Security News
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the...
The threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop. The activity is part of an...
Cloudflare's 'pages.dev' and 'workers.dev' domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for phishing and other...
Internet security giant Cloudflare announced that it lost 55% of all logs pushed to customers over a 3.5-hour period due to a bug in the log collection service on November 14, 2024. [...]
Cloudflare has revealed that it successfully mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds. This attack was part of a larger wave of over one hundred hyper-volumetric Layer 3/4 DDoS attacks throughout the month. Many of these attacks exceeded 2 billion packets per second (Bpps) and 3 Tbps, showcasing the increasing scale and intensity of such threats. The attacks, which have been ongoing since early September 2024, primarily targeted customers in the financial services, Internet, and telecommunications industries.Cloudflare has not attributed these attacks to any specific threat actor. However, the scale of the attacks underlines the growing sophistication of cybercriminals, who continue to exploit vulnerabilities in global digital infrastructure. The company emphasized that these hyper-volumetric attacks focus on overwhelming network layers responsible for packet transmission and reception (L3/4).
During a distributed denial-of-service campaign targeting organizations in the financial services, internet, and telecommunications sectors, volumetric attacks peaked at 3.8 terabits per second,...
An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web...
A rolling Cloudflare outage is impacting access to web sites worldwide, including BleepingComputer, with sites working in some regions and not others. [...]
"A key element of their strategy was using direct syscalls to bypass security monitoring tools, decrypting layers of shellcode, and deploying the Early Bird APC queue injection to stealthily execute code and evade detection effectively." The exploitation of TryCloudflare for malicious ends was first recorded last year, when Sysdig uncovered a cryptojacking and proxyjacking campaign dubbed LABRAT that weaponized a now-patched critical flaw in GitLab to infiltrate targets and obscure their command-and-control servers using Cloudflare tunnels.
Distributed Denial of Service attacks continue to be cybercriminals' weapon of choice, making up over 37% of all mitigated traffic. In the first quarter of 2024 alone, Cloudflare blocked 4.5 million unique DDoS attacks.