Registry misconfiguration puts hundreds of top companies at risk

[ad_1]

Misconfigurations in thousands of Red Hat Quay registries, JFrog Artifactory, or Sonatype Nexus artifact registries have been found to expose millions of artifacts and container images on the public internet. Many of these held proprietary code that was classified and highly sensitive, exposing these companies to significant risk of data breaches and cyberattacks.

A new report from the Aqua Nautilus research team finds 250 million artifacts and 65,600 container images exposed, putting five Fortune 500 companies and “thousands of others” at risk.

IBM, Alibaba, Siemens, and Cisco were among the companies at risk, researchers said.

Surprising and Very Concerning

Registries and Artifact Management Systems, “key elements” within the software supply chain, are prime targets for cybercriminals. Aqua Security claims many organizations are unaware or have no control over the sensitive information and secrets leaked into these registries, which could cause major problems for targeted companies if hackers gain access. According to researchers, there are organizations that do not adequately protect these very important environments.

Assaf Morag, Principal Threat Researcher at Aqua Nautilus, said:

Researchers have found sensitive keys such as secrets, credentials, or tokens in 1,400 distinct hosts and secret sensitive addresses of endpoints. (opens in new tab), Redis, MongoDB, PostgreSQL, or MySQL on 156 hosts. In addition, 57 registries were severely misconfigured, 15 of which allowed administrator access with default passwords. Over 2,100 artifact registries had upload permissions.

To protect your facilities and the sensitive data they contain, Nautilus checks whether your registry or artifact management system is exposed to the internet, and anything that is connected to the internet by design for any serious vulnerabilities. We encourage companies to check. Businesses should also ensure that anonymous users are disabled.

[ad_2]

Source link