all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Quantifying User Password Exposure to Third-Party CDNs. (arXiv:2301.03690v1 [cs.CR])

Add to bookmarks
Jan. 11, 2023, 2:10 a.m. | Rui Xin, Shihan Lin, Xiaowei Yang

cs.CR updates on arXiv.org arxiv.org

Web services commonly employ Content Distribution Networks (CDNs) for
performance and security. As web traffic is becoming 100% HTTPS, more and more
websites allow CDNs to terminate their HTTPS connections. This practice may
expose a website's user sensitive information such as a user's login password
to a third-party CDN. In this paper, we measure and quantify the extent of user
password exposure to third-party CDNs. We find that among Alexa top 50K
websites, at least 12,451 of them use CDNs …

alexa cdn connections distribution exposure find https information login may measure networks party password performance practice security sensitive information services third third-party traffic web web services website websites web traffic

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Assessing the Solvency of Virtual Asset Service Providers: Are Current Standards Sufficient? 16 hours ago | arxiv.org
arxiv asset business can +22
Label Inference Attacks against Node-level Vertical Federated GNNs 16 hours ago | arxiv.org
arxiv attacks cs.cr cs.lg +16
One-shot Empirical Privacy Estimation for Federated Learning 16 hours ago | arxiv.org
adversary algorithms arxiv auditing +12
Transferability Ranking of Adversarial Examples 16 hours ago | arxiv.org
adversarial arxiv assurance attackers +12
When Authentication Is Not Enough: On the Security of Behavioral-Based Driver Authentication Systems 16 hours ago | arxiv.org
artificial artificial intelligence arxiv authentication +12
A survey on hardware-based malware detection approaches 16 hours ago | arxiv.org
arxiv computer computer security cs.cr +15
Explainable Ponzi Schemes Detection on Ethereum 16 hours ago | arxiv.org
applications arxiv blockchain cs.cr +11
KDk: A Defense Mechanism Against Label Inference Attacks in Vertical Federated Learning 16 hours ago | arxiv.org
arxiv attacks cs.cr cs.lg +8
Privacy-Preserving UCB Decision Process Verification via zk-SNARKs 16 hours ago | arxiv.org
algorithm application arxiv balance +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cybersecurity Triage Analyst

@ Peraton | Linthicum, MD, United States
View on infosec-jobs.com

Associate DevSecOps Engineer

@ LinQuest | Los Angeles, California, United States
View on infosec-jobs.com

DORA Compliance Program Manager

@ Resillion | Brussels, Belgium
View on infosec-jobs.com

Head of Workplace Risk and Compliance

@ Wise | London, United Kingdom
View on infosec-jobs.com
View more jobs