Skip to content

Latest commit

 

History

History
25 lines (22 loc) · 3.67 KB

README.md

File metadata and controls

25 lines (22 loc) · 3.67 KB

Security Incidents From Caching

Collection of incidents resulting from web caching issues. This is focused on the problem that results in users seeing the content of other users, when that problem appears as a direct result of a CDN or related web caching configuration change, noticable by many users. When this happens, numerous users will immediately report seeing the content of other users. This will not record those incidents that result from activity by an attacker or bug bounty researcher, as it is believed those may be resulting from a different problem.

A common cause for some of these is Cloudfront request collapsing. Read about that feature here.

Why does this repo exist?

This is a problem that occurs regularly and the hope is to identify generic mitigation strategies to detect and avoid it from happening in the future. If you know of good ways of identifying this problem before it gets pushed to production, please reach out (file a ticket, message me on twitter at https://twitter.com/0xdabbad00, or email me).

Incidents

Date Organization impacted References Notes
May 1, 2024 Qantas reddit Company statement
February 16, 2024 Wyze cameras reddit
November 30, 2023 Ticketmaster reddit
September 8, 2023 Wyze cameras reddit
March 21, 2023 ChatGPT reddit
March 7, 2023 Loom post-mortem presentation
February, 2023 Scandinavian Airlines (SAS) news article
October 12, 2022 Unknown post-mortem Result of Cloudfront request collapsing
May 27, 2021 Klarna post-mortem
March 20, 2021 Zulip post-mortem Result of Cloudfront request collapsing
March 8, 2021 Github post-mortem This was a thread safety problem, but the result was similar
April 2020 Italian Social Security (INPS) news article
December 25, 2015 Steam post-mortem Cache change was made in response to a DDoS, which caused a different problem
Jan 29, 2015 Apple iTunes news article Unclear if this was a caching issue, but the symptoms look similar