November 17, Securityweek – (International) Poor backend security practices expose sensitive data. Researchers at the Technical University of Darmstadt in Germany discovered more than 18.6 million records of security risks associated with the use of Backend-as-a-Service (BaaS) offerings including extrapolation of an ID and an undisclosed key for authentication from a victims’ mobile application that allows attackers access to the backend with the same privileges as the application. Source
November 17, Securityweek – (International) Flaw in D-Link switches exposes corporate networks: Researchers. Security researchers from Elastica’s Cloud Threat Labs discovered a flaw in DGS-1210 Series Gigabit Smart Switches from D-Link that can be exploited by remote attackers to access backup files found on the flash memory and the web server, where log and configuration files are stored, with any authentication credentials if the attackers identify the targeted device’s Internet Protocol (IP) address. Source
November 17, Help Net Security – (International) Cyber crooks actively hijacking servers with unpatched vBulletin installations. Symantec researchers discovered that attackers are using a patched zero-day flaw that affects vBulletin Connect versions 5.1.4 through 5.1.9, to remotely execute code on a vulnerable server by first downloading and executing a multipurpose malicious shell script, filesender1.sh onto a vulnerable server via a single Hypertext Transfer Protocol (HTTP) request. Source
November 17, Securityweek – (International) Automation fuels onslaught of web app attacks: Report. Imperva released its Web Application Attack Report (WAAR) revealing that more than 75 percent of analyzed applications were targeted by automated attacks via SQL injection (SQLi), remote file inclusion (RFI), remote code execution (RCE), directory traversal (DT), cross-site scripting (XSS), spam, file upload (FU), and Hypertext Transfer Protocol (HTTP) reconnaissance, to compromise users and steal sensitive information as cybercriminals leverage automated tools, making SQL injections attacks 3 times higher this year than previous years. Source