Security News > 2021 > December > Apache Kafka Cloud Clusters Expose Sensitive Data for Large Companies

Kafdrop is a management interface for Apache Kafka, which is an open-source, cloud-native platform for collecting, analyzing, storing and managing data streams.

It connects and maps existing Kafka clusters automatically, Spectral researchers explained, allowing users to manage topic creation and removal, as well as "Understand the topology and layout of a cluster, drilling into hosts, topics, partitions, and consumers. It also allows you to sample and download live data from all topics and partitions, acting as a legitimate Kafka consumer."

Exposure of log and transactional data - everything from sensitive traffic records to financial transactions, and internal database records to sensitive app payloads.

Additional access to other parts of the corporate cloud/network by injecting specially crafted messages into Kafka; Kafka can connect to external systems for data import/export.

"Since Kafka serves as a data hub and central processing system for mission-critical data, an exposed cluster risks every facet of the organization," researcher noted.

Cloud misconfigurations are increasingly common, with data leaks nearly endemic among public cloud storage buckets.

News URL

https://threatpost.com/apache-kafka-cloud-clusters-expose-data/176778/