Pasha Kravtsov - The Cloudflare Blog

March 29, 2018 5:10AM

Cloudflare is adding Drupal WAF Rule to Mitigate Critical Drupal Exploit

WAF Rules Drupal Attacks Vulnerabilities WAF

Drupal has recently announced an update to fix a critical remote code execution exploit (SA-CORE-2018-002/CVE-2018-7600). This patch is to disallow forms and form fields from starting with the “#” character....

Pasha Kravtsov

December 17, 2015 6:05PM

A Different Kind of POP: The Joomla Unserialize Vulnerability

Vulnerabilities joomla Programming

At CloudFlare, we spend a lot of time talking about the PoPs (Points of Presence) we have around the globe, however, on December 14th, another kind of POP came to the world: a vulnerability being exploited in the wild against Joomla’s Content Management System....

Pasha Kravtsov

October 16, 2015 6:14PM

A Look at the New WordPress Brute Force Amplification Attack

WordPress php Attacks Reliability

Recently, a new brute force attack method for WordPress instances was identified by Sucuri. This latest technique allows attackers to try a large number of WordPress username and password login combinations in a single HTTP request....

Pasha Kravtsov