Security risk warning on Elasticsearch
Recently, hacker groups launched a massive attack with extortion software on MongoDB data. Following the incident, hacker groups paid attention to Elasticsearch again. The incident may pose a security risk to the servers with Elasticsearch installed if there is no special security configuration on them.
If your servers are not directly exposed on the public network, Please assess your security status as soon as possible, and tighten such high risk services with Alibaba Cloud security group firewall policy. In order to avoid data loss, please do not expose them on the internet.
Please refer to the link below for specific vulnerabilities and fixes.
Part 1: https://intl.aliyun.com/notice/elasticsearch_info
Part 2: https://intl.aliyun.com/notice/elasticsearch_info2
Meanwhile, we would also like to remind you that, long with stronger confrontation with blackmailing, hackers may use other methods to launch the next wave of intrusions. We would recommend that you check your security issues and vulnerabilities as soon as possible. We will also be focusing on the future situation and keep you posted.
If you have any question, please contact us by ticket.