A strategic guide on migrating legacy VPN-based architectures to Cloudflare's Zero Trust platform using a tiered, risk-aware methodology. The article outlines pre-migration audits, application categorization by complexity, and a phased rollout approach to minimize downtime during large-scale SASE deployments.
A subdomain takeover of ping.ubnt.com via unclaimed Amazon CloudFront distribution combined with shared session cookies across *.ubnt.com subdomains enabled complete authentication bypass of Ubiquity's SSO system. The vulnerability was responsibly disclosed via HackerOne.
A chained CSRF vulnerability in Oculus-Facebook account linking allowed attackers to connect victims' Facebook accounts to attacker-controlled Oculus accounts, extract first-party Facebook access tokens via GraphQL queries, and achieve complete account takeover including password reset. The vulnerability required multiple fixes after initial attempts could be bypassed using a second CSRF on the Oculus login flow.