February 15, 2017

The MongoDB Exploit with Niall Merrigan

Listen Later

29 minutes

Are your noSQL stores safe? While at NDC London, Richard chatted with Niall Merrigan about the latest wave of exploits targeting MongoDB, ElasticSearch and others. As Niall explains, the challenge is that the default security models for many of these products leaves them vulnerable to outside attack. As these attacks have progressed, they have presented themselves as ransomware - data is removed and a bitcoin account offered up to restore the data. However, to date, even when the ransoms are paid, no data is restored. Apparently there is no honor among thieves. Now is a great time to review your security vulnerabilities, and Niall suggests looking at your systems the same way hackers do, through tools like Shodan. Give yourself a security checkup!

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

RunAs Radio

By Richard Campbell

4.6

8282 ratings

February 15, 2017

The MongoDB Exploit with Niall Merrigan

Listen Later

29 minutes

Are your noSQL stores safe? While at NDC London, Richard chatted with Niall Merrigan about the latest wave of exploits targeting MongoDB, ElasticSearch and others. As Niall explains, the challenge is that the default security models for many of these products leaves them vulnerable to outside attack. As these attacks have progressed, they have presented themselves as ransomware - data is removed and a bitcoin account offered up to restore the data. However, to date, even when the ransoms are paid, no data is restored. Apparently there is no honor among thieves. Now is a great time to review your security vulnerabilities, and Niall suggests looking at your systems the same way hackers do, through tools like Shodan. Give yourself a security checkup!

...more

More shows like RunAs Radio

Software Engineering Radio - the podcast for professional software developers by team@se-radio.net (SE-Radio Team)

Software Engineering Radio - the podcast for professional software developers

273 Listeners

Hanselminutes with Scott Hanselman by Scott Hanselman

Hanselminutes with Scott Hanselman

382 Listeners

.NET Rocks! by Carl Franklin and Richard Campbell

.NET Rocks!

37 Listeners

The Changelog: Software Development, Open Source by Changelog Media

The Changelog: Software Development, Open Source

289 Listeners

This Week in Tech (Audio) by TWiT

This Week in Tech (Audio)

3,055 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,007 Listeners

MacBreak Weekly (Audio) by TWiT

MacBreak Weekly (Audio)

2,012 Listeners

Windows Weekly (Audio) by TWiT

Windows Weekly (Audio)

885 Listeners

Tech News Weekly (Audio) by TWiT

Tech News Weekly (Audio)

1,074 Listeners

Intelligent Machines (Audio) by TWiT

Intelligent Machines (Audio)

780 Listeners

The a16z Show by Andreessen Horowitz

The a16z Show

1,094 Listeners

Daily Tech News Show by Tom Merritt

Daily Tech News Show

1,392 Listeners

Smashing Security by Graham Cluley

Smashing Security

320 Listeners

.NET Rocks! by Carl Franklin and Richard Campbell

.NET Rocks!

243 Listeners

The Stack Overflow Podcast by The Stack Overflow Podcast

The Stack Overflow Podcast

64 Listeners

2.5 Admins by The Late Night Linux Family

2.5 Admins

97 Listeners