The news of the week is recapped, including the fallout around CloudBleed, the CloudPets breach, and a Slack token bug. The life of Howard Schmidt is also remembered.
Tag Archives: CloudFlare
Cloudbleed Triggered 1.2M Times, Damage Kept to Minimum
Cloudflare said it could not find evidence of malicious exploitation of the Cloudbleed vulnerability, even though the bug was triggered 1.2 million times.
Cloudflare, Cloudbleed – or 3,400 reasons of shit happens
Over the course of the last six months, Cloudflare bled a lot of sensitive data. The reason? A bug in its HTML-Parser that in the end impacted millions of websites. Beside other things, they offer DDoS protection and a CDN service. Due to the massiv amount of affected websites its a rather important issue and it’s […]
The post Cloudflare, Cloudbleed – or 3,400 reasons of shit happens appeared first on Avira Blog.
Serious Bug Exposes Sensitive Data From Millions Sites Sitting Behind CloudFlare
A severe security vulnerability has been discovered in the CloudFlare content delivery network that has caused big-name websites to expose private session keys and other sensitive data.
CloudFlare, a content delivery network (CDN) and web security provider that helps optimize safety and performance of over 5.5 Million websites on the Internet, is warning its customers of the critical bug that
Mozilla Turning TLS 1.3 On By Default With Firefox 52
Martin Thomson, a Principle Engineer at Mozilla confirmed TLS 1.3 will be turned on by default in Firefox 52.
IoT Botnet Uses HTTP Traffic to DDoS Targets
The IoT botnet behind the some of the largest publicly recorded DDoS attacks is flooding its targets with HTTP traffic in Layer 7 attacks.
Empty DDoS Threats Still Net Attackers $100,000
A group posing as the Armada Collective is threatening businesses with large-scale DDoS attacks without carrying out the attacks. So far, they’ve been paid more than $100,000.
JavaScript DDoS Attack Peaks at 275,000 Requests-Per-Second
CloudFlare reports a massive JavaScript-based DDoS attack against one its customers, likely carried out by unsuspecting mobile browsers served a malicious ad.
CloudFlare Transparency Report Shows Spike in Court Orders
In its latest transparency report, CloudFlare says that the number of subpoenas it has received has remained steady since last year, but the volume of court orders has more than doubled since the second half of last year. While much of the data from CloudFlare’s report for the first half of 2015 closely mirrors the […]
CloudFlare Aims to Defeat Massive DDoS Attacks with Virtual DNS
DDoS attacks have been a persistent problem for the the better part of 20 years, and as ISPs and enterprises have adjusted their defenses, attackers have adapted their tactics. One of the more effective tools in the attackers’ arsenal now is the use of botnets to generate massive numbers of DNS queries for a target […]