« previous next »
Pages: [1]   Go Down

Author Topic: Where a bookmark could set you out to CloudBleed!  (Read 1427 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34061
  • malware fighter
Where a bookmark could set you out to CloudBleed!
« on: April 07, 2017, 07:39:05 PM »
Happening when you bookmarkt this site: -https://hetrixtools.com/
SSL/TLS issues: http://toolbar.netcraft.com/site_report?url=https://hetrixtools.com  CloudFlare related CloudBleed!
vulnerable libraries: http://retire.insecurity.today/#!/scan/1367463ee63ff57c7c1d39a1529e3cda396ccb0f5781ad8ce895e1d3e5f1cafd
Chain installation:
2 certificates found: RSA and ECC  ssl373325cloudflaressl.com en Comodo RSA Domain Validation Cert.
Strict Transport Security (HSTS):  Not Enabled
SSL/TLS compression:  Not Enabled
Heartbeat (extension):  Not Enabled
RC4:  Not Enabled (which is good).

F- status: https://observatory.mozilla.org/analyze.html?host=hetrixtools.com

B-status and 4 issues where we do not wanna see 'em: https://sritest.io/#report/1a9fbe91-2f3d-4a5a-af31-db35ec68d97d
considering these results: http://www.domxssscanner.com/scan?url=https%3A%2F%2Fhetrixtools.com

So watch your bookmarks with Cloudbleed Bookmark Checker for instance.

polonus (volunteer website security analyst and website error-hunter)
« Last Edit: April 07, 2017, 07:41:59 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Lotan

  • Sr. Member
  • ****
  • Posts: 289
Re: Where a bookmark could set you out to CloudBleed!
« Reply #1 on: April 07, 2017, 10:18:22 PM »
im sorry to ask but does this do something to your bookmarks or something?
Logged

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34061
  • malware fighter
Re: Where a bookmark could set you out to CloudBleed!
« Reply #2 on: April 08, 2017, 01:19:15 AM »
Hi Lotan,

No it does nothing to your bookmarks. 
Quote
CloudBleed is a new vulnerability that effects CloudFlare. CloudFare is a content delivery network and security provided that is the backbone of some very large, big name websites. This new vulnerability has made it possible for sensitive information; passwords, encrypted keys, and more. A simple Google search will not bring up this leaked information. As with any security breach, the standard protocol is to change your password immediately. The leak has bee patched but it has affected quite a few websites
See the extension for chrome and firefox: http://www.addictivetips.com/web/how-to-check-if-a-website-is-affected-by-cloudbleed/  (probably a script blocker like NoScript or uMatrix might have mitigated the threat when it was still there). It is always a good policy to regularly change your account passwords, whenever you were on affected websites or as a general precaution matter against private data breaches. A remote risk, let us call it that, but always better safe than sorry. I reported it here just for awareness to the fact it was around.

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »