Security News

Hackers gained access to live surveillance cameras installed at Tesla, Equinox, healthcare clinics, jails, and banks, including the Bank of Utah. In addition to images captured from the cameras, the hacker also shared screenshots of their ability to gain root shell access to the surveillance systems used by Cloudflare and at Telsa HQ. According to Tillie Kottmann, a reverse engineer for the group of hackers, they gained access to these surveillance systems using a super admin account for Verkada, a surveillance company who works with all of these organizations.

These include an updated secure DNS service that hides the identity of the client, a password protocol that means a password is never transmitted to the server, and an encrypted "Client hello" that does not leak server names. Peek, poke, now PAKE. Third up is OPAQUE password, the name being, it seems, some sort of pun on Oblivious Pseudo-Random Function combined with Password Authenticated Key Exchange.

Cloudflare released Data Localization Suite to give businesses across the globe tools to address their data locality, privacy, and compliance needs. With Data Localization Suite, businesses can use Cloudflare's global cloud network to control where their data goes and who has access to it - no matter what countries they operate in, their industry, or their specific data protection obligations.

Cloudflare released Cloudflare One, a comprehensive, cloud-based network-as-a-service solution for your workforce. Cloudflare One uses that same network scale to give businesses multiple on-ramps to the public internet from offices, to data centers, to employees in-the-field, and connects traffic to Cloudflare's comprehensive zero trust solution.

Cloudflare on Monday announced the launch of a new zero trust platform that can help organizations address the networing and security challenges associated with an increasingly remote workforce. According to the company, the Cloudflare One platform provides a set of tools that allows users to safely and quickly connect to work applications, it enables remote workers to use the same app without the need to expose it to the public internet, and it makes personal devices more secure for business use.

Cloudflare now allows paid customers to create notifications that warn them when their sites are under a DDoS attack. Cloudflare has always offered DDoS protection as one of its core offerings, but unless a site owner or administrator were actively using their site or using monitoring tools, they would not know that their service was under attack until it was too late.

By partnering with the Internet Archive, Cloudflare is strengthening its Always Online solution that makes sites available when their origin servers are down and keeps the Internet functioning for users globally. To do this, the Internet Archive uses the same crawling infrastructure that has allowed its Wayback Machine to archive over 465 billion web pages to date.

Cloudflare announced the release of Cloudflare Workers Unbound, offering a serverless platform for developers with unparalleled flexibility, performance, security, ease of use, and pricing. "Cloudflare Workers Unbound is the most compelling serverless platform available," said Matthew Prince, co-founder and CEO of Cloudflare.

Cloudflare, the security, performance, and reliability company helping to build a better Internet, announced that Tokyo, Japan, is the home of its newest Asia-Pacific office. Cloudflare first invested in Japan nearly a decade ago, expanding its network into Tokyo in 2010, just months after launching.

Cloudflare is nixing Google's reCAPTCHA tool and replacing it with what the network services company's CEO calls "a better CAPTCHA" service, hCaptcha. Cloudflare said the main driver for the swap was that Google is now charging for use of its reCAPTCHA tool - but customer privacy and availability were other factors.