Looking Forward: Some Predictions for 2022
December 31, 2021 1:54PM
As we approach the end of the year, let's look ahead at some trends and predictions for 2022...
Protection against CVE-2021-45046, the additional Log4j RCE vulnerability
December 15, 2021 1:56PM
Log4J Log4Shell WAF Rules Security VulnerabilitiesThis vulnerability is actively being exploited and anyone using Log4J should update to version 2.16.0 as soon as possible, even if you have previously updated to 2.15.0. The latest version can be found on the Log4J download page....
An exposed apt signing key and how to improve apt security
December 15, 2021 1:56PM
Debian Ubuntu Security Cloudflare Zero Trust WARPRecently, we received a bug bounty report regarding the GPG signing key used for pkg.cloudflareclient.com, the Linux package repository for our Cloudflare WARP products....
Exploitation of Log4j CVE-2021-44228 before public disclosure and evolution of evasion and exfiltration
December 14, 2021 5:48PM
Log4J Log4Shell Vulnerabilities WAF SecurityIn this blog post we will cover WAF evasion patterns and exfiltration attempts seen in the wild, trend data on attempted exploitation, and information on exploitation that we saw prior to the public disclosure of CVE-2021-44228....
Sanitizing Cloudflare Logs to protect customers from the Log4j vulnerability
December 14, 2021 10:23AM
Logs Vulnerabilities Zero Day Threats Security Log4JMany Cloudflare customers consume their logs using software that uses Log4j, so we are mitigating any exploit attempts via Cloudflare Logs....
More Posts