Server-Side Request Forgery Attack Explained: Definition, Types, Protection

A Server-Side Request Forgery attack is a security vulnerability in which a hacker tricks a server into accessing unintended resources on his behalf. An SSRF attack can lead to sensitive information being leaked or the attacker gaining control of other systems. If they succeed to make the server establish connections to random external systems, threat actors will be able to read or update internal resources. The attackers may then be able to read server configuration information like AWS metadata, connect to internal services like HTTP-enabled databases, or send post requests to internal services that are should not be exposed. The HTTP protocol is not the only support for SSRF. The first request is usually made using HTTP, but if it is the app that makes the second request, then other protocols: FTP, SMB, SMTP, etc. Data leakage and authorization credentials exposure are among the possible results of an SSRF attack. During a server-side request forgery attack, the server is tricked into making HTTP requests to internal resources or other servers on behalf of the attacker. This is done by crafting a custom-made URL that the server will access and then return the result to the attacker. In the process, it exposes sensitive information or allows the hacker to access the resources. Simply put, the server's trust in the client's request enables the threat actor to bypass security measures and access protected resources. What`s at Risk If You Fall Victim to an SSRF attack? Authentication credentials - unfortunately, SSRFs can also be used to retrieve authentication credentials, such as passwords or API keys, and use them for further attacks. Depending on the server's response to the initial request, there are three types of SSRF attacks. Blind SSRF. In this instance, the original request returns no information about the target service. The adversary will give a URL, but he will not receive any data from it. He will have to use a vulnerability detection tool to check if the server is vulnerable. This can be achieved by determining it to make DNS or HTTP queries to a server he already controls. Semi-Blind SSRF. Unlike the blind SSRF, the semi-blind instance does return some information, so the adversary gains access to some data, but not the entire lot. An error message and metadata about a request, like response times, are some examples. While this kind of result is enough to validate the vulnerability it doesn`t expose any sensitive data. Non-Blind SSRF. The most harmful of all is usually the non-blind SSRF, as data from an arbitrary URL can be exfiltrated and sent to the threat actors who made the query. The non-blind SSRF enables hackers access to information that will help them launch other attacks. Practicing prevention is always wiser, and more convenient, than waiting for the threat actors to make the first move. By developing and implementing our innovatory Heimdal solutions we help organizations protect their servers and networks against SSRF attacks and other harmful actions. With 96% accuracy in predicting future threats, our solution enables you to spot any malicious URLs that could mess up your system. The DarkLayer Guard 2-way traffic filtering engine included in Heimdal`s Threat Prevention - Endpoint solution offers professional white/blacklisting, which is one of the largely recommended security measures against SSRF attacks. DarkLayer Guard helps your team block unwanted network communication to reduce Zero Hour exploits, Ransomware C&C's, next-gen attacks, and data leakages. By using the intelligence that it gains when blocking threats at the DNS, HTTP, and HTTPS level, DarkLayer Guard empowers you to stop active attacks and also speed up the forensic process. It tracks down and helps reinforce against potential threats any vulnerable endpoints your organization may have. Wrapping Up. Although this kind of attack is not as common as others, SSRF vulnerabilities remain a risk factor even for experienced brands. Not later than last year, cyber researchers discovered four of Microsoft Azure`s Services were vulnerable to full server-side request forgery attacks. In that instance, the security issues were patched in a timely manner, but obviously it is not always the case. Prevention remains the smartest aproach in tackling DNS server and network security. If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics. If you liked this post, you will enjoy our newsletter. Get cybersecurity updates you'll actually want to read directly in your inbox.

This Cyber News was published on heimdalsecurity.com. Publication date: Thu, 02 Feb 2023 09:56:02 +0000


Cyber News related to Server-Side Request Forgery Attack Explained: Definition, Types, Protection

