Join our subscribers
Mass Exploitation of vBulletin Flaw Raises Alarm
Friday, September 27, 2019
An attacker can pull specific files on the target to get a complete list of all user accounts on the Linux host, he adds.
Ilia Kolochenko, founder and CEO of Web security firm ImmuniWeb, says the vBulletin flaw is likely to trigger numerous automated hacking and Web server back-dooring campaigns.
"Attackers can take full control of the Web server on which the vulnerable forum is located and potentially expand their control to all the interconnected systems in the network," he cautions.
Criminals might try to reuse admin and user passwords on other systems. Or they could try and conduct sophisticated spear-phishing campaigns against forum users or infect forum pages with malware and compromise the systems of those using those forums.
"Many cyber gangs will not miss such a windfall and pass by such low-hanging fruit," Kolochenko says. Many groups are fully equipped to launch mass exploitation campaigns within minutes of a zero-day public disclosure. "There are cybergangs that sell lists of global websites running specific Web software. All they need to do is to buy a recent list, adopt the exploit and start getting Web shells." Read Full Article
ComputerWeekly: Attackers breached supplier systems to steal Airbus secrets
SC Media: Reports: Actively exploited zero-day found in vBulletin forum software
