So the Kremlin have required that any financial institution operating in Russia provide them with an administrator account. Said account credentials were all stored on a default credential MongoDB account. And here I thought Russia implemented good OpSec https://yro.slashdot.org/story/19/02/02/025259/the-kremlins-remote-access-credentials-left-thousands-of-businesses-exposed-for-years?utm_source=rss1.0mainlinkanon&utm_medium=feed
@aussierockman ah c'mon, they're just messing with us!
@aussierockman its very funny as US news sites write that all these credentials were used by russian government, and russian media write that it is MongoDB who created and used backdoor :)
A Mastodon instance for info/cyber security-minded people.