Hacking, AppSec, and Bug Bounty newsletter
2018-08-30 | Ibis hotel chain owner reports breach, SSRF is the new RCE, and Sensitive data exposure via WiFi broadcasts in Android OS
Thursday, August 30
Bad news if you took a recent trip flying Air Canada and stayed at an Ibis hotel: BBC reports Air Canada app data breach involves passport numbers and Huazhu Hotels, one of the largest Chinese hotel chains operating brands like Ibis, disclosed a breach affecting millions. Developers at Huazhu reportedly uploaded a 140GB database with PII to a public GitHub repo.
TWEET OF THE DAY
SSRF is the new RCE. In a world where credentials can be read over HTTP, without L7 auth, it's very important to validate the Hostnames and IP Ranges you connect to. - @ejcx_
OTHER ARTICLES WE’RE READING
Veloxity researchers share data that shows active exploitation of the new Apache Struts Vulnerability CVE-2018-11776 to mine cryptocurrency.
Sensitive Data Exposure via WiFi Broadcasts in Android OS [CVE-2018-9489] reported by Nightwatch researchers.
Serious inquiries only: MrRobotBadge is looking for people with 10 years of blockchain experience.
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: email@example.com
With regard to the AWS AssumeRole brute-forcing, there is a way to identify the existence of roles in one accounts from another account without it appearing in CloudTrail logs. You can also bruteforce account IDs without an account at all. So many dark secrets in AWS.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.