December 6, 2024 at 02:48AM Gamaredon, a Russian-affiliated cyber threat group, is using Cloudflare Tunnels to hide its GammaDrop malware in a spear-phishing campaign targeting Ukrainian entities since early 2024. The group employs various techniques, including HTML smuggling and DNS fast-fluxing, to evade detection and maintain access to compromised systems. ### Meeting Takeaways – December … Read more
December 3, 2024 at 04:06PM Cybercriminals are increasingly abusing Cloudflare’s ‘pages.dev’ and ‘workers.dev’ for phishing and malicious activities, with Fortra reporting a 198% rise in phishing incidents on Cloudflare Pages and a 104% increase on Cloudflare Workers. This exploitation leverages Cloudflare’s trusted reputation, complicating detection and allowing efficient phishing campaigns. **Meeting Takeaways:** 1. **Increase in … Read more
November 27, 2024 at 11:17AM Cloudflare faced a significant incident on November 14, 2024, losing 55% of customer logs due to a bug in its log collection service. A misconfiguration in the Logfwdr system led to log discard errors, overwhelming Buftee, the buffering system. Cloudflare has since implemented measures to prevent future incidents. ### Meeting … Read more
October 23, 2024 at 02:58PM WhatsApp has launched Identity Proof Linked Storage (IPLS), an encrypted system for secure contact management. IPLS solves contact loss and syncing issues by binding contact lists to accounts, enabling management across devices. Additionally, it allows multiple isolated contact lists on a single device. The system emphasizes end-to-end encryption and security … Read more
October 4, 2024 at 06:00AM Cloudflare revealed fending off a record-setting 3.8 Tbps DDoS attack and multiple other attacks. The attacks, primarily targeting financial, internet, and telecommunication sectors, utilized compromised devices across several countries. Cloudflare attributed the high-rate attacks to botnets exploiting a critical ASUS router flaw. DDoS attacks have surged in frequency, with added … Read more
October 3, 2024 at 12:15PM A recent DDoS campaign targeted financial, internet, and telecommunications sectors, resulting in a record 3.8 Tbps volumetric attack. The assault comprised 100 hyper-volumetric attacks, overwhelming network infrastructure and primarily leveraging compromised devices in various countries. Cloudflare autonomously mitigated the attacks, with UDP-based transfers and CUPS vulnerabilities posing ongoing threats. Key … Read more
October 2, 2024 at 08:39AM Cloudflare successfully fought off a record-breaking DDoS attack, reaching 3.8 Tbps and 2.14 billion Pps. Source: SecurityWeek. From the meeting notes, it appears that Cloudflare successfully mitigated a record-breaking DDoS attack, which peaked at 3.8 Tbps and 2.14 billion Pps. This information was reported in an article on SecurityWeek’s website. … Read more
September 25, 2024 at 08:48AM A threat actor called SloppyLemming, likely based in India, is using cloud services to target energy, defense, government, telecom, and tech entities in Pakistan and other South and East Asian countries. Cloudflare reports the group’s operations align with Outrider Tiger, known for using Sliver and Cobalt Strike in attacks. SloppyLemming … Read more
August 9, 2024 at 11:16AM Cloudflare’s 2024 Global Security Brief webinar on August 20th will cover DDoS attack evolution, API and network security threats, AI-enhanced phishing, and Zero Trust security principles. The session aims to equip IT and security professionals with essential knowledge and practical strategies to combat the ever-evolving cyber threats. Register to watch. … Read more
August 2, 2024 at 06:48AM Proofpoint reports that threat actors have been misusing Cloudflare Tunnels for six months to distribute various remote access trojan (RAT) families. The attackers used the TryCloudflare feature since February 2024 to create one-time tunnels and deliver malware payloads through phishing messages. The attacks have impacted organizations globally, with the threat … Read more