Ignoring Search Updates are a Security Risk
April 23, 2015
Searching is an essential function for basic Internet use and it is a vital function in enterprise systems. While searching on the Internet with a search engine might not seem like a security risk, the comparable action on enterprise search could be potentially dangerous. Security Enterprises points out the potential security risks in the article, “SearchBlox Vulnerabilities Underscore Importance Of Updating Enterprise Search Tools.”
Recently the Carnegie Mellon Software Engineering Institute CERT Division compiled a list of all the security risks from SearchBlox’s software. They included ways for hackers to view private information, upload files, cross-site (XSS) scripting, and cross-site request forgeries. Enterprise security developers can learn from SearchBlox’s vulnerabilities by being aware and repairing them before a hacker discovers the information leak.
The problem, however, might come from within an organization rather than out:
“Of all the possible threats, the ability for cybercriminals to conduct XSS attacks from within the product’s default search box is likely the most concerning, Threatpost reported. On the other hand, anyone trying to take advantage of such SearchBlox vulnerabilities would need to be an authenticated user, though there is no shortage of stories about insider threats within the enterprise.”
The article alludes that SearchBlox’s vulnerabilities came from day-to-day activities that keep an organization running. Using SearchBlox as an example, other organizations with enterprise systems will be able to learn where their own products need patches so the same issues don’t happen with them. So what do you take away: most hackers are probably insiders and look for holes in the ordinary, everyday routines.
Whitney Grace, April 23, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph