Cyberattacks since the murder of George Floyd
June 02, 2020 8:12 PM
As we’ve often seen in the past, real world protest and violence is usually accompanied by attacks on the Internet. This past week has been no exception. ...
DDoS attacks have evolved, and so should your DDoS protection
April 30, 2020 3:26 PM
Building a modern DDoS solution that is truly effective in thwarting ever-evolving DDoS attacks, to protect all of our customers has been a core tenet for us - enabling us to be an industry leader....
Cloudflare response to CPDoS exploits
October 24, 2019 5:27 PM
Three vulnerabilities were disclosed as Cache Poisoning Denial of Service attacks in a paper written by Hoai Viet Nguyen, Luigi Lo Iacono, and Hannes Federrath of TH Köln - University of Applied Sciences. These attacks are similar to the cache poisoning attacks presented last year at DEFCON....
Who DDoS'd Austin?
October 24, 2019 1:00 PM
It was a scorching Monday on July 22 as temperatures soared above 37°C (99°F) in Austin, TX, the live music capital of the world. Only hours earlier, the last crowds dispersed from the historic East 6th Street entertainment district. ...
Protecting Project Galileo websites from HTTP attacks
June 13, 2019 1:00 PM
Yesterday, we celebrated the fifth anniversary of Project Galileo. More than 550 websites are part of this program, and they have something in common: each and every one of them has been subject to attacks in the last month....
MORE POSTS
February 20, 2019 3:14 PM
Stop the Bots: Practical Lessons in Machine Learning
Bot-powered credential stuffing is a scourge on the modern Internet. These attacks attempt to log into and take over a user’s account by assaulting password forms with a barrage of dictionary words and previously stolen account credentials....
- By
November 28, 2018 7:59 PM
L4Drop: XDP DDoS Mitigations
Efficient packet dropping is a key part of Cloudflare’s distributed denial of service (DDoS) attack mitigations. In this post, we introduce a new tool in our packet dropping arsenal: L4Drop....
- By
November 12, 2018 11:27 AM
The rise of multivector DDoS attacks
It's been a while since we last wrote about Layer 3/4 DDoS attacks on this blog. This is a good news - we've been quietly handling the daily onslaught of DDoS attacks. Since our last write-up, a handful of interesting L3/4 attacks have happened. Let's review them....
- By
September 08, 2018 3:00 PM
Website Security Myths
Some conversations are easy; some are difficult. Some are harmonious and some are laborious. But when it comes to website security, the conversation is confusing. Every organisation agrees, in theory, that their websites need to be secure....
- By
September 05, 2018 2:58 PM
Protection from Struts Remote Code Execution Vulnerability (S2-057)
On August 22 a new vulnerability in the Apache Struts framework was announced. We quickly deployed a mitigation to protect customers....
- By
July 06, 2018 1:00 PM
How to drop 10 million packets per second
Internally our DDoS mitigation team is sometimes called "the packet droppers". When other teams build exciting products to do smart things with the traffic that passed through our network, we take joy in discovering novel ways of discarding it....
- By
May 21, 2018 8:41 PM
Rate Limiting: Delivering more rules, and greater control
With more and more platforms taking the necessary precautions against DDoS attacks like integrating DDoS mitigation services and increasing bandwidth at weak points, Layer 3 and 4 attacks are just not as effective anymore. ...
- By
March 29, 2018 4:10 AM
Cloudflare is adding Drupal WAF Rule to Mitigate Critical Drupal Exploit
Drupal has recently announced an update to fix a critical remote code execution exploit (SA-CORE-2018-002/CVE-2018-7600). This patch is to disallow forms and form fields from starting with the “#” character....
- By
March 06, 2018 3:46 PM
The real cause of large DDoS - IP Spoofing
A week ago we published a story about new amplification attacks using memcached protocol on UDP port 11211. A few things happened since then: Github announced it was a target of 1.3Tbps memcached attack. OVH and Arbor reported similar large attacks with the peak reported at 1.7Tb...
- By
February 27, 2018 2:38 PM
Memcrashed - Major amplification attacks from UDP port 11211
Over last couple of days we've seen a big increase in an obscure amplification attack vector - using the memcached protocol, coming from UDP port 11211. In the past, we have talked a lot about amplification attacks happening on the internet. ...
- By
February 16, 2018 10:30 PM
Keeping our users safe
To everyone in Cloudflare, account security is one of our most important tasks. We recognize that to every customer on our platform, we are critical infrastructure. We also know that the simplest attacks often lead to the most devastating of outcomes. ...
- By
January 19, 2018 5:38 PM
Web Cache Deception Attack revisited
In April, we wrote about Web Cache Deception attacks, and how our customers can avoid them using origin configuration. Since our previous blog post, we have looked for but have not seen any large scale attacks like this in the wild....
- By
December 21, 2017 2:01 PM
2018 and the Internet: our predictions
At the end of 2016, I wrote a blog post with seven predictions for 2017. Let’s start by reviewing how I did. I’ll score myself with two points for being correct, one point for mostly right and zero for wrong. That’ll give me a maximum possible score of fourteen. Here goes......
- By
December 14, 2017 7:41 PM
Inside the infamous Mirai IoT Botnet: A Retrospective Analysis
This post provides a retrospective analysis of Mirai — the infamous Internet-of-Things botnet that took down major websites via massive distributed denial-of-service using hundreds of thousands of compromised Internet-Of-Things devices....
- By