Cloudflare experiences Memory Leak

-

- Advertisement -

Cloudflare, a web performance and security company, revealed some grave news today- a serious bug in its software caused a number of its sensitive data passwords, cookies and other authentication tokens to be released onto the web, having dire effects for the over 5 million websites it currently services. The leak is said to have occurred as early as last September, approximately five months before a security researcher at Google’s Project Zero reported it.

It’s worth noting that an even more severe leak took place between February 13th and 18th. In this instance around 1 in every 3,300,000 HTTP requests to Cloudflare sites would have caused data to be exposed.

Cloudflare was quick to point out that data is leaked in about 0.00003% of requests, which considering the amount of sites they are in charge of is a small amount. True, but Cloudflare’s extensive consumer base includes services like dating websites and password managers, containing highly sensitive information.

The bug was said to occur in an HTML parser that Cloudflare uses to increase website performance, it preps sites for distribution in Google’s publishing platform AMP and upgrades HTTP links to HTTPS.

Cloudflare themselves were also affected by the bug. According to a statement from Graham-Cumming, “One obvious piece of information that had leaked was a private key used to secure connections between Cloudflare machines,” this key allowed the company’s personal systems to talk to one another. So far there has been no evidence of hackers using the bug for nefarious purposes, however it’s still early stages at the moment.

Their San Francisco and London teams have worked tirelessly to correct the problem as soon as it was reported.

Link

Total 1 Votes
0

Tell us how can we improve this post?

+ = Verify Human or Spambot ?

Zamfir Waltz
Zamfir Waltz
A Photojournalist by profession, and avid Tech enthusiast, Shamar Blunt has had over 7 years of experience working in journalism and media production from his frequent work with Barbados TODAY, to functioning as a wedding and events photographer under his brand 'Framerate Photography. Shamar has worked on a variety of projects, from providing video work for the Barbados Heart and Stroke Foundation, to fashion photography for many runway projects, and much more. His work has also been featured on several social media pages ran by the Barbados Tourism Marketing Inc (BTMI)

RELATED POSTS

ADVERTISEMENT

POPULAR POSTS

MEDIA RELEASE: Shyft Partners With Bitt To Enable A Private And Secure Data Ecosystem For Barbados And The Caribbean

Bridegtown, BARBADOS; December 3, 2018 : Shyft the global blockchain-based network that facilitates the secure sharing of attested and compliant data, has announced the signing of...

ADVERTISEMENT

ADVERTISEMENT

RANDOM POSTS

Favourite SDCC 2017 Trailers

This is not an exhaustive list of every trailer that came out of this year's San Diego Comic-Con. As the title says, it's just...

ADVERTISEMENT

CATEGORIES