Security News
A rolling Cloudflare outage is impacting access to web sites worldwide, including BleepingComputer, with sites working in some regions and not others. [...]
"A key element of their strategy was using direct syscalls to bypass security monitoring tools, decrypting layers of shellcode, and deploying the Early Bird APC queue injection to stealthily execute code and evade detection effectively." The exploitation of TryCloudflare for malicious ends was first recorded last year, when Sysdig uncovered a cryptojacking and proxyjacking campaign dubbed LABRAT that weaponized a now-patched critical flaw in GitLab to infiltrate targets and obscure their command-and-control servers using Cloudflare tunnels.
Distributed Denial of Service attacks continue to be cybercriminals' weapon of choice, making up over 37% of all mitigated traffic. In the first quarter of 2024 alone, Cloudflare blocked 4.5 million unique DDoS attacks.
Internet giant Cloudflare reports that its DNS resolver service, 1.1.1.1, was recently unreachable or degraded for some of its customers because of a combination of Border Gateway Protocol hijacking and a route leak. The incident occurred last week and affected 300 networks in 70 countries.
Further, to keep the internet safe, Cloudflare is automatically replacing polyfill.io links with a safe mirror on websites that use Cloudflare protection. Cloudflare has criticized Polyfill.io's unauthorized usage of its name and logo as it could mislead users into believing that the illicit website is endorsed by Cloudflare.
Cybersecurity researchers are alerting of phishing campaigns that abuse Cloudflare Workers to serve phishing sites that are used to harvest users' credentials associated with Microsoft, Gmail,...
Latrodectus malware is now being distributed in phishing campaigns using Microsoft Azure and Cloudflare lures to appear legitimate while making it harder for email security platforms to detect the emails as malicious. Latrodectus is an increasingly distributed Windows malware downloader first discovered by Walmart's security team and later analyzed by ProofPoint and Team Cymru that acts as a backdoor, downloading additional EXE and DLL payloads or executing commands.
Doing so helps to prevent distributed denial of service attacks against the model, or other situations that would overwhelm the LLM with requests and disrupt its ability to process legitimate requests. The firewall can be deployed in front of any LLM, Molteni told The Register.
The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in...
Cloudflare has revealed that it was the target of a likely nation-state attack in which the threat actor leveraged stolen credentials to gain unauthorized access to its Atlassian server and...