"Novel Attack Tricks Servers to Cache, Expose Personal Data"

Omer Gil, an information security team leader at EY Advanced Security Center, has discovered a way in which a web server could be deceived into caching pages and revealing sensitive information. This web caching attack is performed through the abuse of content delivery network (CDN) service capabilities to expose personal data and takeover accounts of authenticated users. Gil has revealed that many companies that utilize web caching services are susceptible to being targets of this type of attack. This article further discusses the discoveries made about this new attack and which company has been revealed to be vulnerable to it.

Threatpost reports "Novel Attack Tricks Servers to Cache, Expose Personal Data"