Unprotected MongoDB instance exposes resumes of 202 million Chinese nationals

Rod Soto, director of security research at JASK Inc., noted that incidents like this where a known vulnerable product is exploited raises the question of whether software developers should be mandated to introduce automatic patching of their code. “This general process is already in use today, with operating systems and some web applications where updates are automatic, thus reducing the attack surface of these known-to-be-vulnerable apps that are deployed across the internet,” Soto explained.

Read more here.

Share on