GoDaddy looses 1.2 million user information

November 24, 2021
  • If you are listening to this and have an interest in Cloud Security, you probably have heard of Cloud Security Alliance (CSA) and their Security Trust Assurance and Risk (STAR) Registry. CSA is an organization that is dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment and the STAR registry launched about 10 years ago is a publicly accessible listing which documents the security and privacy controls provided by popular cloud computing offerings. CSA recently announced that they have now had 1500 Cloud services evaluated across to the STAR registry principles. According to CSA, by publishing to the registry organizations can show current and potential customers their security and compliance posture which may prevent the need for them to complete multiple security questionnaires. You can find more information about CSA and STAR registry here
  • Security researcher David Schütz has found that an internal Google Cloud project Discovery Documents exposed an internal Job API which gave access to a Google App Engine hosted proxy with an access token to call Google Internal APIs. This makes the App Engine proxy  susceptible to Server Side Request Forgery (SSRF) attacks which could allow attackers to access sensitive information and/ or run malicious code. Schütz was rewarded a $4,133 bounty by the Google Vulnerability Rewards Program for this discovery. Google has now fixed this bug. You can read more about this here and the Schütz has documented his discovery here
  • Palo Alto Networks – a well known cybersecurity Vendor – Their Chairman and CEO Nikesh Arora told investors that they are  “18-to-24 months ahead from a competitive platform perspective”. According to Arora, Palo Alto has more cloud security annual recurring revenue (ARR) in a single quarter than its rivals and also has more engineers building cloud security capability than all the other startups in the space combined. In response a few of the other popular and highly valued cybersecurity vendors responded
  • Orca Security CEO Avi Shua stated  “Palo Alto Networks has every right to be concerned as customers abandon Prisma Cloud in droves to much more capable platforms like Orca Security”
  • A Wiz spokesperson told CRN in a statement, “We admire the business Palo Alto Networks has built and are flattered they‘re developing capabilities based on our technology.” and a  Lacework spokesperson told CRN that their technology was built in the cloud for the cloud from day one “The cloud security market is undergoing massive change, which is ultimately a good thing for customers.” There a few exciting players in the Cloud Security Market right now and you can read more about this here 

You can also find more about Palo Alto, Orca Security, Wiz and Lacework on the links

  • We have previously covered Orca Security and Lacework in our previous episodes so I do encourage you to check those out to learn about them and the recent funding wins they have had. Speaking of which Lacework, they have recently raised $1.3 billion in fresh capital at a valuation of $8.3 billion, making this one of the largest venture funding rounds of the year in the United States. Nasdaq covered a bit more about this here. In comparison Orca Security raised  $550 million in Series C funding to raise their valuation to $1.8 Billion and Wiz raised $250 million on a $6 billion valuation
  • Clubhouse, an audio based chatroom launched in 2020 which gained popularity during the pandemic has launched a BugBounty program on HackerOne. The scope of the Bounty includes their API and websites. The program has upto $3000 on offer for any critical vulnerabilities reported. You can find more about the program here
  • If you have use GoDaddy to host the DNS of your cloud hosted websites and applications, this may impact you. Using a compromised password, an  unauthorised third party has managed to infiltrate GoDaddy’s systems affecting atleast 1.2 million users. Along with usernames, passwords and emails, the attackers also gained access to SSL private keys for a subset of users. GoDaddy is in the ​​process of issuing and installing new certificates for affected customers. We have linked their statement here

Recommend a topic

Partner with us

Join the team

Enjoying our content? Don't forget to subscribe!