Hello, welcome to the Monday, July 20th, 2020 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich.

And then I'm recording from Jacksonville, Florida.

Well, first, a quick update on Cigrette.

And the good news, at least as of me recording this here Sunday evening, is that there is no real

news regarding cigarette, so no new exploits, and actually the news overall has been

dying down a little bit about cigarette. Still pay attention to it, keep patching your

systems if you're not done with it yet.

John Bambenik did publish a quick post with a couple ways how you may be able to detect exploitation.

And on Friday, Cloudflare suffered a significant outage lasting about half an hour and, of course,

with Cloudflare's business being in part DNS.

Some people, of course, immediately pointed to Cigrette, but appears to be totally unrelated.

Cloudflare did publish a very detailed and I think actually a really good blog post about the outage, what exactly happened, and essentially it went back to a router misconfiguration that caused the outage.

The outage wasn't complete, but did affect major parts of Cloudflare's network.

And of course, with so many websites relying on Cloudflare, it did affect a large number

of high traffic websites. The lesson here is that even cloud services go down occasionally and this is not the first time.

So if you are relying on cloud services, then certainly you have to be ready for this.

And of course, once they are down, there isn't really much you can do other than hope that they'll get it fixed pretty soon, which Cloudflare to some extent did.

And pretty regularly, I do talk in this podcast about vulnerabilities in routers,

and particularly in web-based admin interfaces of routers.

So kind of nice, I guess, in some ways to see today's

blog post by Guy who has detected exploitation of one of these router vulnerabilities, so-called

...