A large-scale unauthenticated scraping of publicly available and non-secured endpoints from older versions of Prometheus event monitoring and alerting solution could be leveraged to inadvertently leak sensitive information, according to the latest research.
“Due to the fact that authentication and encryption support is relatively new, many organizations that use Prometheus haven’t yet enabledRead More – The Hacker News

By |2021-10-14T11:19:16-04:00October 14th, 2021|