Selections from the top news items this week in the world of identity and application security. Thousands of etcd installs are leaking secret server keys online From ZDNet: According to security researcher Giovanni Collazo, a quick query made through the Shodan search engine revealed a total of 2,284 etcd servers which are leaking credentials, including the passwords and keys required for cms_admin, mysql_root, and postgres server infrastructure. Collazo said at least 750mb of leaked data is available online. Deconstructing the DOJ Iranian Hacking Indictment From Dark Reading: On March 23, the United States Justice Department unsealed an indictment against nine attackers operating out of Iran, believed to be working on behalf of the Iranian government. The indictment outlined the tools and techniques used, who was targeted, what the attackers were after, and how successful they were in compromising their targets. A new data leak hits Aadhaar, India's national.