ULX

Author Topic: Important Cloudflare security issue  (Read 1794 times)

0 Members and 1 Guest are viewing this topic.

Offline Bytewave

  • Respected Community Member
  • Hero Member
  • *****
  • Posts: 718
  • Karma: 116
  • :)
    • My Homepage
Important Cloudflare security issue
« on: February 24, 2017, 01:26:34 PM »
Just a heads up, in case you haven't heard:
Cloudflare, a major proxy/CDN/security/DDoS protection service used by a lot of websites, has reportedly been leaking session information in a small percentage of requests since September 2016. Although the information leaked was random and small, it's still heavily advised that you change your passwords on any account on websites using Cloudflare's services (a list of which may be found here).

I personally recommend avoiding password reuse by randomly generating your passwords and saving them with a password manager like LastPass or KeyPass so that, in the event one of your accounts is compromised and the password is stolen, an attacker can't leverage that to break into other accounts you may have.

See this blog post from the Discord team, Hammer & Chisel (note: Discord affected by the issue) for more information.
« Last Edit: February 24, 2017, 01:28:20 PM by Bytewave »
bw81@ulysses-forums ~ % whoami
Homepage