Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- "There has been a major security flaw within Cloudflare and thus meaning within Discord. Its highly suggested that you cycle your passwords everywhere.
- Impact:
- Between 2016-09-22 - 2017-02-18 passwords, private messages, API keys, and other sensitive data were leaked by Cloudflare to random requesters.
- Data was cached by search engines, and may have been collected by random adversaries over the past few months.
- "The greatest period of impact was from February 13 and February 18 with around 1 in every 3,300,000 HTTP requests through Cloudflare potentially resulting in memory leakage (that’s about 0.00003% of requests), potential of 100k-200k paged with private data leaked every day"
- What you should do:
- Change all your passwords, especially those on these affected sites. Rotate API keys & secrets, and confirm you have 2-FA set up for important accounts. Of the sites compromised, most notably there is Reddit, Uber, StackOverflow, Patreon, DigitalOcean, 4chan, and many many more.
- You can check which sites were affected by this on the readme of this github page https://github.com/pirate/sites-using-cloudflare"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement