the cluster’s digital footprint, I tend to assume that database in question was handled by a company named LexSphere (based in India) which provides legal outsourcing services to a law firm  called LexVisio.”

These unprotected server allows cyber criminals to take control the complete systems admin privilege and also high possibilities to install the malware and ransomware even attackers execute the code to take control the server remotely to steal and destroy the stored files.

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Ahmedabad Top Indian City for Mobile Gaming, Suggests OpenSignal Study

Mobile analytics platform OpenSignal recently conducted an analysis of the network experience across 48 Indian cities when it comes to gaming. OpenSignal ranked these...

Chrome Allows Google, YouTube to Bypass Settings and Keep Tracking Users

An alleged bug in Google’s Chrome web-browser apparently allows the US tech giant to continue tracking its users even after it has been explicitly...

How to Remove Data Plan from Apple Watch

If you have had a cellular Apple Watch, chances are you already have it set up with your data plan. However, if, like me,...

Mi Watch Color Sports Edition with Blood Oxygen Monitoring Launched in China

Xiaomi unveiled the Mi Watch Color in China earlier this year. It has since found its way to India as the Mi Watch Revolve....