Tag: Elasticsearch
-
MAD-CAT: Simulating Data Corruption Attacks on MongoDB, Elasticsearch, & More
MAD-CAT (Meow Attack Data Corruption Automation Tool) is a comprehensive security tool designed to simulate data corruption attacks against multiple database systems. The tool supports both single-target attacks and bulk CSV-based attack campaigns, with support for both credentialed and non-credentialed attack scenarios. The tool currently supports the following database services: MongoDB (port 27017) Elasticsearch (port 9200) Cassandra (port…
-
Leak Zone Forum’s Own Elasticsearch Database Exposed, Revealing 22M+ User Records
The Leak Zone forum — widely known as a hub for publishing and distributing hacked databases, stolen credentials, and pirated software — has ironically become the source of a major data breach. According to a report published on UpGuard’s official blog, the platform had left its Elasticsearch database exposed to the public without password protection,…
-
Openprovider Suffers Massive Data Leak: Elasticsearch Server Exposed 164GB of Domain & Customer Data for 3 Months
On April 6, 2025, security researcher Bob Diachenko, in collaboration with analysts from the Cybernews team, discovered an unprotected Elasticsearch server belonging to Openprovider. This incident resulted in the inadvertent exposure of critically sensitive data to the public domain. Elasticsearch, a system designed for high-speed data analysis and search, is widely employed for monitoring purposes.…