Subscription confirmed. Thank you for subscribing!
June 05, 2022 9:54PM
On 2022-06-02 at 20:00 UTC Atlassian released a Security Advisory relating to a remote code execution (RCE) vulnerability affecting Confluence Server and Confluence Data Center products. This post covers our current analysis of this vulnerability...
March 29, 2022 4:51PM
Browser Isolation Remote Browser Isolation RBI Zero Day Threats Zero TrustCVE-2022-1096 is yet another zero day vulnerability affecting web browsers. Cloudflare zero trust mitigates the risk of zero day attacks in the browser and has been patched...
December 14, 2021 10:23AM
Logs Vulnerabilities Zero Day Threats Security Log4JMany Cloudflare customers consume their logs using software that uses Log4j, so we are mitigating any exploit attempts via Cloudflare Logs....
December 10, 2021 9:24PM
Cloudflare Zero Trust Cloudflare One Zero Trust Cloudflare Gateway Zero Day ThreatsThe vulnerability disclosed yesterday in the Java-based logging package, log4j, allows attackers to execute code on a remote server. We’ve updated Cloudflare’s WAF to defend your infrastructure against this 0-day attack....
December 10, 2021 6:36PM
Vulnerabilities Zero Day Threats Security WAF Rules Log4JIn this post we explain the history of this vulnerability, how it was introduced, how Cloudflare is protecting our clients. We will update later with actual attempted exploitation we are seeing blocked by our firewall service....
More Posts
December 10, 2021 11:39AM
A zero-day exploit affecting the popular Apache Log4j utility (CVE-2021-44228) was made public on December 9, 2021 that results in remote code execution (RCE). This vulnerability is actively being exploited and anyone using Log4j should update to version 2.15.0 as soon as possible....
