208:, in which the client and server prove their identity without sharing any secrets over the network. 1Password data is additionally encrypted using keys derived from the user's master password and a secret account code, which Goldberg claims would protect the credentials even if 1Password's own servers were breached. 1Password did not suggest users change their master password in response to a potential breach involving the bug.
169:
initially stated that he was "really impressed with
Cloudflare's quick response, and how dedicated they are to cleaning up from this unfortunate issue." However, when Ormandy pressed Cloudflare for additional information, "They gave several excuses that didn't make sense," before sending a draft that
51:
bodies, and other sensitive data. As a result, data from
Cloudflare customers was leaked to all other Cloudflare customers that had access to server memory. This occurred, according to numbers provided by Cloudflare at the time, more than 18,000,000 times before the problem was corrected. Some of the
157:
Graham-Cumming also said that "Unfortunately, it was the ancient piece of software that contained a latent security problem and that problem only showed up as we were in the process of migrating away from it." He added that his team has already begun testing their software for other possible issues.
76:
posted the issue on his team's issue tracker and said that he informed
Cloudflare of the problem on February 17. In his own proof-of-concept attack he got a Cloudflare server to return "private messages from major dating sites, full messages from a well-known chat service, online password manager
186:
OKCupid CEO Elie
Seidman said: "CloudFlare alerted us last night of their bug and we've been looking into its impact on OkCupid members. Our initial investigation has revealed minimal, if any, exposure. If we determine that any of our users has been impacted we will promptly notify them and take
154:, noted that Cloudflare clients, such as Uber and OkCupid, weren't directly informed of the leaks due to the security risks involved in the situation. “There was no backdoor communication outside of Cloudflare — only with Google and other search engines,” he said.
195:
Fitbit stated that they had investigated the incident and only found that a "handful of people were affected". They recommended that concerned customers should change their passwords and clear session tokens by revoking and re-adding the app to their account.
230:
cybersecurity columnist, Joseph
Steinberg, however, advised people not to change their passwords, stating that "the current risk is much smaller than the price to be paid in increased 'cybersecurity fatigue' leading to much bigger problems in the future."
224:, in an alert, suggested that "For most of us, the only truly safe response to this large-scale information leak is to update our passwords for the Web sites and app-related services we use every day...Pretty much all of them."
120:
The bug was serious because the leaked memory could contain private information and because it had been cached by search engines. We have also not discovered any evidence of malicious exploits of the bug or other reports of its
123:
The greatest period of impact was from
February 13 and February 18 with around 1 in every 3,300,000 HTTP requests through Cloudflare potentially resulting in memory leakage (that’s about 0.00003% of requests).
127:
Cloudflare acknowledged that the memory could have leaked as early as
September 22, 2016. The company also stated that one of its own private keys, used for machine-to-machine encryption, has leaked.
748:
178:
Uber stated that the impact on its service was very limited. An Uber spokesperson added "only a handful of session tokens were involved and have since been changed. Passwords were not exposed."
502:
1243:
1263:
89:
bug, in that it allowed unauthorized third parties to access data in the memory of programs running on web servers, including data which had been shielded while in transit by
2413:
77:
data, frames from adult video sites, hotel bookings. We're talking full https requests, client IP addresses, full responses, cookies, passwords, keys, data, everything."
312:
929:
1415:
955:
855:
1233:
1177:
756:
829:
143:
buffers were used. Introducing cf-html subtly changed the buffering which enabled the leakage even though there were no problems in cf-html itself.
93:. Cloudbleed also likely impacted as many users as Heartbleed since it affected a content delivery network serving nearly two million websites.
1223:
992:
1347:
2423:
1761:
1228:
402:
36:
892:
1895:
1877:
1378:
1156:
922:
639:
614:
1901:
1427:
1388:
1023:
204:
In a blog post, Jeffery
Goldberg stated that no data from 1Password would be at risk due to Cloudbleed, citing the service's use of
1202:
1961:
1907:
1482:
1373:
345:
1309:
1146:
1048:
205:
316:
1368:
1141:
897:
216:
Many major news outlets advised users of sites hosted by
Cloudflare to change their passwords, as even accounts protected by
805:
669:
1248:
960:
950:
915:
2122:
1512:
1299:
1238:
1197:
1095:
531:
278:
1617:
1352:
1115:
217:
2408:
2398:
2306:
1647:
1502:
1294:
1187:
1131:
721:
1787:
1756:
1383:
373:
1925:
1492:
1410:
1316:
1289:
151:
90:
2081:
1745:
1218:
1151:
997:
779:
432:
2403:
1955:
1811:
1642:
1304:
2096:
1931:
1715:
1079:
695:
556:
69:
1859:
1740:
1452:
1161:
1110:
1105:
596:
582:
902:
856:"Why You Can Ignore Calls To Change Your Passwords After Today's Massive Password Leak Announcement"
458:
2418:
2358:
2230:
1258:
1074:
147:
2368:
2363:
2260:
1889:
1652:
1578:
1268:
1069:
256:
640:"Help article: How is Fitbit keeping my data secure in light of the Cloudflare security issue?"
2373:
2255:
2225:
1829:
1685:
1043:
1007:
503:"Google Just Discovered A Massive Web Leak... And You Might Want To Change All Your Passwords"
103:, saying "it took every ounce of strength not to call this issue 'cloudbleed'" in his report.
53:
329:
1 in every 3,300,000 HTTP requests through
Cloudflare potentially resulted in memory leakage.
2301:
2153:
2076:
1725:
1662:
1537:
986:
35:
on February 17, 2017. Cloudflare's code disclosed the contents of memory that contained the
647:
2311:
2286:
2250:
2178:
2091:
2086:
1730:
1522:
1432:
1136:
346:"Cloudbleed: Big web brands leaked crypto keys, personal secrets thanks to Cloudflare bug"
227:
131:
It turned out that the underlying bug that caused the memory leak had been present in our
28:
220:
could be at risk. Passwords of mobile apps too could have been impacted. Researchers at
2050:
2045:
1735:
1720:
1710:
1705:
1637:
1612:
1607:
1602:
1547:
1002:
221:
2392:
2173:
1632:
1591:
1587:
1583:
532:"Everything You Need to Know About Cloudbleed, the Latest Internet Security Disaster"
257:"Issue 1139: cloudflare: Cloudflare Reverse Proxies are Dumping Uninitialized Memory"
166:
96:
73:
57:
475:
2117:
2071:
1871:
1835:
1690:
1680:
1573:
1568:
1563:
1437:
1253:
1182:
882:
350:
44:
40:
32:
374:"Cloudflare has been leaking private Uber, Fitbit and Ok Cupid details for months"
2353:
2343:
2291:
2199:
2143:
2055:
2004:
1865:
1695:
1422:
1053:
2296:
2281:
2209:
1999:
1949:
1805:
1781:
1769:
1627:
1552:
1542:
1532:
1517:
1477:
1402:
1033:
459:"Bug causes personal data leak, but no sign of hackers exploiting: Cloudflare"
100:
86:
25:
893:
A Chrome extension that checks bookmarks against potentially affected domains
282:
2327:
2204:
2168:
2158:
2030:
1847:
1597:
1527:
1467:
1028:
48:
670:"Three layers of encryption keeps you safe when SSL/TLS fails | 1Password"
2235:
2163:
2148:
1967:
1943:
1817:
1799:
1700:
1622:
1457:
1442:
1342:
1321:
1100:
898:
Cloudbleed explained-How the biggest web cache leak on internet happened
615:"Why you shouldn't freak out (yet) about the 'Cloudbleed' security leak"
139:
for many years but no memory was leaked because of the way the internal
99:, first to discover the vulnerability, immediately drew a comparison to
2265:
2138:
2101:
2035:
2014:
1984:
1937:
1919:
1841:
1775:
1557:
1472:
1462:
1447:
907:
483:
806:"Cloudflare 'Cloudbleed' bug impact on mobile apps: Data sample of..."
749:"Cloudflare bug exposed passwords, other sensitive data from websites"
2348:
2240:
2194:
2009:
1823:
1793:
1672:
1657:
1487:
1326:
1038:
403:"Major Cloudflare bug leaked sensitive data from customers' websites"
295:
Every week, the average Internet user touches us more than 500 times.
136:
116:
On Thursday, February 23, 2017, Cloudflare wrote a post noting that:
557:"CloudBleed memory leak bug explained-why it all happened | PcSite"
1973:
1913:
1883:
1192:
140:
132:
433:"CloudFlare Leaked Sensitive Data Across the Internet For Months"
2245:
2040:
1284:
313:"Incident report on memory leak caused by Cloudflare parser bug"
911:
888:
Simple website that lets you check for affected domains quickly
830:"Dark Reading - Cloudflare Leaked Web Customer Data For Months"
722:"Cloudbleed Explained: Flaw Exposes Mountains of Private Data"
307:
305:
303:
1224:
Hollywood Presbyterian Medical Center ransomware incident
251:
249:
247:
245:
243:
887:
85:
In its effects, Cloudbleed is comparable to the 2014
2336:
2320:
2274:
2218:
2187:
2131:
2110:
2064:
2023:
1992:
1983:
1754:
1671:
1501:
1401:
1361:
1335:
1277:
1211:
1170:
1124:
1088:
1062:
1016:
979:
972:
1264:Russian interference in the 2016 U.S. elections
597:"1139 - project-zero - Project Zero - Monorail"
583:"1139 - project-zero - Project Zero - Monorail"
315:. Cloudflare. February 23, 2017. Archived from
883:List of domains using Cloudflare DNS on GitHub
923:
8:
170:"severely downplays the risk to customers."
1234:Democratic National Committee cyber attacks
1989:
1178:Office of Personnel Management data breach
976:
930:
916:
908:
2414:Cloud infrastructure attacks and failures
903:Quantifying the impact of CloudBleed bug
239:
68:The discovery was reported by Google's
854:Joseph Steinberg (February 24, 2017).
804:Weinstein, David (February 24, 2017).
457:Wagstaff, Jeremy (February 24, 2017).
608:
606:
525:
523:
496:
494:
492:
206:Secure Remote Password protocol (SRP)
7:
613:Larson, Selena (February 24, 2017).
427:
425:
423:
396:
394:
339:
337:
1229:Commission on Elections data breach
344:Thomson, Iain (February 24, 2017).
401:Conger, Kate (February 24, 2017).
14:
1389:Jeff Bezos phone hacking incident
696:"Cloudbleed: How to deal with it"
18:Security bug affecting Cloudflare
1962:Microarchitectural Data Sampling
1198:Ukrainian Power Grid Cyberattack
1106:Cyberterrorism attack of June 25
1310:2017 Ukraine ransomware attacks
1147:2014 JPMorgan Chase data breach
1142:2014 celebrity nude photo leak
1:
1379:Bulgarian revenue agency hack
1157:Russian hacker password theft
1513:Bangladesh Black Hat Hackers
989:(publication of 2009 events)
780:"Change Your Passwords. Now"
281:. Cloudflare. Archived from
39:of other customers, such as
1374:Baltimore ransomware attack
478:interviewed on the TV show
218:multi-factor authentication
2440:
2424:Computer security exploits
1648:Tailored Access Operations
1295:WannaCry ransomware attack
1188:Ashley Madison data breach
1132:Anthem medical data breach
1049:PlayStation network outage
81:Similarities to Heartbleed
1384:WhatsApp snooping scandal
1249:Indian Bank data breaches
943:
187:action to protect them."
1926:Speculative Store Bypass
1493:Ukrainian Cyber Alliance
1290:2017 Macron e-mail leaks
162:Google Project Zero team
1300:Westminster data breach
1219:Bangladesh Bank robbery
1162:2014 Yahoo! data breach
1152:2014 Sony Pictures hack
1111:2013 Yahoo! data breach
1096:South Korea cyberattack
998:Operation Olympic Games
993:Australian cyberattacks
1643:Syrian Electronic Army
1353:SingHealth data breach
1116:Singapore cyberattacks
1054:RSA SecurID compromise
501:Fox-Brewster, Thomas.
145:
125:
1932:Lazy FP state restore
1716:Kristoffer von Hassel
1369:Sri Lanka cyberattack
1239:Vietnam Airport Hacks
1080:Operation High Roller
129:
118:
45:authentication tokens
1878:Silent Bob is Silent
938:Hacking in the 2010s
759:on February 25, 2017
747:Constantin, Lucian.
319:on February 23, 2017
1812:SS7 vulnerabilities
1348:Atlanta cyberattack
1317:Equifax data breach
1075:Stratfor email leak
1024:Canadian government
1003:Operation ShadowNet
834:www.darkreading.com
728:. February 24, 2017
702:. February 24, 2017
676:. February 23, 2017
563:. February 25, 2017
530:Estes, Adam Clark.
259:. February 19, 2017
148:John Graham-Cumming
37:private information
2261:Petya and NotPetya
1890:ROCA vulnerability
1653:The Shadow Brokers
1579:Iranian Cyber Army
1505:persistent threats
1305:Petya and NotPetya
1269:2016 Bitfinex hack
1244:DCCC cyber attacks
1203:SWIFT banking hack
279:"About Cloudflare"
2409:2017 in computing
2399:Internet security
2386:
2385:
2382:
2381:
2374:ZeroAccess botnet
1686:Mustafa Al-Bassam
1453:New World Hackers
1416:associated events
1397:
1396:
1193:VTech data breach
1044:Operation AntiSec
1008:Operation Payback
967:
966:
726:Popular Mechanics
70:Project Zero team
2431:
1990:
1663:Yemen Cyber Army
987:Operation Aurora
977:
946:
945:
932:
925:
918:
909:
871:
870:
868:
866:
851:
845:
844:
842:
840:
826:
820:
819:
817:
815:
801:
795:
794:
792:
790:
778:Menegus, Bryan.
775:
769:
768:
766:
764:
755:. Archived from
744:
738:
737:
735:
733:
718:
712:
711:
709:
707:
692:
686:
685:
683:
681:
666:
660:
659:
657:
655:
646:. Archived from
636:
630:
629:
627:
625:
610:
601:
600:
593:
587:
586:
579:
573:
572:
570:
568:
553:
547:
546:
544:
542:
527:
518:
517:
515:
513:
498:
487:
473:
467:
466:
454:
448:
447:
445:
443:
429:
418:
417:
415:
413:
398:
389:
388:
386:
384:
369:
363:
362:
360:
358:
341:
332:
331:
326:
324:
309:
298:
297:
292:
290:
285:on March 4, 2017
275:
269:
268:
266:
264:
253:
52:leaked data was
2439:
2438:
2434:
2433:
2432:
2430:
2429:
2428:
2389:
2388:
2387:
2378:
2332:
2316:
2270:
2214:
2183:
2127:
2106:
2060:
2019:
1979:
1759:
1757:vulnerabilities
1750:
1667:
1560:(confederation)
1523:Charming Kitten
1504:
1497:
1433:Goatse Security
1393:
1357:
1331:
1322:Deloitte breach
1273:
1259:Dyn cyberattack
1207:
1166:
1137:Operation Tovar
1120:
1084:
1058:
1012:
973:Major incidents
968:
939:
936:
879:
874:
864:
862:
853:
852:
848:
838:
836:
828:
827:
823:
813:
811:
803:
802:
798:
788:
786:
777:
776:
772:
762:
760:
746:
745:
741:
731:
729:
720:
719:
715:
705:
703:
694:
693:
689:
679:
677:
668:
667:
663:
653:
651:
650:on July 7, 2017
644:help.fitbit.com
638:
637:
633:
623:
621:
612:
611:
604:
595:
594:
590:
581:
580:
576:
566:
564:
555:
554:
550:
540:
538:
529:
528:
521:
511:
509:
500:
499:
490:
474:
470:
456:
455:
451:
441:
439:
431:
430:
421:
411:
409:
400:
399:
392:
382:
380:
372:Burgess, Matt.
371:
370:
366:
356:
354:
343:
342:
335:
322:
320:
311:
310:
301:
288:
286:
277:
276:
272:
262:
260:
255:
254:
241:
237:
214:
202:
193:
184:
176:
164:
122:
114:
109:
83:
66:
29:buffer overflow
19:
12:
11:
5:
2437:
2435:
2427:
2426:
2421:
2416:
2411:
2406:
2401:
2391:
2390:
2384:
2383:
2380:
2379:
2377:
2376:
2371:
2366:
2361:
2356:
2351:
2346:
2340:
2338:
2334:
2333:
2331:
2330:
2324:
2322:
2318:
2317:
2315:
2314:
2309:
2304:
2299:
2294:
2289:
2284:
2278:
2276:
2272:
2271:
2269:
2268:
2263:
2258:
2253:
2248:
2243:
2238:
2233:
2228:
2222:
2220:
2216:
2215:
2213:
2212:
2207:
2202:
2197:
2191:
2189:
2185:
2184:
2182:
2181:
2176:
2171:
2166:
2161:
2156:
2151:
2146:
2144:Black Energy 3
2141:
2135:
2133:
2129:
2128:
2126:
2125:
2120:
2114:
2112:
2108:
2107:
2105:
2104:
2099:
2094:
2089:
2084:
2079:
2074:
2068:
2066:
2062:
2061:
2059:
2058:
2053:
2051:Metulji botnet
2048:
2043:
2038:
2033:
2027:
2025:
2021:
2020:
2018:
2017:
2012:
2007:
2005:Black Energy 2
2002:
1996:
1994:
1987:
1981:
1980:
1978:
1977:
1971:
1965:
1959:
1953:
1947:
1941:
1935:
1929:
1923:
1917:
1911:
1905:
1899:
1893:
1887:
1881:
1875:
1869:
1863:
1860:Broadcom Wi-Fi
1857:
1851:
1845:
1839:
1833:
1827:
1821:
1815:
1809:
1803:
1797:
1791:
1785:
1779:
1773:
1766:
1764:
1752:
1751:
1749:
1748:
1743:
1738:
1733:
1728:
1723:
1721:Junaid Hussain
1718:
1713:
1711:Jeremy Hammond
1708:
1706:Elliott Gunton
1703:
1698:
1693:
1688:
1683:
1677:
1675:
1669:
1668:
1666:
1665:
1660:
1655:
1650:
1645:
1640:
1638:Stealth Falcon
1635:
1630:
1625:
1620:
1615:
1613:PLA Unit 61486
1610:
1608:PLA Unit 61398
1605:
1603:Numbered Panda
1600:
1595:
1581:
1576:
1571:
1566:
1561:
1555:
1550:
1548:Equation Group
1545:
1540:
1535:
1530:
1525:
1520:
1515:
1509:
1507:
1499:
1498:
1496:
1495:
1490:
1485:
1480:
1475:
1470:
1465:
1460:
1455:
1450:
1445:
1440:
1435:
1430:
1425:
1420:
1419:
1418:
1407:
1405:
1399:
1398:
1395:
1394:
1392:
1391:
1386:
1381:
1376:
1371:
1365:
1363:
1359:
1358:
1356:
1355:
1350:
1345:
1339:
1337:
1333:
1332:
1330:
1329:
1324:
1319:
1314:
1313:
1312:
1302:
1297:
1292:
1287:
1281:
1279:
1275:
1274:
1272:
1271:
1266:
1261:
1256:
1251:
1246:
1241:
1236:
1231:
1226:
1221:
1215:
1213:
1209:
1208:
1206:
1205:
1200:
1195:
1190:
1185:
1180:
1174:
1172:
1168:
1167:
1165:
1164:
1159:
1154:
1149:
1144:
1139:
1134:
1128:
1126:
1122:
1121:
1119:
1118:
1113:
1108:
1103:
1098:
1092:
1090:
1086:
1085:
1083:
1082:
1077:
1072:
1066:
1064:
1060:
1059:
1057:
1056:
1051:
1046:
1041:
1039:HBGary Federal
1036:
1031:
1026:
1020:
1018:
1014:
1013:
1011:
1010:
1005:
1000:
995:
990:
983:
981:
974:
970:
969:
965:
964:
958:
953:
944:
941:
940:
937:
935:
934:
927:
920:
912:
906:
905:
900:
895:
890:
885:
878:
877:External links
875:
873:
872:
846:
821:
796:
770:
739:
713:
687:
674:1Password Blog
661:
631:
602:
588:
574:
548:
519:
488:
468:
449:
419:
390:
364:
333:
299:
270:
238:
236:
233:
222:Arbor Networks
213:
210:
201:
198:
192:
189:
183:
180:
175:
172:
163:
160:
113:
110:
108:
105:
82:
79:
65:
62:
58:search engines
17:
13:
10:
9:
6:
4:
3:
2:
2436:
2425:
2422:
2420:
2417:
2415:
2412:
2410:
2407:
2405:
2404:Software bugs
2402:
2400:
2397:
2396:
2394:
2375:
2372:
2370:
2367:
2365:
2362:
2360:
2357:
2355:
2352:
2350:
2347:
2345:
2342:
2341:
2339:
2335:
2329:
2326:
2325:
2323:
2319:
2313:
2310:
2308:
2305:
2303:
2300:
2298:
2295:
2293:
2290:
2288:
2285:
2283:
2280:
2279:
2277:
2273:
2267:
2264:
2262:
2259:
2257:
2254:
2252:
2249:
2247:
2244:
2242:
2239:
2237:
2234:
2232:
2229:
2227:
2224:
