A critical SQL flaw that requires no authentication and may be exploited on card skimmers is identified on Magneto eCommerce solutions used by more than 300K customers.
Bug leads to security risk: https://t.co/9Bs9RtigMN #skimming #security #Magento
— CF Webtools (@cfwebtools) March 29, 2019
Experts Comments Below:
Ilia Kolochenko, CEO at High-Tech Bridge:
Recently discovered, mass exploitation in the wild is probably a tip of the iceberg, as professional Black Hat groups could have already started the exploitation a couple of days ago or even earlier. Frequently, skilled attackers may even patch the vulnerability to preclude “competitors” from breaching the same target.
All Magento website owners should urgently update their systems and check the web server and all other available logs for IoC (indicator of compromise). In case of a merest suspicion, detailed forensics should be conducted to determine whether the system was breached. These days, cybercriminals know how to cover their tracks, however, they may unwittingly suppress too much evidence and thereby expose their presence.”
Eoin Keary, CEO and Co-founder at edgescan:
To prevent SQL injections, developers should use a method called parameterization, which essentially causes external and user data to be treated as objects, rather than code, which is what causes SQL injection. Web Application Firewall – if appropriately configured – can also prevent SQL injection on known related vulnerabilities (which, according to the edgescan vulnerability stats report, account for 5.5% of all vulnerabilities discovered in 2018).
Finally, it is important to change the default settings of web applications, which often have a high privilege access to databases, to least privilege, which ensures some resilience against attackers.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.