Starbucks Abandons Azure Site, Exposed Subdomain to Hijacking

guest · Aug 29, 2019

Starbucks Abandons Azure Site, Exposed Subdomain to Hijacking
August 29, 2019
https://www.bleepingcomputer.com/ne...ns-azure-site-exposed-subdomain-to-hijacking/

A security researcher found that a Starbucks subdomain had a DNS pointer to an Azure cloud host that had been abandoned. The problem is that anyone registering the cloud host would receive data intended for the subdomain.
Active CNAME record to blame
By claiming the Azure resource name, an attacker could use the Starbucks subdomain to carry out cross-site scripting (XSS) and session hijacking attacks, since the same-origin policies (SOP) would have no effect.
Minimum effort for maximum impact
The issue was discovered on August 1 by Parzel, a Berlin-based hacker, and reported to Starbucks through its bug bounty program on HackerOne platform. The company paid a reward of $2,000 for the private disclosure of the oversight.
A couple of days after the private report, Parzel saw that the CNAME record had been removed and released the Azure name. The Starbucks subdomain is no longer active.

This seems to be a recurring issue with Starbucks as the company a little over a year ago paid another $2,000 to a researcher reporting the same type of problem with a different subdomain. That report was also through HackerOne.
Click to expand...

plat · Aug 29, 2019

At least Starbucks is paying the bounties. The one who exposed the holes in Valve Corporation's Steam software has yet to see a dime, even though, after the fact, Valve updated its policies on what vulnerability disclosures will qualify for payment.

Log in or Sign up

Starbucks Abandons Azure Site, Exposed Subdomain to Hijacking

guest Guest

plat Registered Member

Log in or Sign up

Starbucks Abandons Azure Site, Exposed Subdomain to Hijacking

guest Guest

plat Registered Member

Useful Searches