Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Cloudflare Leaked Web Customer Data For Months
Newest First  |  Oldest First  |  Threaded View
Ludivina
100%
0%
Ludivina,
User Rank: Strategist
2/27/2017 | 7:37:24 PM
Re: Lost rank Instagram followers
When this happened, 2 of my websites were caught by it and lost huge rank and I was open for attacks...
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
2/27/2017 | 5:43:45 PM
caching
"Regardless of how long the leaks may have been occurring, search engine companies and data providers will need to purge erroneous and confidential data from their caches"

Article makes a good point, why would cach have this sensitive inforation, it should not be presistent. 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
2/27/2017 | 5:41:43 PM
Re: OMG.. 192.168.l.l
" what should I do now?"

I think most are cleared, you may still need to check in with your users to change their passwords.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
2/27/2017 | 5:40:38 PM
Cloudflare and impact
 

A code error in Cloudflare platform putting everybody at risk in a big way should be a real warning for all of us, the way we develop applications and system has to change to avoid these types of problems.

 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
2/27/2017 | 5:40:19 PM
Re: Cloudflare sucks for 192.168.l.l
"How CloudFlare can be such irresponsible"

this is a good question, is there no qaulity and testing before these codes are being deployed to masses. 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
2/27/2017 | 5:36:30 PM
Cloudflare
 

Who would think Cloudflare is utilized this much m=by many companies.

 
mikeroch
100%
0%
mikeroch,
User Rank: Apprentice
2/24/2017 | 9:56:43 PM
OMG.. 192.168.l.l
Hello, I am using cloudflare on most of my sites, just reading such a shocking stuff here, I am worried now, what should I do now? and what's threat exactly to my users details? Thanks in advance.
Roon215
50%
50%
Roon215,
User Rank: Apprentice
2/24/2017 | 8:44:45 PM
Cloudflare sucks for 192.168.l.l
How CloudFlare can be such irresponsible, I am using CloudFlare on 50% of my site and now I am worried for my data. Such a joke !!!!


Look Beyond the 'Big 5' in Cyberattacks
Robert Lemos, Contributing Writer,  11/25/2020
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: I think the boss is bing watching '70s TV shows again!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-26250
PUBLISHED: 2020-12-01
OAuthenticator is an OAuth login mechanism for JupyterHub. In oauthenticator from version 0.12.0 and before 0.12.2, the deprecated (in jupyterhub 1.2) configuration `Authenticator.whitelist`, which should be transparently mapped to `Authenticator.allowed_users` with a warning, is instead ignored by ...
CVE-2020-28576
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information.
CVE-2020-28577
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names.
CVE-2020-28582
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents.
CVE-2020-28583
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information.