CloudFlare Breach

If you are concerned about your security, you need to read this. This may affect some high profile sites like Fitbit, Dropbox, Zendesk, and Box.com, CreditKarma.com, among thousands of others. Some iPhone \ iPad Apps are affected as well. This section is completely excerpted from Nick Sweating  who is reporting that: Between 2016-09-22 – 2017-02-18 passwords, private messages, API keys, and other sensitive data were leaked by Cloudflare to random requesters. Data was cached by search engines, and may have been collected by random adversaries over the past few months. Requests to sites with the HTML rewrite features enabled triggered a pointer math bug. Once the bug was triggered the response would include data from ANY other Cloudflare proxy customer that happened[…]

Read more

Don’t Bend Over in the Garden, Granny, You Know Them Taters Got “IOS”

Thought a quick throw back to the great southern philosopher Lewis Grizzard would be nice looking at this latest revelation. It would seem that many IOS developers have made a grave error in not upgrading the AFNetwork code to the current level. Because of this some 1500+ IOS apps will easily divulge information – passwords, secure keys, etc. using very basic MITM attacks or proxies. A team of security researchers found the error in some investigations they were conducting. This one is going to create some flurry of developer activity getting it all squared away and tested properly. But why does any of that really matter? Should I be worried? One of the apps that falls to this is the[…]

Read more

A Dozen Ways to Love Your Data

I started putting this article together while sitting in a coffee shop, and in the background “50 Ways to leave your Lover” was playing. While sipping my custom crafted triple shot extra grande vanilla mocha latte skim with no whip and contemplating cyber security conundrums and I came upon the idea of a dozen ways to love your data when you travel. And by data I mean files on your computer, login credentials, and things you don’t really want everyone to have access to. How can you securely use openfree wireless networks when traveling? Can we rely on a public Wi-Fi network when connecting to our bank, other financial site, social media or share our private lives online? The answer[…]

Read more