We’ve been scanning and removing malware from websites for years, and in this time frame we have seen the website security domain grow by leaps and bounds. Over the same period, the ubiquity of the internet has reached to all corners of the globe, and the number of websites worldwide has skyrocketed (estimated at 955 […]
Tracking our SSL configuration
Over time we’ve updated the SSL configuration we use for serving HTTPS as the security landscape has changed. In the past we’ve documented those changes in blog posts; to make things simpler to track, and so that people can stay up to date on the configuration we’ve chosen, I’ve created a Github repository called sslconfig. […]
SiteCheck Extended – Making It Easier to Scan Your Websites
Sucuri SiteCheck is our free website malware scanner that crawls any website to detect signs of Malware injections, SEO Spam, Blacklisting, Defacement and other similar indicators of a compromised website. It is widely used by Webmasters to verify if their sites have not been compromised or blacklisted. And now we’re extending it to other platfroms, […]
AdSense Blackmail – Hacking Websites for Profit
We deal with different types of malware injections and compromises everyday and the most common question our clients ask us is, “Why me? Why my small little site?” There are so many answers to this question. In some cases, someone may attack a site for fun, they may do so in the name of “Hacktivism” […]
PHP Callback Functions: Another Way to Hide Backdoors
We often find new techniques employed by malware authors. Some are very interesting, others are pretty funny, and then there are those that really stump us in their creativity and effectiveness. This post is about the latter. Everyone who writes code in PHP knows what the eval() function is for. It evaluates a string as […]
Joomla Plugin Constructor Backdoor
We recently wrote about backdoors in pirated commercial WordPress plugins. This time it will be a short post about an interesting backdoor we found in a Joomla plugin. It was so well organized that at first we didn’t realize there was a backdoor even though we knew something was wrong. Here’s what the code of […]
Upcoming Meetups at CloudFlare
At CloudFlare, we love connecting with our communities, and so we are excited to announce two meetups to be hosted here at the CloudFlare headquarters in San Francisco next month. All Things Crypto – 5/8/2014 On Thursday, May 8, Nick Sullivan from the security engineering team at CloudFlare will host a meetup with several cryptography […]
Improving vulnerability disclosure for researchers
Trust, transparency, and collaboration are values which we hold dear at CloudFlare. As a web security and performance company, we are always interested in how we can make our service and our infrastructure more secure. We also know how the power of the security researcher community can help us achieve results more quickly and more […]
HeartBleed in the Wild
As most of you probably already know, ten days ago security Researchers disclosed a very serious vulnerability in the OpenSSL library, which is used to power HTTPS on most websites nowadays. The bug allowed an attacker to extract information that was supposed to be private, including SSL private keys, login data or any other information […]
The Heartbleed Aftermath: all CloudFlare certificates revoked and reissued
Eleven days ago the Heartbleed vulnerability was publicly announced. Last Friday, we issued the CloudFlare Challenge: Heartbleed and simultaneously started the process of revoking and reissuing all the SSL certificates that CloudFlare manages for our customers. That process is now complete. We have revoked and reissued every single certificate we manage and all the certificates […]
