Welcome to the 19th edition of the Cloudflare DDoS Threat Report. Released quarterly, these reports provide an in-depth analysis of the DDoS threat landscape as observed across the Cloudflare network. This edition focuses on the third quarter of 2024. With a 296 Terabit per second (Tbps) network located in over 330 cities worldwide, Cloudflare is […]
Archive | Security
RSS feed for this sectionFearless SSH: short-lived certificates bring Zero Trust to infrastructure
BastionZero joined Cloudflare in May 2024. We are thrilled to announce Access for Infrastructure as BastionZero’s native integration into our SASE platform, Cloudflare One. Access for Infrastructure will enable organizations to apply Zero Trust controls in front of their servers, databases, network devices, Kubernetes clusters, and more. Today, we’re announcing short-lived SSH access as the […]
Is this thing on? Using OpenBMC and ACPI power states for reliable server boot
Introduction At Cloudflare, we provide a range of services through our global network of servers, located in 330 cities worldwide. When you interact with our long-standing application services, or newer services like Workers AI, you’re in contact with one of our fleet of thousands of servers which support those services. These servers which provide Cloudflare […]
Fake “Fix It” Pop-Ups Target WordPress Sites via Malicious Plugin to Download Trojan
In our recent investigation, we discovered a new malware campaign targeting WordPress sites through a fake plugin, universal-popup-plugin-v133, which delivers deceptive browser fix pop-ups. This malware leverages social engineering tactics to deceive visitors into downloading malicious files, compromising their systems. Type of website impacted and the scope of infection We reported a similar fake browser […]
Protect against identity-based attacks by sharing Cloudflare user risk scores with Okta
Cloudflare One, our secure access service edge (SASE) platform, is introducing a new integration with Okta, the identity and access management (IAM) vendor, to share risk indicators in real-time and simplify how organizations can dynamically manage their security posture in response to changes across their environments. For many organizations, it is becoming increasingly challenging and […]
WooCommerce Security Essentials for Store Owners
Running a WooCommerce store is awesome for your business – it opens up a whole world of opportunities. But let’s be honest, it also comes with some security risks. We’re talking about hackers trying to swipe customer data and nasty malware that could take your website down. Protecting your online store isn’t just about keeping […]
CJ Desai: Why I joined Cloudflare as President of Product and Engineering
I am thrilled to embark on this journey to run Product and Engineering at Cloudflare, driving forward the mission of helping build a better Internet. A little about me While I was a graduate student at University of Illinois, the university introduced the Mosaic web browser to students. In addition to being super easy to […]
What’s new in Cloudflare One: Digital Experience (DEX) monitoring notifications and seamless access to Cloudflare Gateway with China Express
At Cloudflare, we are constantly innovating and launching new features and capabilities across our product portfolio. We are introducing roundup blog posts to ensure that you never miss the latest updates across our platform. In this post, we are excited to share two new ways that our customers can continue to keep their web properties […]
Leveraging Kubernetes virtual machines at Cloudflare with KubeVirt
Cloudflare runs several multi-tenant Kubernetes clusters across our core data centers. These general-purpose clusters run on bare metal and power our control plane, analytics, and various engineering tools such as build infrastructure and continuous integration. Kubernetes is a container orchestration platform. It enables software engineers to deploy containerized applications to a cluster of machines. This […]
Cloudflare acquires Kivera to add simple, preventive cloud security to Cloudflare One
We’re excited to announce that Kivera, a cloud security, data protection, and compliance company, has joined Cloudflare. This acquisition extends our SASE portfolio to incorporate inline cloud app controls, empowering Cloudflare One customers with preventative security controls for all their cloud services. In today’s digital landscape, cloud services and SaaS (software as a service) apps […]
