Haberler      English      العربية      Pусский      Kurdî      Türkçe
  En.Haberler.Com - Latest News
SEARCH IN NEWS:
  HOME PAGE 08/05/2024 05:29 
News  > 

Bug Results İn Data Leak By Cloudfare

25.02.2017 00:13

Internet services company Cloudflare revealed Friday a software glitch caused hundreds of thousands of webpages that utilize its hosting platform to leak encrypted personal data online.



The company said, however, there is no evidence hackers exploited the leak for criminal activity. Cloudflare is used by millions of websites to enhance cybersecurity and performance.



The bug was first noticed Feb. 17 by Tavis Ormandy of Google's Project Zero security initiative, but information may have been seeping onto the web since September 2016.



Cached data, including passwords, hotel bookings and private messages leaked from online dating services were discovered stored on non-descript webpages linked to Cloudflare. Ormandy noticed the data was available to anyone using Google's search engine.



Cloudflare declared that all the leaked data had been cleaned up and is no longer searchable via Google.



"The bug was serious because the leaked memory could contain private information and because it had been cached by search engines," Cloudflare's Chief Technology Officer John Graham-Cumming wrote in an incident report about. "We have also not discovered any evidence of malicious exploits of the bug or other reports of its existence."



The leakage was most significant between Feb. 13 - 18, just after Cloudflare rolled out a software update.



According to Graham-Cumming, one in every 3.3 million HTTP requests, a type of web communication between networks that is essential for webpages to work, through Cloudflare may have resulted in leaked memory.



That is about 0.00003 percent of all requests, but still a substantial figure considering Cloudflare hosts 6 million websites making a massive number of requests every minute.



Cloudflare's cybersecurity team found 770 unique instances of leaked data through search engines including Google, Yahoo and Bing. The search engines assisted in purging the data.



Cloudflare also scoured platforms like Pastebin, a favorite for hackers posting leaked data, but it did not find any malicious use of the leaked information. -



 
Latest News
  • US Central Command Commander Visits Egypt
  • 'Egypt plays a critical role in regional security and has been instrumental in enabling humanitarian assistance for the people of Gaza,' says Michael 'Erik' Kurilla.
    • -25 minutes ago...
 
 
Top News