According to cybersecurity researchers, there is a growing concern over the vulnerabilities in servers that utilize the Prometheus monitoring tool. Aqua Security has reported that hundreds of thousands of servers and Prometheus exporters are at risk of data leaks and potential attacks due to the absence of proper authentication measures.
An analysis of these exposed servers has revealed that attackers could exploit them to obtain sensitive information, such as accounting data, authentication tokens, and APIs. Specialists from JFROG and SYSDIG have already encountered similar issues in 2021 and 2022. The open endpoints, such as “/Debug/PPROF”, originally intended for memory and processor analysis, are now being exploited as attack vectors.
DOS, which stands for Disk Operating System, was a widely used operating system in the 1980s and early 1990s for personal computers. It was primarily designed to manage operations with hard drives and data storage devices like floppy disks. DOS operated through a command-line interface, allowing users to input commands directly to interact with the computer. Users could run applications, navigate the file system, create and delete files, format disks, and perform various other functions using commands.