New CPDoS Web Cache Poisoning Attacks Impact Sites Using Popular...

New CPDoS Web Cache Poisoning Attacks Impact Sites Using Popular CDNs #DOS #CYBERSECURITY #HACKER Cache-Poisoned DoS Attack Against CDN Protected Sites A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate content or resources. The issue affects reverse proxy cache systems like Varnish and some widely-used Content Distribution Networks (CDNs) services, including Amazon CloudFront, Cloudflare, Fastly, Akamai, and CDN77. In brief, a Content Distribution Network (CDN) is a geographically distributed group of servers that sit between the origin server of a website and its visitors to optimize the performance of the website. A CDN service simply stores/caches static files—including HTML pages, javascript files, stylesheets, images, and videos—from the origin server and delivers them to visitors more quickly without going back to the originating server again and again. Each of the geographically distributed CDN server, known as edge nodes, then also shares the exact copy of the cache files and serve them to visitors based on their locations. Generally, after a defined time or when manually purged, the CDN servers refresh the cache by retrieving a new updated copy of each web page from the origin server and store them for future requests. Khareem Sudlow via https://youtu.be/pjUcC0GzR58

from Trippy.Tube
via Trippy.Tube