2017 and the Internet: our predictions
December 30, 2016 2:34 PM
Looking back over 2016, we saw the good and bad that comes with widespread use and abuse of the Internet. ...
TLD glue sticks around too long
December 05, 2016 1:54 PM
Recent headline grabbing DDoS attacks provoked heated debates in the DNS community. Everyone has strong opinions on how to harden DNS to avoid downtime in the future. Is it better to use a single DNS provider or multiple? ...
The Daily DDoS: Ten Days of Massive Attacks
December 02, 2016 1:21 PM
Back in March my colleague Marek wrote about a Winter of Whopping Weekend DDoS Attacks where we were seeing 400Gbps attacks occurring mostly at the weekends. We speculated that attackers were busy with something else during the week....
The Internet is Hostile: Building a More Resilient Network
November 08, 2016 6:56 PM
The strength of the Internet is its ability to interconnect all sorts of networks — big data centers, e-commerce websites at small hosting companies, Internet Service Providers (ISP), and Content Delivery Networks (CDN) — just to name a few. ...
How the Dyn outage affected Cloudflare
October 27, 2016 12:10 PM
Last Friday the popular DNS service Dyn suffered three waves of DDoS attacks that affected users first on the East Coast of the US, and later users worldwide. ...
MORE POSTS
October 21, 2016 6:22 PM
Dyn issues affecting joint customers
Today there is an ongoing, large scale Denial-of-Service attack directed against Dyn DNS. While Cloudflare services are operating normally, if you are using both Cloudflare and Dyn services, your website may be affected....
- By
October 11, 2016 12:59 PM
Say Cheese: a snapshot of the massive DDoS attacks coming from IoT cameras
Over the last few weeks we've seen DDoS attacks hitting our systems that show that attackers have switched to new, large methods of bringing down web applications....
- By
August 25, 2016 2:18 PM
How the Consumer Product Safety Commission is (Inadvertently) Behind the Internet’s Largest DDoS Attacks
The mission of the United State's Government's Consumer Product Safety Commission (CPSC) is to protect consumers from injury by products. ...
- By
July 18, 2016 3:26 PM
CloudFlare sites protected from httpoxy
We have rolled out automatic protection for all customers for the the newly announced vulnerability called httpoxy....
- By
April 29, 2016 11:21 PM
Lizard Squad Ransom Threats: New Name, Same Faux Armada Collective M.O.
CloudFlare recently wrote about the group of cyber criminals claiming to be be the "Armada Collective." In that article, we stressed that this group had not followed through on any of the ransom threats they had made. ...
- By
April 25, 2016 12:39 PM
Empty DDoS Threats: Meet the Armada Collective
Beginning in March 2016, we began hearing reports of a gang of cybercriminals once again calling themselves the Armada Collective. The calling card of the gang was an extortion email sent to a wide variety of online businesses threatening to launch DDoS attacks if they weren't pa...
- By
April 13, 2016 4:59 PM
New for Virtual DNS Customers: Self-Service Dashboard and APIs, and Two New Features
Today we're launching two new features and a brand new dashboard and API for Virtual DNS. Virtual DNS is CloudFlare’s DNS proxy that sits in front of some of the largest hosting providers in the world, shielding their DNS infrastructure from attacks....
- By
April 13, 2016 12:39 PM
What happened next: the deprecation of ANY
Almost a year ago, we announced that we were going to stop answering DNS ANY queries. We were prompted by a number of factors: The lack of legitimate ANY use. The abundance of malicious ANY use. The constant use of ANY queries in large DNS amplification DDoS attacks....
- By
March 04, 2016 6:02 PM
A Deep Dive Into DNS Packet Sizes: Why Smaller Packet Sizes Keep The Internet Safe
One way that attackers DDoS websites is by repeatedly doing DNS lookups that have small queries, but large answers. The attackers spoof their IP address so that the DNS answers are sent to the server they are attacking, this is called a reflection attack....
- By
March 03, 2016 2:32 AM
400Gbps: Winter of Whopping Weekend DDoS Attacks
Over the last month, we’ve been watching some of the largest distributed denial of service (DDoS) attacks ever seen unfold. As CloudFlare has grown we've brought on line systems capable of absorbing and accurately measuring attacks....
- By
March 01, 2016 1:45 PM
Staying afloat: the DROWN Attack and CloudFlare
CloudFlare customers are automatically protected against the recently disclosed DROWN Attack. We do not have SSLv2 enabled on our servers....
- By
January 21, 2016 2:05 PM
Preventing Malicious Request Loops
The web is an collaborative ecosystem. Web standards exist to ensure that participants of the network behave in a predictable way....
- By
October 16, 2015 5:14 PM
A Look at the New WordPress Brute Force Amplification Attack
Recently, a new brute force attack method for WordPress instances was identified by Sucuri. This latest technique allows attackers to try a large number of WordPress username and password login combinations in a single HTTP request....
- By
September 25, 2015 4:01 PM
Mobile Ad Networks as DDoS Vectors: A Case Study
CloudFlare servers are constantly being targeted by DDoS'es. We see everything from attempted DNS reflection attacks to L7 HTTP floods involving large botnets....
- By