2223:
2221:
2217:
2211:
2208:
2206:
2203:
2201:
2198:
2196:
2193:
2192:
2190:
2186:
2180:
2177:
2175:
2174:Gameover ZeuS
2172:
2170:
2167:
2165:
2162:
2160:
2157:
2155:
2152:
2150:
2147:
2145:
2142:
2140:
2137:
2136:
2134:
2130:
2124:
2121:
2119:
2116:
2115:
2113:
2109:
2103:
2100:
2098:
2095:
2093:
2090:
2088:
2085:
2083:
2080:
2078:
2075:
2073:
2070:
2069:
2067:
2063:
2057:
2054:
2052:
2049:
2047:
2044:
2042:
2039:
2037:
2034:
2032:
2029:
2028:
2026:
2022:
2016:
2013:
2011:
2008:
2006:
2003:
2001:
1998:
1997:
1995:
1991:
1988:
1986:
1982:
1975:
1972:
1969:
1966:
1963:
1960:
1957:
1954:
1951:
1948:
1945:
1942:
1939:
1936:
1933:
1930:
1927:
1924:
1921:
1918:
1915:
1912:
1909:
1906:
1903:
1900:
1897:
1894:
1891:
1888:
1885:
1882:
1879:
1876:
1873:
1870:
1867:
1864:
1861:
1858:
1855:
1852:
1849:
1846:
1843:
1840:
1837:
1834:
1831:
1828:
1825:
1822:
1819:
1816:
1813:
1810:
1807:
1804:
1801:
1798:
1795:
1792:
1789:
1786:
1783:
1780:
1777:
1774:
1771:
1768:
1767:
1765:
1763:
1758:
1753:
1747:
1744:
1742:
1739:
1737:
1734:
1732:
1729:
1727:
1724:
1722:
1719:
1717:
1714:
1712:
1709:
1707:
1704:
1702:
1699:
1697:
1694:
1692:
1689:
1687:
1684:
1682:
1679:
1678:
1676:
1674:
1670:
1664:
1661:
1659:
1656:
1654:
1651:
1649:
1646:
1644:
1641:
1639:
1636:
1634:
1633:Rocket Kitten
1631:
1629:
1626:
1624:
1621:
1619:
1616:
1614:
1611:
1609:
1606:
1604:
1601:
1599:
1596:
1593:
1589:
1585:
1584:Lazarus Group
1582:
1580:
1577:
1575:
1572:
1570:
1567:
1565:
1562:
1559:
1556:
1554:
1551:
1549:
1546:
1544:
1541:
1539:
1536:
1534:
1531:
1529:
1526:
1524:
1521:
1519:
1516:
1514:
1511:
1510:
1508:
1506:
1500:
1494:
1491:
1489:
1486:
1484:
1481:
1479:
1476:
1474:
1471:
1469:
1466:
1464:
1461:
1459:
1456:
1454:
1451:
1449:
1446:
1444:
1441:
1439:
1436:
1434:
1431:
1429:
1426:
1424:
1421:
1417:
1414:
1413:
1412:
1409:
1408:
1406:
1404:
1400:
1390:
1387:
1385:
1382:
1380:
1377:
1375:
1372:
1370:
1367:
1366:
1364:
1360:
1354:
1351:
1349:
1346:
1344:
1341:
1340:
1338:
1334:
1328:
1327:Disqus breach
1325:
1323:
1320:
1318:
1315:
1311:
1308:
1307:
1306:
1303:
1301:
1298:
1296:
1293:
1291:
1288:
1286:
1283:
1282:
1280:
1276:
1270:
1267:
1265:
1262:
1260:
1257:
1255:
1252:
1250:
1247:
1245:
1242:
1240:
1237:
1235:
1232:
1230:
1227:
1225:
1222:
1220:
1217:
1216:
1214:
1210:
1204:
1201:
1199:
1196:
1194:
1191:
1189:
1186:
1184:
1181:
1179:
1176:
1175:
1173:
1169:
1163:
1160:
1158:
1155:
1153:
1150:
1148:
1145:
1143:
1140:
1138:
1135:
1133:
1130:
1129:
1127:
1123:
1117:
1114:
1112:
1109:
1107:
1104:
1102:
1101:Snapchat hack
1099:
1097:
1094:
1093:
1091:
1087:
1081:
1078:
1076:
1073:
1071:
1070:LinkedIn hack
1068:
1067:
1065:
1061:
1055:
1052:
1050:
1047:
1045:
1042:
1040:
1037:
1035:
1032:
1030:
1027:
1025:
1022:
1021:
1019:
1015:
1009:
1006:
1004:
1001:
999:
996:
994:
991:
988:
985:
984:
982:
978:
975:
971:
963: →
962:
959:
957:
954:
952:
949:←
948:
