Security News

Cloudflare wants to put a firewall in front of your LLM
2024-03-05 01:32

Doing so helps to prevent distributed denial of service attacks against the model, or other situations that would overwhelm the LLM with requests and disrupt its ability to process legitimate requests. The firewall can be deployed in front of any LLM, Molteni told The Register.

Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents: What to Know
2024-02-13 11:10

The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in...

Cloudflare Breach: Nation-State Hackers Access Source Code and Internal Docs
2024-02-02 06:21

Cloudflare has revealed that it was the target of a likely nation-state attack in which the threat actor leveraged stolen credentials to gain unauthorized access to its Atlassian server and...

Cloudflare sheds more light on Thanksgiving security breach in which tokens, source code accessed by suspected spies
2024-02-02 01:12

Cloudflare has just detailed how suspected government spies gained access to its internal Atlassian installation using credentials stolen via a security breach at Okta in October. The October Okta security breach involved more than 130 customers of that IT access management biz, in which snoops swiped data from Okta in hope of drilling further into those organizations.

Cloudflare hacked using auth tokens stolen in Okta attack
2024-02-01 20:53

Cloudflare disclosed today that its internal Atlassian server was breached by a 'nation state' attacker who accessed its Confluence wiki, Jira bug database, and Atlassian Bitbucket source code management system."They then returned on November 22 and established persistent access to our Atlassian server using ScriptRunner for Jira, gained access to our source code management system, and tried, unsuccessfully, to access a console server that had access to the data center that Cloudflare had not yet put into production in São Paulo, Brazil," Cloudflare said.

Cloudflare website downed by DDoS attack claimed by Anonymous Sudan
2023-11-09 21:25

Update November 09, 17:19 EST: A threat group known as Anonymous Sudan claimed that they were the ones who took down Cloudflare's website in a distributed denial-of-service attack. Cloudflare confirmed that the outage resulted from a DDoS attack that only affected the www.

Cloudflare website down, showing ‘We’re sorry’ Google errors
2023-11-09 21:25

"Cloudflare is investigating an ongoing outage causing 'We're sorry" Google errors to be shown on the company's website. The message on Cloudflare's website also contains a Google logo with a font face that doesn't match the current design and looks "a little off," as Cloudflare's Head of Organic Social Ryan Knight said.

Cloudflare Dashboard and APIs down after data center power outage
2023-11-02 16:13

An ongoing Cloudflare outage has taken down many of its products, including the company's dashboard and related application programming interfaces customers use to manage and read service configurations. The complete list of services whose functionality is wholly or partially impacted includes the Cloudflare dashboard, the Cloudflare API, Logpush, WARP / Zero Trust device posture, Stream API, Workers API, and the Alert Notification System.

Cloudflare sees surge in hyper-volumetric HTTP DDoS attacks
2023-10-26 13:00

Cloudflare says the number of hyper-volumetric HTTP DDoS attacks recorded in the third quarter of 2023 surpasses every previous year, indicating that the threat landscape has entered a new chapter. A Cloudflare report shared with BleepingComputer reveals that, during Q3 2023, the internet company mitigated thousands of hyper volumetric HTTP DDoS attacks.

New DDoS Attack is Record Breaking: HTTP/2 Rapid Reset Zero-Day Reported by Google, AWS & Cloudflare
2023-10-11 13:40

Find out what security teams should do now, and hear what Cloudflare's CEO has to say about this DDoS. Google, AWS and Cloudflare have reported the exploitation of a zero-day vulnerability named HTTP/2 Rapid Reset and tracked as CVE-2023-44487, which is currently used in the wild to run the largest Distributed Denial of Service attack campaigns ever seen. The HTTP/2 Rapid Reset attack works by leveraging HTTP/2's stream cancellation feature: The attacker sends a request and cancels it immediately.