Security News

UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App
2024-12-19 08:40

The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the...

Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware
2024-12-06 07:03

The threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop. The activity is part of an...

Cloudflare’s developer domains increasingly abused by threat actors
2024-12-03 21:00

Cloudflare's 'pages.dev' and 'workers.dev' domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for phishing and other...

Cloudflare says it lost 55% of logs pushed to customers for 3.5 hours
2024-11-27 16:15

Internet security giant Cloudflare announced that it lost 55% of all logs pushed to customers over a 3.5-hour period due to a bug in the log collection service on November 14, 2024. [...]

Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors
2024-10-04 09:50

Cloudflare has revealed that it successfully mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds. This attack was part of a larger wave of over one hundred hyper-volumetric Layer 3/4 DDoS attacks throughout the month. Many of these attacks exceeded 2 billion packets per second (Bpps) and 3 Tbps, showcasing the increasing scale and intensity of such threats. The attacks, which have been ongoing since early September 2024, primarily targeted customers in the financial services, Internet, and telecommunications industries.Cloudflare has not attributed these attacks to any specific threat actor. However, the scale of the attacks underlines the growing sophistication of cybercriminals, who continue to exploit vulnerabilities in global digital infrastructure. The company emphasized that these hyper-volumetric attacks focus on overwhelming network layers responsible for packet transmission and reception (L3/4).

Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps
2024-10-03 16:11

During a distributed denial-of-service campaign targeting organizations in the financial services, internet, and telecommunications sectors, volumetric attacks peaked at 3.8 terabits per second,...

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities
2024-09-26 06:18

An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web...

Cloudflare outage cuts off access to websites in some regions
2024-09-17 18:52

A rolling Cloudflare outage is impacting access to web sites worldwide, including BleepingComputer, with sites working in some regions and not others. [...]

Cybercriminals Abusing Cloudflare Tunnels to Evade Detection and Spread Malware
2024-08-02 07:02

"A key element of their strategy was using direct syscalls to bypass security monitoring tools, decrypting layers of shellcode, and deploying the Early Bird APC queue injection to stealthily execute code and evade detection effectively." The exploitation of TryCloudflare for malicious ends was first recorded last year, when Sysdig uncovered a cryptojacking and proxyjacking campaign dubbed LABRAT that weaponized a now-patched critical flaw in GitLab to infiltrate targets and obscure their command-and-control servers using Cloudflare tunnels.

Cloudflare Reports that Almost 7% of All Internet Traffic Is Malicious
2024-07-17 16:03

Distributed Denial of Service attacks continue to be cybercriminals' weapon of choice, making up over 37% of all mitigated traffic. In the first quarter of 2024 alone, Cloudflare blocked 4.5 million unique DDoS attacks.