Configuration snafu exposes passwords for two million marijuana growersPosted by On

rolling a joint


Screengrab of the GrowDiaries website

GrowDiaries, an online community where marijuana growers can blog about their plants and interact with other farmers, has suffered a security breach in September this year.

The breach occurred after the company left two Kibana apps exposed on the internet without administrative passwords.

Kibana apps are normally used by a company’s IT and development staff, as the app allows programmers to manage Elasticsearch databases via a simple web-based visual interface.

Due to its native features, securing Kibana apps is just as important as securing the databases themselves.

But in a report published today on LinkedIn, Bob Diachenko, a security researcher known for discovering and reporting unsecured databases, said GrowDiaries failed to secure two of its Kibana apps, which appear to have been left exposed online without a password since September 22, 2020.

Diachenko says these two Kibana apps granted…

Original Author Link click here to read complete story..



Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.