2||0|1322|0|
0|0|0|||1||Security issue %28Cloudflare%29|Terminus Est||05:48:14|02/24/2017|[updated:LAST EDITED ON Feb-24-17 AT 05:49&nbsp;AM (EST)]Apparently there has been a %5Bi%5Dmassive%5B%2Fi%5D security flaw discovered in Cloudflare%2C which affects every site that touches it.  It%27s been recommended that all passwords and security questions be changed... pretty much everywhere%2C but especially places that house personal info like banks.  Two-factor authentication %28usually via mobile device%2C but some things %28like MMOs%29 use physical security tokens%29 is being strongly recommended where available.%0D%0A%0D%0AMore info available %5Blink%3Agithub.com%2Fpirate%2Fsites-using-cloudflare%7Chere%5D.%0D%0A%0D%0AEdited to add%3A  The Discord chat service is specifically mentioned.  Dunno if anyone here uses it.
1|1|0|||1||RE%3A Security issue %28Cloudflare%29|Pasha||13:41:41|02/24/2017|%3EApparently there has been a %5Bi%5Dmassive%5B%2Fi%5D security flaw discovered in %0D%0A%3ECloudflare%2C which affects every site that touches it.  It%27s been %0D%0A%3Erecommended that all passwords and security questions be changed... %0D%0A%3Epretty much everywhere%2C but especially places that house personal info %0D%0A%3Elike banks.  Two-factor authentication %28usually via mobile device%2C but %0D%0A%3Esome things %28like MMOs%29 use physical security tokens%29 is being %0D%0A%3Estrongly recommended where available. %0D%0A%3E%0D%0A%3EMore info available %0D%0A%3E%5Blink%3Agithub.com%2Fpirate%2Fsites-using-cloudflare%7Chere%5D. %0D%0A%3E%0D%0A%3EEdited to add%3A  The Discord chat service is specifically mentioned.  %0D%0A%3EDunno if anyone here uses it. %0D%0A%0D%0AAuthy is also a scary one.  We%27ve been %22oh fuck fuck fuck%22 about this here at work since the news broke.%0D%0A%0D%0A-- %0D%0A-Pasha%0D%0A%22Don%27t change the subject%22%0D%0A%22Too slow%2C already did.%22
2|1|0|||||RE%3A Security issue %28Cloudflare%29|MuninsFire||14:08:04|02/24/2017|Yeah%2C this one%27s been a bit of a giggle for those of us in the infosec field. The nature of the issue is very similar to that %27Heartbleed%27 TLS issue from a couple years ago. %0D%0A%0D%0AI%27m going to have to redo a couple creds - digital ocean%27s front end was affected - but it looks like I got out of this fairly light.%0D%0A%0D%0AFriend of mine noted that events like this are a great way for you to audit what stale accounts you might have laying around that you didn%27t realize were still active.