Last Friday, Tavis Ormandy from Google’s Project Zero contacted Cloudflare to report a security problem with our edge servers. He was seeing corrupted web pages being returned by some HTTP requests run through Cloudflare. It turned out that in some unusual circumstances, which I’ll detail below, our edge servers were running past the end of […]
Archive | Security
RSS feed for this sectionAsk Sucuri: Common WAF Questions and Concerns
There is no more frustrating experience than knowing you need something, but not knowing which questions to ask. This resonates with website owners when they are told they need to add (yet another) security solution to their tech stack – and it’s called a Website Application Firewall (WAF). I spoke earlier this month about the […]
Joomla Security – Pornography Spam Campaign in the Wild
One of the worst experiences for a website owner is finding out that the search results for your site have turned into a pharmacy, a fashion outlet, or even a porn dump. Those unwanted keywords are a result of Search Engine Poisoning (SEP) attacks. This blackhat SEO technique is used by attackers to take advantage […]
WordPress Security – Fake TrafficAnalytics Website Infection
Several months ago, our research team identified a fake analytics infection, known as RealStatistics. The malicious Javascript injection looks a lot like tracking code for a legitimate analytics service. RealStatistics even set up fake analytics websites designed to trick webmasters who took a few steps to investigate the unfamiliar script. Recently, a new variation of […]
You can now use Google Authenticator and any TOTP app for Two-Factor Authentication
Since the very beginning, Cloudflare has offered two-factor authentication with Authy, and starting today we are expanding your options to keep your account safe with Google Authenticator and any Time-based One Time Password (TOTP) app of your choice. If you want to get started right away, visit your account settings. Setting up Two-Factor with Google […]
New Guide on How to Fix Hacked Magento Sites
Ecommerce refers to websites that involve online purchases. This functionality sparks new challenges, concerns, and requirements for website security. Online shopping, to many people, is almost synonymous with a certain kind of risk – and not without good reason. Over the holidays, we wrote a lot about the rise of credit card swipers. With the […]
NCC Group’s Cryptography Services audits our Go TLS 1.3 stack
The Cloudflare TLS 1.3 beta is run by a Go implementation of the protocol based on the Go standard library, crypto/tls. Starting from that excellent Go codebase allowed us to quickly start experimenting, to be the first wide server deployment of the protocol, and to effectively track the changes to the specification draft. Of course, […]
Labs Notes Monthly Recap – Jan/2017
Every month we recap the latest posts on Sucuri Labs, written by our Malware Research Team (MRT) and Incident Response Teams (IRT). The Sucuri Labs website provides technical analysis and industry updates directly from our teams on the front line. You can read past monthly recaps for an overview of the posts we’ve released each […]
RCE Attempts Against the Latest WordPress REST API Vulnerability
We are starting to see remote command execution (RCE) attempts trying to exploit the latest WordPress REST API Vulnerability. These RCE attempts started today after a few days of attackers (mostly defacers) rushing to vandalize as many pages as they could. The RCE attempts we are seeing in the wild do not affect every WordPress […]
JavaScript Injections Leads to Tech Support Scam
During a recent malware investigation, we found some interesting obfuscated Javascript code. This code pretends to appear as part of the popular AddThis social sharing plugin, using it in URL naming conventions and an image file. The malware ultimately redirects website visitors to node.additionsnp[.]top which hosts a tech support scam that can be dangerous to […]
