Found 69 bookmarks
Custom sorting
Securing Cloudflare Using Cloudflare
Securing Cloudflare Using Cloudflare
When a new security threat arises — a publicly exploited vulnerability (like log4j) or the shift from corporate-controlled environments to remote work or a potential threat actor — it is the Security team’s job to respond to protect Cloudflare’s network, customers, and employees. And as security threats evolve, so should our defense system. Cloudflare is committed to bolstering our security posture with best-in-class solutions — which is why we often turn to our own products as any other Cloudflare customer would?
#cloudflare#2022#EN#FIDO2#access#control#management
·blog.cloudflare.com·
Securing Cloudflare Using Cloudflare
Cloudflare’s investigation of the January 2022 Okta compromise
Cloudflare’s investigation of the January 2022 Okta compromise
Today, March 22, 2022 at 03:30 UTC we learnt of a compromise of Okta. We use Okta internally for employee identity as part of our authentication stack. We have investigated this compromise carefully and do not believe we have been compromised as a result. We do not use Okta for customer accounts; customers do not need to take any action unless they themselves use Okta.
#cloudflare#Okta#EN#2022#compromise#investigation
·blog.cloudflare.com·
Cloudflare’s investigation of the January 2022 Okta compromise
Securing Cloudflare Using Cloudflare
Securing Cloudflare Using Cloudflare
When a new security threat arises — a publicly exploited vulnerability (like log4j) or the shift from corporate-controlled environments to remote work or a potential threat actor — it is the Security team’s job to respond to protect Cloudflare’s network, customers, and employees. And as security threats evolve, so should our defense system. Cloudflare is committed to bolstering our security posture with best-in-class solutions — which is why we often turn to our own products as any other Cloudflare customer would?
#cloudflare#2022#EN#FIDO2#access#control#management
·blog.cloudflare.com·
Securing Cloudflare Using Cloudflare
Cloudflare’s investigation of the January 2022 Okta compromise
Cloudflare’s investigation of the January 2022 Okta compromise
Today, March 22, 2022 at 03:30 UTC we learnt of a compromise of Okta. We use Okta internally for employee identity as part of our authentication stack. We have investigated this compromise carefully and do not believe we have been compromised as a result. We do not use Okta for customer accounts; customers do not need to take any action unless they themselves use Okta.
#cloudflare#Okta#EN#2022#compromise#investigation
·blog.cloudflare.com·
Cloudflare’s investigation of the January 2022 Okta compromise
DDoS threat report for 2023 Q2
DDoS threat report for 2023 Q2
Q2 2023 saw an unprecedented escalation in DDoS attack sophistication. Pro-Russian hacktivists REvil, Killnet and Anonymous Sudan joined forces to attack Western sites. Mitel vulnerability exploits surged by a whopping 532%, and attacks on crypto rocketed up by 600%. Read the full story...
#Cloudflare#EN#2023#DDoS#threat#report#Q2#REvil#Killnet
·blog.cloudflare.com·
DDoS threat report for 2023 Q2
Securing Cloudflare Using Cloudflare
Securing Cloudflare Using Cloudflare
When a new security threat arises — a publicly exploited vulnerability (like log4j) or the shift from corporate-controlled environments to remote work or a potential threat actor — it is the Security team’s job to respond to protect Cloudflare’s network, customers, and employees. And as security threats evolve, so should our defense system. Cloudflare is committed to bolstering our security posture with best-in-class solutions — which is why we often turn to our own products as any other Cloudflare customer would?
#cloudflare#2022#EN#FIDO2#access#control#management
·blog.cloudflare.com·
Securing Cloudflare Using Cloudflare
Cloudflare’s investigation of the January 2022 Okta compromise
Cloudflare’s investigation of the January 2022 Okta compromise
Today, March 22, 2022 at 03:30 UTC we learnt of a compromise of Okta. We use Okta internally for employee identity as part of our authentication stack. We have investigated this compromise carefully and do not believe we have been compromised as a result. We do not use Okta for customer accounts; customers do not need to take any action unless they themselves use Okta.
