Elasticsearch Clusters Face Attacks From Multiple Hacker Groups

itwbennett writes: If you're running Elasticsearch 1.4.2 and lower, you should make sure your patches are up to date. That's because researchers from Cisco's Talos group have 'detected an increase in attacks targeting unsecured Elasticsearch clusters.' At least six different groups are responsible for the increase, each deploying different malware, but regardless of the method, the potential impact of a breach is huge because Elasticsearch is designed to work with big data and companies use it to process sensitive data. 'Given the size and sensitivity of the data sets these clusters contain, the impact of a breach of this nature could be severe,' the Talos researchers warned.

Read more of this story at Slashdot.