Slack has fixed a bug that allowed attackers to hijack user accounts by tampering with their HTTP sessions. The flaw could have allowed attackers to pilfer users’ cookies, giving them full account access. They could also have automated those attacks at scale, said the researcher who
discovered it, Evan Custodio.
The bug uses a sneaky trick called HTTP smuggling, which takes advantage of how back-end servers process requests using this protocol. Browsers use HTTP to ask web servers for pages and other resources. Those requests generally go through multiple servers. A front-end proxy server might send it to one of several back-end servers, for example. The front-end server often serves as a clearinghouse for requests from different browsers, meaning that different peoples’ sessions with web applications mingle in the same traffic stream.
New Rockstar 2FA phishing service targets Microsoft 365 accounts
Novel C2 Technique Exploits QR Codes to Bypass Browser Isolation