We recently worked on an interesting case where Casino spam was visible in the page source, but couldn’t be located in any of the usual database rows or site files. Sitecheck flagged this as well. Casino and gambling spam is one of the most common types of spam attackers use. They are hoping that victims […]
Archive | Security
RSS feed for this sectionHelping civil society monitor attacks with the CyberPeaceTracer and Cloudflare Email Security
Civil society organizations have always been at the forefront of humanitarian relief efforts, as well as safeguarding civil and human rights. These organizations play a large role in delivering services during crises, whether it is fighting climate change, support during natural disasters, providing health services to marginalized communities and more. What do many of these […]
Hidden Backdoors Uncovered in WordPress Malware Investigation
At Sucuri, we often encounter cases where malware is deeply embedded in websites, hidden in files and scripts that can easily escape detection. In this article, we’ll walk you through a real-life incident where a customer contacted us about unusual behavior on their WordPress website. After a detailed investigation, we uncovered multiple backdoors allowing attackers […]
Automatic Audit Logs: new updates deliver increased transparency and accountability
What are audit logs and why do they matter? Audit logs are a critical tool for tracking and recording changes, actions, and resource access patterns within your Cloudflare environment. They provide visibility into who performed an action, what the action was, when it occurred, where it happened, and how it was executed. This enables security […]
Magento Credit Card Stealer Disguised in an Tag
Recently, we had a client come to us concerned that their website was infected with credit card stealing malware, often referred to as MageCart. Their website was running on Magento, a popular eCommerce content management system that skilled attackers often target to steal as many credit card numbers as possible. The goal of attackers who […]
QUIC action: patching a broadcast address amplification vulnerability
Cloudflare was recently contacted by a group of anonymous security researchers who discovered a broadcast amplification vulnerability through their QUIC Internet measurement research. Our team collaborated with these researchers through our Public Bug Bounty program, and worked to fully patch a dangerous vulnerability that affected our infrastructure. Since being notified about the vulnerability, we’ve implemented […]
Resolving a Mutual TLS session resumption vulnerability
On January 23, 2025, Cloudflare was notified via its Bug Bounty Program of a vulnerability in Cloudflare’s Mutual TLS (mTLS) implementation. The vulnerability affected customers who were using mTLS and involved a flaw in our session resumption handling. Cloudflare’s investigation revealed no evidence that the vulnerability was being actively exploited. And tracked as CVE-2025-23419, Cloudflare […]
Google Tag Manager Skimmer Steals Credit Card Info From Magento Site
At Sucuri, we are committed to protecting websites from malware and other cyber threats. Recently, we were contacted by a customer who had experienced credit card data theft from their Magento-based eCommerce website. After an extensive investigation, we were able to trace the malware responsible for what was happening back to the Google Tag Manager […]
Cloudflare’s commitment to advancing Public Sector security worldwide by pursuing FedRAMP High, IRAP, and ENS
Today, we announced our commitment to achieving the US Federal Risk and Authorization Management Program (FedRAMP) – High, Australian Infosec Registered Assessors Program (IRAP), and Spain’s Esquema Nacional de Seguridad (ENS) as part of Cloudflare for Government. As more and more essential services are being shifted to the Internet, ensuring that governments and regulated industries […]
Vulnerability & Patch Roundup — January 2025
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this […]
