When it's time to talk attacks, it's hard to get more evil than a technique that uses victims' own systems against them. Server-side request forgery (SSRF) is one of those evil attacks, and it's one that cybersecurity pros should be able to recognize if they want to minimize the danger from within.
In an SSRF, the attacker uses the capabilities of the Web server to be tools in the attack itself. And because the Web server tends to be behind the corporate firewall, those attacks can operate without the security scrutiny that external requests and payloads would receive.
The WhyWhy should you care about SSRF? Although it's a direct attack on a Web application, it enables attackers to pivot around a firewall and roll right to the back-end Web server — and from there, who knows what lateral maneuver they might make.
It's also becoming a big problem for cloud providers — and therefore for cloud users. SSRF played an insidious part in some of the more devastating attacks in the news recently, most notably, the Capital One breach that exposed data on over 100 million Americans and 6 million Canadians. (In November, Amazon Web Services boosted its SSRF defenses in the latest version of the EC2 Instance Metadata Service.)
The WhatIn an SSRF, the attacker uses carefully built URLs to manipula ..
Support the originator by clicking the read the rest link below.