#cloudflare#Okta#EN#2022#compromise#investigation
·blog.cloudflare.com·
Cloudflare’s investigation of the January 2022 Okta compromise
Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack
Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack
This was a weekend of record-breaking DDoS DDoS. Over the weekend, Cloudflare detected and mitigated dozens of hyper-volumetric DDoS attacks. The majority of attacks peaked in the ballpark of 50-70 million requests per second (rps) with the largest exceeding 71 million rps. This is the largest reported HTTP DDoS attack on record, more than 35% higher than the previous reported record of 46M rps in June 2022.
#cloudflare#EN#2023#DDoS#mitigated#hyper-volumetric#HTTP
·blog.cloudflare.com·
Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack
The mechanics of a sophisticated phishing scam and how we stopped it
The mechanics of a sophisticated phishing scam and how we stopped it
Yesterday, August 8, 2022, Twilio shared that they’d been compromised by a targeted phishing attack. Around the same time as Twilio was attacked, we saw an attack with very similar characteristics also targeting Cloudflare’s employees. While individual employees did fall for the phishing messages, we were able to thwart the attack through our own use of Cloudflare One products, and physical security keys issued to every employee that are required to access all our applications.
#cloudflare#EN#2022#phishing#scam#Twilio#okra
·blog.cloudflare.com·
The mechanics of a sophisticated phishing scam and how we stopped it
Securing Cloudflare Using Cloudflare
Securing Cloudflare Using Cloudflare
When a new security threat arises — a publicly exploited vulnerability (like log4j) or the shift from corporate-controlled environments to remote work or a potential threat actor — it is the Security team’s job to respond to protect Cloudflare’s network, customers, and employees. And as security threats evolve, so should our defense system. Cloudflare is committed to bolstering our security posture with best-in-class solutions — which is why we often turn to our own products as any other Cloudflare customer would?
#cloudflare#2022#EN#FIDO2#access#control#management
·blog.cloudflare.com·
Securing Cloudflare Using Cloudflare
Cloudflare’s investigation of the January 2022 Okta compromise
Cloudflare’s investigation of the January 2022 Okta compromise
Today, March 22, 2022 at 03:30 UTC we learnt of a compromise of Okta. We use Okta internally for employee identity as part of our authentication stack. We have investigated this compromise carefully and do not believe we have been compromised as a result. We do not use Okta for customer accounts; customers do not need to take any action unless they themselves use Okta.
#cloudflare#Okta#EN#2022#compromise#investigation
·blog.cloudflare.com·
Cloudflare’s investigation of the January 2022 Okta compromise
Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack
Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack
This was a weekend of record-breaking DDoS DDoS. Over the weekend, Cloudflare detected and mitigated dozens of hyper-volumetric DDoS attacks. The majority of attacks peaked in the ballpark of 50-70 million requests per second (rps) with the largest exceeding 71 million rps. This is the largest reported HTTP DDoS attack on record, more than 35% higher than the previous reported record of 46M rps in June 2022.
#cloudflare#EN#2023#DDoS#mitigated#hyper-volumetric#HTTP
·blog.cloudflare.com·
Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack
The mechanics of a sophisticated phishing scam and how we stopped it
The mechanics of a sophisticated phishing scam and how we stopped it
Yesterday, August 8, 2022, Twilio shared that they’d been compromised by a targeted phishing attack. Around the same time as Twilio was attacked, we saw an attack with very similar characteristics also targeting Cloudflare’s employees. While individual employees did fall for the phishing messages, we were able to thwart the attack through our own use of Cloudflare One products, and physical security keys issued to every employee that are required to access all our applications.
#cloudflare#EN#2022#phishing#scam#Twilio#okra
·blog.cloudflare.com·
The mechanics of a sophisticated phishing scam and how we stopped it