tag
SSRF
2 articles with this tag
2026-06-07
Capital One breach (2019) — how SSRF leaked 100M+ records, and how to defend
A single SSRF reached the metadata endpoint → over-privileged IAM temporary credentials → bulk S3 copy, leaking ~106M records. Every hop could have stopped it. In your environment: IMDSv2, IAM least privilege, and an allowlist for outbound fetches.
2026-06-07
What is SSRF (Server-Side Request Forgery)
SSRF abuses external-input URLs to make a server hit internal resources (internal IPs, cloud metadata). If you fetch URLs, you need an allowlist of destinations, internal-target blocking, and to close redirect/DNS-rebinding gaps. It was the entry point of the Capital One breach.