Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
ioc.exchange is one of the many independent Mastodon servers you can use to participate in the fediverse.
INDICATORS OF COMPROMISE (IOC) InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.

Administered by:

Server stats:

1.6K
active users

ioc.exchange: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.4

Public *
Robert [KJ5ELX] :donor:

So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.

Let me put the important words in uppercase.

So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.

[Edit with H/T: benjojo.co.uk/u/benjojo/h/cR4d]

blog.cloudflare.com/password-r

benjojo.co.ukbenjojo:It feels quite uncomfortable that cloudflare is somewhat openly admitting to analysing login credentials that are going through the reverse proxy, and providing...
#cloudflare#password#cybersecurity
Stefan Beyer

@0xF21D Are you aware that this is a feature that you need to enable? In other words: yes, they do that if you allow them to.

Cloudflare Dashboard: Security -> Settings Incoming traffic detections These detections find malicious or potentially malicious activity in your web traffic, so you can tune your WAF rules to mitigate threats and reduce false positives. Review detection findings under Security Analytics. Leaked credentials Checks databases of stolen credentials for popular CMS applications and generic authentication patterns. Leaked credentials header status: Disabled
Mar 18, 2025, 12:24 PM·Public·Web
1boost·1favorite
Public
Robert [KJ5ELX] :donor:

@sbeyer please see my followup: infosec.exchange/@0xF21D/11418

Infosec ExchangeRobert [KJ5ELX] :donor: (@0xF21D@infosec.exchange)Recently I boosted a couple of links about cloudflare doing some sort of password re-use analysis on passwords they saw through their WAF. This was not a technical post. It was a call to attention. Some of the responses I got suggested that my post was misleading or blowing this way out of proportion. I assure you that neither of these are true. Don't focus so much on the idea that #cloudflare has access to passwords that come through their systems. In better times I'd welcome such an effort. At least they didn't chastize someone who really loved a silly movie, like Netflix did long ago. Instead, focus on the fact that they are a company based in the United States meaning they are subject to the whim of a fascist regime that is proving it doesn't care about the letter of the law. I'm not concerned about my password security for the sites that transit their service. I am a cishet middle class white male. I'm pretty low on the target list. *** I AM concerned about the password security for at risk populations who access sites crucial for them, that transit through cloudflare. I'm concerned about the LGBTQIA+ population in the United States. I'm concerned about pregnant women. I'm concerned about Jews, and Muslims, and Bhuddists, and everyone else who doesn't fit into the narrow worldview of the fascist reich that is the republican party and their bootlickers. The FBI, Justice Department, State Department, etc no longer serve the american people. They serve an emperor. This is a time of great danger any website or service that attracts at risk populations should seriously consider if using some of cloudflare's features is worth it, or if they should take their business elsewhere. #ally #uspol
Public
Stefan Beyer

@0xF21D I fully understand, I am with you, but: that is a different matter! Trusting companies from the US seems a bit of a stretch to me, too, given the times we are in.

ExploreLive feeds
About