GSA Bounty: Cache poisoning DoS to various TTS assets

I have recently come across a technique to force a Cloudfoundry app to return a HTTP 404 error when requesting any resource, which contains cache friendly headers. What this means is, if the Cloudfoundry app in question is behind a web cache like Cloudfront or Cloudflare etc, it will possibly sto...

CPDoS Poisoning Attack

On October 22, 2019, a new method of web cache poisoning, called CPDoS or Cache Poisoned Denial of Service, was announced by researchers, Hoai Viet Nguyen and Luigi Lo Iacono. Targeting content delivery networks and other caching systems, the attack works by using a malicious header in the HTTP...

New Cache Poisoning Attack Lets Attackers Target CDN Protected Sites

A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate content or resources. The issue could affect...