InfoSecBulletin Cybersecurity for mankind
On a report titled “Surge on Web defacement and web application related vulnerabilities targeting Bangladesh” BGD e-GOV CIRT said, web defacement attacks and the exploitation of web application vulnerabilities are a growing trend in Bangladesh.
These weaknesses can be used for phishing attacks, spreading malware, and creating backdoors for continuous access, further endangering the security of the affected websites. Websites and applications use environment or configuration files to manage content and specify data locations. Alterations to these files can indicate a security breach or defacement attack. 73% of all identified web vulnerabilities are found in websites and IoT devices accessed through basic HTTP authentication.
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora
Australia enacts mandatory ransomware payment reporting
Why Govt Demands Foreign CCTV Firms to Submit Source Code?
CVE-2023-39780
Botnet hacks thousands of ASUS routers
Bangladesh Bank instructed using AI to prevent online gambling
251 Amazon-Hosted IPs Used in Exploit Scan for ColdFusion, Struts, and Elasticsearch
Zero-Trust Policy bypass to Exploit Vulns & Manipulate NHI Secrets
Evaly E-commerce Platform Allegedly Hacked
Exploitable Vulns in Canon Printers Allow Gaining Admin Privileges
184 Million Leaked Credentials Discovered in Open Database
CIRT report highlighted the web vulnerabilities associated it assets/products used by Bangladeshi organizations. In the report CIRT mentioned numerous worlds’ renowned vendors names and CVE’s related to their products and the severity.
According to CIRT report, VMware CVE’s (33.11%) mostly affect Bangladeshi organization. Zimbra is in the 2nd position with 27.03% CVE’s and Roundcube with 17.23 % CVE’s is in 3rd position in the chart.
CIRT said for some common causes such incident happened including outdated software, weak credentials, poor configuration, lack of security updates and insecure code.
According to CIRT, hackers attack such sites using remote file inclusion (RFI), SQL injection, cross-site scripting, (XSS), Brute force attack and expiating vulnerable software.
CIRT mentioned some effective remediation strategies to mitigate these vulnerabilities, including Parameterized Queries and ORM (SQL Injection), Input Validation and Sanitization, Output Encoding (XSS), Content Security Policy (CSP) (XSS), Patch Management, Web Server Configuration and to Follow OWASP Guidelines. Implementing these strategies can significantly enhance web security and protect against defacement attacks.
