Uptick in healthcare organizations experiencing targeted DDoS attacks
February 02, 2023 6:02AM
Over the past few days, Cloudflare, as well as other sources, have observed healthcare organizations targeted by a pro-Russian hacktivist group claiming to be Killnet....
Continue reading »
Cloudflare's handling of a bug in interpreting IPv4-mapped IPv6 addresses
February 02, 2023 1:32PM
Security
Bug Bounty
IPv6
Recently, a vulnerability was reported to our bug bounty about a bug in the way some of our code interprets IPv4 addresses mapped into IPv6 addresses. Read about how Cloudflare addressed this vulnerability and what will prevent similar exploits in the future....
CVE-2022-47929: traffic control noqueue no problem?
January 31, 2023 2:00PM
Linux
Security
Vulnerabilities
CVE
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands....
Towards a global framework for cross-border data flows and privacy protection
January 27, 2023 2:00PM
Data Privacy Day
Privacy
In our third and final blog post leading up to Data Privacy Day, we drill down into the challenges for cross-border data flows, in particular personal data transfers from the EU to the US....
Inside Geo Key Manager v2: re-imagining access control for distributed systems
January 27, 2023 2:00PM
Cryptography
Attribute-Based Encryption
Geo Key Manager
Research
Using the story of Geo Key Manager v2 as an example, let’s re-imagine access control for distributed systems using a variant of public-key cryptography, called attribute-based encryption....
Cyberattacks on Holocaust educational websites increased in 2022
January 27, 2023 2:00PM
Holocaust
Project Galileo
Judeoflare
Israel
Jewish
Today, 78 years after the liberation of the Auschwitz death camp, we mark the International Holocaust Remembrance Day. With Cloudflare’s Project Galileo, we protect Holocaust educational websites and at risk public interest groups. Read more to see how attacks on these groups increased in 2022....
Navigating the changing data localization landscape with Cloudflare’s Data Localization Suite
January 26, 2023 2:00PM
Data Privacy Day
Data Localization
Data Localization Suite
We continue to expand and improve our data localization suite to help support our customers who have to comply with data localization requirements...
Investing in security to protect data privacy
January 25, 2023 3:15PM
Data Privacy Day
Privacy
Security
With Data Privacy Day just a few days away, we think it’s important to focus on all the ways security measures and privacy-enhancing technologies help keep personal data private and why security measures are so much more critical to protecting privacy...
Armed to Boot: an enhancement to Arm's Secure Boot chain
January 25, 2023 2:00PM
Security
Hardware
Encryption
Arm
Cloudflare Network
Enhancing the Arm Secure Boot chain to improve platform security on modern systems....
Cloudflare incident on January 24, 2023
January 25, 2023 3:47AM
Outage
Post Mortem
Several Cloudflare services became unavailable for 121 minutes on January 24th, 2023 due to an error releasing code that manages service tokens. The incident degraded a wide range of Cloudflare products...
Intelligent, automatic restarts for unhealthy Kafka consumers
January 24, 2023 2:00PM
Kafka
Observability
Go
Kubernetes
At Cloudflare, we take steps to ensure we are resilient against failure at all levels of our infrastructure. This includes Kafka, which we use for critical workflows such as sending time-sensitive emails and alerts....
Internet disruptions overview for Q4 2022
January 20, 2023 2:00PM
Cloudflare Radar
Internet Traffic
Outage
Internet Shutdown
In this post, we review selected Internet disruptions observed by Cloudflare during the fourth quarter of 2022, supported by traffic graphs from Cloudflare Radar and other internal Cloudflare tools, and grouped by associated cause or common geography....
Introducing Waiting Room Bypass Rules
January 19, 2023 2:00PM
Waiting Room
Virtual Queue
Rules
Waiting Room Rules
Waiting Room now offers customers more fine-tuned control over what traffic a waiting room covers. Queue only the traffic you want to with Bypass Waiting Room Rules, now available to all Enterprise customers with an Advanced Purchase of Waiting Room....
Three new winners of Project Jengo, and more defeats for the patent troll
January 17, 2023 2:00PM
Jengo
Legal
Patents
Patent Troll
Sable
Announcing three new winners of Project Jengo, and a major case update in our ongoing fight against the patent troll Sable Networks....
A debugging story: corrupt packets in AF_XDP; a kernel bug or user error?
January 16, 2023 1:46PM
Deep Dive
Linux
Networking
Debugging
A race condition in the virtual ethernet driver of the Linux kernel led to occasional packet content corruptions, which resulted in unwanted packet drops by one of our DDoS mitigation systems. This blogpost describes the thought process and technique we used to debug this complex issue....
Cloud CNI privately connects your clouds to Cloudflare
January 13, 2023 2:02PM
CIO Week
Network as a Service
Cloudflare Network Interconnect
CNI
Customers using Google Cloud Platform, Azure, Oracle Cloud, IBM Cloud, and Amazon Web Services can now open direct connections from their private cloud instances into Cloudflare...
CIO Week 2023 recap
January 13, 2023 2:01PM
Product News
CIO Week
Security
Cloudflare One
Cloudflare Zero Trust
Learn about all the new products, partnerships, and innovations Cloudflare announced during CIO Week to help organizations modernize their IT and security....
Cloudflare Zero Trust for managed service providers
January 13, 2023 2:00PM
CIO Week
Cloudflare Gateway
Cloudflare One
Zero Trust
Adding new features to Cloudflare Zero Trust for Managed Service Providers using Gateway DNS....
China Express: Cloudflare partners to boost performance in China for corporate networks
January 13, 2023 2:00PM
CIO Week
Zero Trust
SASE
China
China Network
China Express is a suite of connectivity and performance offerings designed to improve application performance for users in China....
Give us a ping. (Cloudflare) One ping only.
January 13, 2023 2:00PM
CIO Week
Product News
Zero Trust
Private Network
Cloudflare Tunnel
Now Zero Trust administrators can use the familiar debugging tools that we all know and love like ping, traceroute, and MTR to test connectivity to private network destinations running behind their Tunnels...
Cloudflare Application Services for private networks: do more with the tools you already love
January 13, 2023 2:00PM
CIO Week
Cloudflare One
Magic WAN
Network as a Service
Today, we’re excited to announce new integrations that make it possible to unlock operational and cost efficiencies for IT teams by allowing them to do more with fewer tools, and enable new use cases that are impossible without Cloudflare’s “every service everywhere” architecture....
Announcing SCIM support for Cloudflare Access & Gateway
January 12, 2023 2:02PM
CIO Week
Cloudflare Access
Zero Trust
Cloudflare Access & Gateway now support the System for Cross-domain Identity Management (SCIM) protocol....