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Server-Side Request Forgery Attack Explained: Definition, Types, Protection - A Server-Side Request Forgery attack is a security vulnerability in which a hacker tricks a server into accessing unintended resources on his behalf. An SSRF attack can lead to sensitive information being leaked or the attacker gaining control of ...
1 year ago Heimdalsecurity.com
Imperva Client-Side Protection Mitigates the Polyfill Supply Chain Attack - The recent discovery of a website supply chain attack using the cdn. Polyfill.io domain has left many websites vulnerable to malicious code injection. Once a trusted resource for adding JavaScript polyfills to websites, the domain has recently become ...
5 months ago Imperva.com
What is Azure Identity Protection and 7 Steps to a Seamless Setup - As a result, tools such as Microsoft's Azure Identity Protection have become a staple in protecting against compromised identities, account takeover, and misuse of privileges. Azure Identity Protection is a security service that provides a robust ...
7 months ago Securityboulevard.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
2 months ago Aws.amazon.com
CVE-2021-22283 - Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB ...
1 year ago
Attack Vector vs Attack Surface: The Subtle Difference - Cybersecurity discussions about "Attack vectors" and "Attack surfaces" sometimes use these two terms interchangeably. This article guides you through the distinctions between attack vectors and attack surfaces to help you better understand the two ...
1 year ago Trendmicro.com
Mozilla decides Trusted Types is a worthy security feature The Register - Mozilla last week revised its position on a web security technology called Trusted Types, which it has decided to implement in its Firefox browser. The browser biz will help reduce a longstanding form of web attack that relies on injected code. ...
1 year ago Go.theregister.com
Mozilla decides Trusted Types is a worthy security feature The Register - Mozilla last week revised its position on a web security technology called Trusted Types, which it has decided to implement in its Firefox browser. The browser biz will help reduce a longstanding form of web attack that relies on injected code. ...
1 year ago Packetstormsecurity.com
Data Protection in Educational Institutions - This article delves into the significance of data protection in educational institutions, emphasizing three key areas: the types of educational data, data privacy regulations, and data protection measures. Lastly, robust data protection measures are ...
1 year ago Securityzap.com
Unified API Protection - A massive segment of organizations' digital footprint today is built around internal and external APIs. As more IT leaders realize and acknowledge the size of APIs' influence, it's become clear that new methods are needed to secure those APIs. While ...
1 year ago Cequence.ai
8 Common Types of Firewalls Explained & When to Use Each - The eight types of deployable firewalls include traditional network firewalls, unified threat management, next-generation firewalls, web application firewalls, database firewalls, cloud firewalls, container firewalls, and firewalls-as-a-service. ...
11 months ago Esecurityplanet.com
Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
5 months ago Pandasecurity.com
Securing the Digital Frontier - As we navigate through a world brimming with data, understanding the evolving landscape of data protection is not just a necessity but a responsibility. This intricate dance among technology, societal norms, and regulatory frameworks shapes our ...
10 months ago Feeds.dzone.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
1 year ago Trendmicro.com
Definition from TechTarget - Cyber attacks aim to disable, disrupt, destroy or control computer systems or to alter, block, delete, manipulate or steal the data held within these systems. They're identified as nation-state attackers, and they've been accused of attacking the IT ...
1 year ago Techtarget.com
Microsoft tests Windows 11 encrypted DNS server auto-discovery - Microsoft is testing support for the Discovery of Network-designated Resolvers internet standard, which enables automated client-side discovery of encrypted DNS servers on local area networks. Without DNR support, users must manually enter the info ...
1 year ago Bleepingcomputer.com
Cybersecurity Compliance: Understanding Regulatory Frameworks - Data breaches continue to increase year over year: there was a 20% increase in data breaches from 2022 to 2023 and globally and there were twice the number of victims in 2023 as compared to 2022. Compliance frameworks vary by industry, region, and ...
8 months ago Offsec.com
What Is Cloud Workload Security? Ultimate Guide - Cloud workload security, or cloud workload protection, refers to the tools and policies used to protect apps, services, and resources that run on cloud infrastructure. Your organization can manage cloud workload security through coordination across ...
5 months ago Esecurityplanet.com
7 Best Attack Surface Management Software for 2024 - Attack surface management is a relatively new cybersecurity technology that combines elements of vulnerability management and asset discovery with the automation capabilities of breach and attack simulation and applies them to an organization's ...
1 year ago Esecurityplanet.com
10 Most Common Types of Cyber Attacks in 2023 - Cyber attacks are evolving rapidly with advancements in technology, as threat actors exploit new vulnerabilities in:-. The expansion of Internet of Things devices provides new attack surfaces to the threat actors. Here below we have mentioned all the ...
11 months ago Gbhackers.com
Attack Surface Management: What is it? Why do you need it? - Traditional asset inventory and vulnerability management software can't keep up to date with the growing attack surface and morphing vulnerabilities. Contrary to other cybersecurity software, Attack Surface Management software operates from a ...
1 year ago Securityboulevard.com
Survey Surfaces Willingness to Switch Data Protection Platforms - A survey of 1,200 IT leaders conducted by Veeam Software suggests expectations of what a modern data protection platform should be able to address are changing. Top capabilities now being evaluated include the ability to use production data for ...
10 months ago Securityboulevard.com
Detectify platform enhancements address growing attack surface complexity - Detectify announced a new Domains page and major improvements to existing capabilities for setting custom attack surface policies. These updates bring control over attack surface data and enable organizations to seamlessly configure alerts for policy ...
6 months ago Helpnetsecurity.com
CVE-2024-47813 - Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a `wasmtime::Engine`'s internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially ...
2 months ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)