Scanning 2.6 Million Domains for Exposed .Env Files | allinfosecnews.com

Nov. 10, 2022, 3:06 p.m. | sdcat

Hacker Noon - cybersecurity hackernoon.com

A software developer scanned 2.6 million domains for exposed.env files. He found 135 database users and passwords, 48 e-mail user accounts with passwords, 11 live credentials for payment providers (like Stripe or Paypal) 98 secret tokens for different APIs and 128 app secrets. The dangerous aspect is that the passwords and secrets are in unencrypted form in the.env file. When the web server is misconfigured and this.env file is delivered by the web. server, anyone can. query this data.

cyber security cybersecurity database debugging devops domains environment-variables exposed files hackernoon-top-story scanning software development

More from hackernoon.com / Hacker Noon - cybersecurity

The Journey into Digital Forensics: Exploring Career Opportunities (Revealing Insights) 1 day, 16 hours ago | hackernoon.com

applications breaches career career advice +34

Xiid SealedTunnel: Unfazed By Yet Another Critical Firewall Vulnerability (CVE-2024-3400) 2 days, 4 hours ago | hackernoon.com

access access rights common vulnerability scoring system critical +29

Waiting for Your Tax Refund? Don't Fall for These Scams 2 days, 7 hours ago | hackernoon.com

account cybersecurity debt don +19

GenAI - Soon to Be Great for Automating Dumb Attacks 2 days, 22 hours ago | hackernoon.com

ai-cyber-attack ai risks attacks cyber +16

The Noonification: UX Considerations for Better Multi-Factor Authentication (4/12/2024) 1 week ago | hackernoon.com

100-days-of-ai apache-apisix authentication cybersecurity +11

Unlocking IaC Part 5: What Is Git Branching? 1 week, 1 day ago | hackernoon.com

back bugs code codebase +20

UX Considerations for Better Multi-Factor Authentication 1 week, 1 day ago | hackernoon.com

accounts adaptive authentication authentication authentication methods +22

XDR: Trends and Predictions for 2024 1 week, 1 day ago | hackernoon.com

and predictions cybersecurity cybersecurity 2024 cybersecurity trends +7

The Rise of Business VPNs and SASE: Securing the Evolving Enterprise Landscape 1 week, 2 days ago | hackernoon.com

access article business businesses +25

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Security Solution Architect

@ Civica | London, England, United Kingdom

View on infosec-jobs.com

Information Security Officer (80-100%)

@ SIX Group | Zurich, CH

View on infosec-jobs.com

Cloud Information Systems Security Engineer

@ Analytic Solutions Group | Chantilly, Virginia, United States

View on infosec-jobs.com

SRE Engineer & Security Software Administrator

@ Talan | Mexico City, Spain

View on infosec-jobs.com