Novel Attack Tricks Servers to Cache, Expose Personal Data

By Tom Spring

LAS VEGAS—Researcher Omer Gil has devised a way to trick a web server into caching pages and exposing personal data.


The so-called web caching attack targets sites that use content delivery network (CDN) services such as Akamai and Cloudflare. These services act as traffic load balancers and reverse proxies, and store files that are frequently retrieved in order to reduce latency from a web server.


Gil, an information security team leader at EY Advanced Security Center, will present research tomorrow at Black Hat, that shows how adversaries can abuse these services and expose sensitive information of authenticated users and even take control of their accounts.


Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico