Get a Pentest and security assessment of your IT network.

Cyber Security

Severe Flaw Disclosed In StackStorm DevOps Automation Software

A security researcher has discovered a severe vulnerability in StackStorm, aka “IFTTT for Ops,” a powerful event-driven automation tool. The vulnerability resides in the way the StackStorm REST API improperly handled CORS (cross-origin resource sharing) headers. To exploit this vulnerability, an attacker simply needs to send a maliciously-crafted link to a victim, allowing it to “read/update/create actions and workflows, get internal IPs and execute a command on each machine”

Source: https://thehackernews.com/2019/03/stackstorm-security-vulnerability.html

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation