Security News > 2024 > August > PostgreSQL databases under attack

Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers.

Internet-exposed PostgreSQL databases are a favorite target of opportunistic cryptojacking groups and, occasionally, extortionists.

"Exposing PostgreSQL directly to the internet is generally considered risky and is not recommended due to security concerns. However, there are a few reasons why some people might do it," Morag told Help Net Security.

"Some organizations or individuals may need to access their PostgreSQL databases from different locations or through different services, making direct internet exposure seem convenient. And sometimes developers temporarily expose a PostgreSQL server during development or testing without considering the security implication."

Some users set up their PostgreSQL server without implementing proper security measures, assuming that default configurations are sufficient, he added.

"To secure access to PostgreSQL databases, implement strong network security by using firewalls, VPNs, or SSH tunnels to restrict access, and ensure all users have strong passwords. Employ audit logs, intrusion detection systems, and secure backups. Additionally, disable unnecessary features and protect against SQL injection in applications," he advises.

News URL

https://www.helpnetsecurity.com/2024/08/21/postgresql-prevent-cryptojacking/