Welcome back to ‘This Week in Getting Hacked’—the world’s greatest cybersecurity-related link dump! Each week, we bring you the best news stories from the cybersecurity field, letting you know who’s getting hacked, who’s hacking, what data is leaking, and about what you should take with caution. So strap in, change your password, and let’s find out who’s getting hacked this week!
On to the links…
Cloudflare, the popular Internet security company, has been leaking data all over the web for your favorite sites like Uber, OkCuper, FitBit and more. This has been happening for months, apparently, but Cloudflare was only notified recently when a researcher from Google found the vulnerability.
The TL;DR of this issue is that the Cloudflare software used up all of its storage for user data, and attempted to place it somewhere else, and that presented a vulnerability of that data. That happened everywhere. Run for the hills.
You can check out Cloudflare’s official statement on their blog here. Check out this choice quote:
“Unfortunately, it was the ancient piece of software that contained a latent security problem and that problem only showed up as we were in the process of migrating away from it. Our internal infosec team is now undertaking a project to fuzz older software looking for potential other security problems.”
Who will protect our skies from intrusive drones? EAGLES. FRENCH EAGLES. FRENCH EAGLES BORN ON TOP OF DRONES.
Frank Abagnale, the former conman-turned-security expert who was portrayed by Leonardo DiCaprio in Catch Me If You Can while looking like this:
…says that data breaches in the medical industry are far more valuable than the standard data grab that most hackers get. By gathering medical info, your identity can be stolen and insurance claims can be made in your name with no intention of paying them off, leaving you without recourse and hounded by debt collectors.
As a man who somehow convinced people that he was a doctor—and that Leonardo DiCaprio looked like him—Abagnale said that the biggest issue is social engineering and the way humans can be manipulated into giving up information.
The Electronic Frontier Foundation (EFF) says that we’re halfway to encrypting the entire web. Half of all Internet traffic is now encrypted with HTTPS, which makes everyone safer. If only we could lock down that Geocities page you made about pro wrestling back in 1998. Don’t look at me like that.
A server associated with campaign donations for President Trump was hacked by an Iraqi actor known as Pro_Mast3r. You may remember President Trump’s campaign, where he railed against Hillary Clinton’s use of a private email server for state business.
That’s it for this week! See you next time!