Subscription confirmed. Thank you for subscribing!
December 15, 2021 1:56PM
This vulnerability is actively being exploited and anyone using Log4J should update to version 2.16.0 as soon as possible, even if you have previously updated to 2.15.0. The latest version can be found on the Log4J download page....
December 10, 2021 6:36PM
Vulnerabilities Zero Day Threats Security WAF Rules Log4JIn this post we explain the history of this vulnerability, how it was introduced, how Cloudflare is protecting our clients. We will update later with actual attempted exploitation we are seeing blocked by our firewall service....
December 10, 2021 11:39AM
Vulnerabilities Zero Day Threats WAF Rules Security Log4JA zero-day exploit affecting the popular Apache Log4j utility (CVE-2021-44228) was made public on December 9, 2021 that results in remote code execution (RCE). This vulnerability is actively being exploited and anyone using Log4j should update to version 2.15.0 as soon as possible....
December 03, 2021 1:59PM
WAF Rules Security NotificationsCloudflare can now send proactive notifications about any application security event spike, so you are warned whenever an attack might be targeting your application....
October 08, 2021 11:29AM
WAF Rules Security Vulnerabilities Cloudflare AccessOn September 29th 2021, the Apache Security team was alerted of a path traversal vulnerability being actively exploited (zero-day) against Apache HTTP Server version 2.4.49. Customers running the affected Apache version, should update to 2.5.51 as soon as possible....
More Posts
September 08, 2021 10:18AM
On August 25, 2021, Atlassian released a security advisory affecting their Confluence application. The Cloudflare WAF soon after started mitigating an increase in malicious traffic to vulnerable endpoints ensuring customers remained protected....
