So the Kremlin have required that any financial institution operating in Russia provide them with an administrator account. Said account credentials were all stored on a default credential MongoDB account. And here I thought Russia implemented good OpSec

@aussierockman its very funny as US news sites write that all these credentials were used by russian government, and russian media write that it is MongoDB who created and used backdoor :)

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.