947:
942:
933:
928:
926:
921:
919:
914:
913:
910:
904:
901:
899:
896:
894:
891:
889:
886:
884:
881:
880:
876:
861:
857:
850:
847:
835:
831:
825:
822:
810:
807:
800:
797:
785:
781:
774:
771:
758:
754:
750:
743:
740:
727:
723:
717:
714:
701:
697:
691:
688:
675:
671:
665:
662:
649:
645:
641:
635:
632:
620:
616:
609:
607:
603:
598:
592:
589:
584:
578:
575:
562:
558:
552:
549:
537:
533:
526:
524:
520:
508:
504:
497:
495:
493:
489:
485:
481:
480:Triangulation
477:
472:
469:
464:
460:
453:
450:
438:
434:
428:
426:
424:
420:
408:
404:
397:
395:
391:
379:
375:
368:
365:
353:
352:
347:
340:
338:
334:
330:
318:
314:
308:
306:
304:
300:
296:
284:
280:
274:
271:
258:
252:
250:
248:
246:
244:
240:
234:
232:
229:
228:Inc. Magazine
225:
223:
219:
211:
209:
207:
199:
197:
190:
188:
181:
179:
173:
171:
168:
167:Tavis Ormandy
161:
159:
155:
153:
150:, Cloudflare
149:
144:
142:
138:
134:
128:
124:
117:
111:
106:
104:
102:
98:
97:Tavis Ormandy
94:
92:
88:
80:
78:
75:
74:Tavis Ormandy
71:
63:
61:
59:
55:
50:
46:
42:
38:
34:
31:disclosed by
30:
27:
23:
16:
2118:CryptoLocker
1872:DoublePulsar
1853:
1691:Cyber Anakin
1681:Ryan Ackroyd
1574:Helix Kitten
1569:Hacking Team
1564:Guccifer 2.0
1438:Lizard Squad
1254:Surkov leaks
1183:Hacking Team
865:February 24,
863:. Retrieved
859:
849:
839:February 25,
837:. Retrieved
833:
824:
814:February 24,
812:. Retrieved
808:
799:
789:February 24,
787:. Retrieved
783:
773:
763:February 24,
761:. Retrieved
757:the original
752:
742:
732:February 24,
730:. Retrieved
725:
716:
706:February 24,
704:. Retrieved
699:
690:
680:December 30,
678:. Retrieved
673:
664:
652:. Retrieved
648:the original
643:
634:
624:February 24,
622:. Retrieved
618:
591:
577:
565:. Retrieved
560:
551:
541:February 24,
539:. Retrieved
535:
512:February 24,
510:. Retrieved
506:
479:
471:
462:
452:
442:February 24,
440:. Retrieved
436:
412:February 24,
410:. Retrieved
406:
383:February 24,
381:. Retrieved
377:
367:
357:February 24,
355:. Retrieved
351:The Register
349:
328:
323:February 24,
321:. Retrieved
317:the original
294:
287:. Retrieved
283:the original
273:
263:February 24,
261:. Retrieved
226:
215:
203:
194:
185:
177:
165:
156:
146:
130:
126:
119:
115:
95:
84:
67:
41:HTTP cookies
33:Project Zero
21:
20:
15:
2354:NetTraveler
2292:LogicLocker
2200:Hidden Tear
2097:Red October
1956:Dragonblood
1866:EternalBlue
1830:Stagefright
1696:George Hotz
1673:Individuals
1423:CyberBerkut
476:Marc Rogers
212:Remediation
2419:Cloudflare
2393:Categories
2297:Rensenware
2282:BrickerBot
2210:TeslaCrypt
2000:Bad Rabbit
1950:Foreshadow
1854:Cloudbleed
1806:Row hammer
1788:Shellshock
1782:Heartbleed
1770:Evercookie
1746:The Jester
1628:Red Apollo
1588:BlueNorOff
1558:GOSSIPGIRL
1553:Fancy Bear
1543:Elfin Team
1538:DarkMatter
1533:Dark Basin
1518:Bureau 121
1478:Teamp0ison
1403:Hacktivism
1034:DNSChanger
407:TechCrunch
235:References
121:existence.
