Why the 'Cloudbleed' Data Leak Flaw Posed a Major Threat to Websites

1 of 12

Why the 'Cloudbleed' Data Leak Flaw Posed a Major Threat to Websites

Cloudflare has patched critical security flaws that could have allowed leaks of data from thousands of websites over a six-month period. Cloudflare and security researchers are still watching to see if any leaked data has been exploited.

2 of 12

What Is Cloudflare, Anyway?

Cloudlflare is a prominent internet infrastructure company that provides a host of services to websites, including load-balance optimization and security. It also provides website performance data. Cloudflare works behind the scenes in a lot of prominent websites.

3 of 12

This Affects Thousands of Sites

Cloudflare said in a Feb. 23 statement that user information to thousands of websites, including passwords, leaked over a six-month period. Its edge servers, it said, malfunctioned and returned memory that contained private user information, some of which could have been crawled and cached by search engines.

4 of 12

Here Are Some Affected Sites

The full list of affected sites hasn’t been publicly disclosed, but some companies have said they might have been affected. As of this writing, Uber has confirmed it was a Cloudbleed victim. Fitbit also was affected. Other impacted sites could emerge.

5 of 12

How Many Users Are Affected?

Knowing how many users were affected by Cloudbleed is difficult. Cloudflare provides its solutions to sites that work with millions of internet users. Most security experts believe a chunk of those folks were subject to it.

6 of 12

Three Cloudflare Features Were Turned Off

According to Cloudflare, after it learned of the problem, it discovered three features might have been at the center of the leak and shut them down: email obfuscation, server-side excludes and automatic HTTPS rewrites.

7 of 12

How Quickly Cloudbleed Was Fixed

Cloudflare moved quickly to address Cloudbleed. The company said it turned off the affected services within 47 minutes of discovering the flaw and fixed the leak fully in less than seven hours.

8 of 12

An Eye on Malicious Activity

In addition to addressing Cloudbleed, Cloudflare analyzed the scope of the leak. It found that although search engines including Google had cached its data, there had been no malicious activity surrounding it. The cached data was purged wherever it was found.

9 of 12

Users Should Change Passwords

Although malicious hackers hadn’t taken advantage of the leak, it’s still a good idea to change your website passwords immediately. It’s the first line of defense against any malicious hacker who might somehow cull data from Cloudbleed.

10 of 12

Not Much Else Can Be Done

Unfortunately, beyond changing passwords, there isn’t much users can do about Cloudbleed. The damage has already been done—the information was leaked and there is no way to change that. Users should remain vigilant and be on the lookout for any odd account behavior.

11 of 12

Looking Ahead Post-Cloudbleed

Looking ahead, things could get worse before they become better. The investigation into Cloudbleed and its reach has just begun. The leak appears to have been plugged, but more companies are expected to join the list of affected Cloudflare customers.

12 of 12

The Internet of Evil Things Being Fueled by Mirai Botnet

Security tools testing vendor Pwnie Express is in the business of helping organizations test their security and identify areas of vulnerability. Over the course of the last year, what has become increasingly apparent to Pwnie Express (and everyone else) is that the unmanaged and unmonitored devices that make up the so-called internet of things (IoT) represent a vast attack surface and potentially catastrophic risk. In Pwnie Express' 2017 Internet of Evil Things report, released on Feb. 23, the company found an increased awareness of IoT risks. The report surveyed 868 IT professionals and also provides insights Pwnie Express has learned from its analysis of 74.5 million devices. Among the big findings in the report is that the Mirai botnet has increased awareness of IoT security risks. The Mirai botnet made headlines in 2016 as an IoT botnet that attacked popular security blogger Brian Krebs...
Top White Papers and Webcasts