Bleeping Computer

Web Cache Deception Attack Tricks Servers Into Caching Pages with Personal Data

Caching servers commonly deployed with big-name services will often cache the incorrect page content, including personal details, when the user accesses a non-existent resource, such as CSS or ...
Bleeping Computer

New CPDoS Web Cache Poisoning Attacks Impact Sites Using Popular CDNs

Details have emerged about a new class of web cache poisoning attacks that could be used to deny users access to resources delivered through a content delivery network (CDN). Named Cache-Poisoned ...
Dark Reading

Deconstructing Web Cache Deception Attacks: They're Bad; Now What?

"Web cache" refers to any technology that fronts an origin web server and temporarily stores frequently accessed content so that subsequent requests for the same content can be served efficiently. Be ...
ZDNet

CPDoS attack can poison CDNs to deliver error pages instead of legitimate sites

Two academics from the Technical University of Cologne (TH Koln) have disclosed this week a new type of web attack that can poison content delivery networks (CDNs ...
Dark Reading

New Hack Weaponizes the Web Cache

A newly discovered attack forces Web cache servers to deliver malicious content to website visitors – and also exposes a major security hole in Mozilla's Firefox browser infrastructure. James Kettle, ...