112:Cloudflare
101:Heartbleed
87:Heartbleed
26:Cloudflare
22:Cloudbleed
2328:VPNFilter
2205:Rombertik
2169:FinFisher
2159:DarkHotel
2123:DarkSeoul
2031:Coreflood
1896:BlueBorne
1848:Dirty COW
1762:disclosed
1760:publicly
1598:NSO Group
1528:Cozy Bear
1468:PayPal 14
1411:Anonymous
1285:SHAttered
1029:DigiNotar
809:NowSecure
200:1Password
107:Reactions
64:Discovery
49:HTTP POST
2369:Titanium
2312:XafeCopy
2307:WannaCry
2236:KeRanger
2164:Duqu 2.0
2149:Carbanak
1968:BlueKeep
1944:SigSpoof
1902:Meltdown
1818:WinShock
1800:Rootpipe
1701:Guccifer
1623:Pranknet
1618:PLATINUM
1592:AndAriel
1503:Advanced
1458:NullCrew
1443:LulzRaft
1343:Trustico
956:Timeline
654:July 13,
619:CNNMoney
567:March 3,
378:WIRED UK
289:June 16,
2266:X-Agent
2256:Pegasus
2139:Brambul
2102:Shamoon
2046:Kelihos
2036:Alureon
2015:Stuxnet
1985:Malware
1938:TLBleed
1920:Exactis
1908:Spectre
1842:Badlock
1776:iSeeYou
1741:Topiary
1473:RedHack
1463:OurMine
1448:LulzSec
784:Gizmodo
536:Gizmodo
486:network
484:TWiT.tv
482:on the
463:Reuters
437:Fortune
182:OKCupid
135:-based
2349:Joanap
2302:Triton
2241:Necurs
2231:Jigsaw
2226:Hitler
2195:Dridex
2154:Careto
2077:Dexter
2010:SpyEye
1976:(2019)
1970:(2019)
1964:(2019)
1958:(2019)
1952:(2018)
1946:(2018)
1940:(2018)
1934:(2018)
1928:(2018)
1922:(2018)
1916:(2018)
1910:(2018)
1904:(2018)
1898:(2017)
1892:(2017)
1886:(2017)
1880:(2017)
1874:(2017)
1868:(2017)
1862:(2017)
1856:(2017)
1850:(2016)
1844:(2016)
1838:(2016)
1832:(2015)
1826:(2015)
1824:JASBUG
1820:(2014)
1814:(2014)
1808:(2014)
1802:(2014)
1796:(2014)
1794:POODLE
1790:(2014)
1784:(2014)
1778:(2013)
1772:(2010)
1755:Major
1736:Track2
1658:xDedic
1488:UGNazi
700:Medium
561:PcSite
507:Forbes
191:Fitbit
137:parser
54:cached
24:was a
2364:Tinba
2251:Mirai
2179:Regin
2092:Mahdi
2087:Flame
2072:Carna
2056:Stars
1974:Kr00k
1914:EFAIL
1884:KRACK
1836:DROWN
961:2020s
951:2000s
141:NGINX
133:Ragel
2359:R2D2
2344:Grum
2337:2019
2321:2018
2287:Kirk
2275:2017
2246:MEMZ
2219:2016
2188:2015
2132:2014
2111:2013
2065:2012
2041:Duqu
2024:2011
1993:2010
1731:Sabu
1483:TDO
1428:GNAA
1362:2019
1336:2018
1278:2017
1212:2016
1171:2015
1125:2014
1089:2013
1063:2012
1017:2011
980:2010
867:2017
841:2017
816:2017
791:2017
765:2017
734:2017
708:2017
682:2023
656:2020
626:2017
569:2017
543:2017
514:2017
444:2017
414:2017
385:2017
359:2017
325:2017
291:2021
265:2017
174:Uber
2082:FBI
1726:MLT
1590:) (
860:Inc
753:CIO
152:CTO
91:TLS
56:by
2395::
858:.
832:.
782:.
751:.
724:.
698:.
672:.
642:.
617:.
605:^
559:.
534:.
522:^
505:.
491:^
461:.
435:.
422:^
405:.
393:^
376:.
348:.
336:^
327:.
302:^
293:.
242:^
72:.
60:.
47:,
43:,
1594:)
1586:(
931:e
924:t
917:v
869:.
843:.
818:.
793:.
767:.
736:.
710:.
684:.
658:.
628:.
599:.
585:.
571:.
545:.
516:.
465:.
446:.
416:.
387:.
361:.
267:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.