December 2019 – Security

Adopting a new approach to HTTP prioritization

December 31, 2019 by Lucas Pardue

Lucas Pardue

Friday the 13th is a lucky day for Cloudflare for many reasons. On December 13, 2019 Tommy Pauly, co-chair of the IETF HTTP Working Group, announced the adoption of the "Extensible Prioritization Scheme for HTTP" - a new approach to HTTP prioritization.Web pages are made up of many resources that…

Happy 10th Birthday, KrebsOnSecurity.com

December 30, 2019 by BrianKrebs

BrianKrebs

Today marks the 10th anniversary of KrebsOnSecurity.com! Over the past decade, the site has featured more than 1,800 stories focusing mainly on cybercrime, computer security and user privacy concerns. And what a decade it has been. Stories here have exposed countless scams, data breaches, cybercrooks and corporate stumbles. In the…

Ransomware at IT Services Provider Synoptek

December 28, 2019 by BrianKrebs

BrianKrebs

Synoptek, a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. The company has reportedly paid a ransom demand in a bid to restore…

Happy Holidays!

December 27, 2019 by Val Vesa

Val Vesa

I joined Cloudflare in July of 2019, but I've known of Cloudflare for years. I always read the blog posts and looked at the way the company was engaging with the community. I also noticed the diversity in the names of many of the blog post authors. There are over…

How to Use One-Lin3r to Quickly Generate Reverse Shells, Privesc Commands & More

December 25, 2019 by drd_

drd_

A lot of time can be wasted performing trivial tasks over and over again, and it's especially true when it comes to hacking and penetration testing. Trying different shells to own a target, and testing out privilege escalation commands afterward, can eat up a lot of time. Fortunately, there is…

This holiday’s biggest online shopping day was… Black Friday

December 24, 2019 by John Graham-Cumming

John Graham-Cumming

What’s the biggest day of the holiday season for holiday shopping? Black Friday, the day after US Thanksgiving, has been embraced globally as the day retail stores announce their sales. But it was believed that the following Monday, dubbed “Cyber Monday,” may be even bigger. Or, with the explosion of…

Merry DNS and a Happy New Homoglyph

December 23, 2019 by BinaryEdge

BinaryEdge

It has been a long but exciting year. We have enjoyed having you all in our community and learning about all the different uses that our different customers are giving the BinaryEdge platform. To close the year we've added two new endpoints to our SaaS (business accounts only for now,…

Privileged containers in Docker? A bad idea!

December 23, 2019 by Andrea Fortuna

Andrea Fortuna

By default, containers run in unprivileged mode, that is, we cannot run Docker daemon inside a Docker container. However, a...

How to Program MicroPython NeoPixel Holiday Lights to Animate However You Want

December 21, 2019 by Kody

Kody

Individually addressable LEDs, also commonly called "NeoPixels" after the popular Adafruit product, are a bright and colorful way to get started with basic Python programming. With an inexpensive ESP8266 or ESP32 microcontroller, it's easy to get started programming your own holiday lighting animations on a string of NeoPixels with beginner-friendly…

How to Get Started with MicroPython for ESP8266 Microcontrollers

December 20, 2019 by Kody

Kody

For anyone interested in using cheap, Wi-Fi-connected microcontrollers like the ESP8266, the Arduino programming language can be a barrier to entry. Based on C++, Arduino requires knowledge of more computer science than languages like Python. Fortunately for beginners, setting up MicroPython on an ESP8266 allows anyone to write Python on…

First Half 2019 Transparency Report and an Update on a Warrant Canary

December 20, 2019 by Alissa Starzak

Alissa Starzak

Today, we are releasing Cloudflare’s transparency report for the first half of 2019. We recognize the importance of keeping the reports current, but It’s taken us a little longer than usual to put it together. We have a few notable updates. Pulling a warrant canarySince we issued our very first…

Episode 62: 2019 Think Like a Hacker Highlights

December 20, 2019 by Kathy Zant

Kathy Zant

We’ve had quite a year with Think Like a Hacker, the podcast about WordPress, security and innovation. For this end of year episode, we take a look back at a few of our favorite interviews and news stories. We review conversations with Josepha Haden, Brandy Lawson, Jennifer Bourn, Matt Cromwell,…

How to Crack WPA & WPA2 Wi-Fi Passwords with Pyrit

December 20, 2019 by Kody

Kody

Pyrit is one of the most powerful WPA/WPA2 cracking tools in a hacker's arsenal, with the ability to benchmark a computer's CPU speeds, analyze capture files for crackable handshakes, and even tap into GPU password-cracking power. To demonstrate how quickly it can hack a WPA/WPA2 password, we'll use it to…

An Update on CDNJS

December 19, 2019 by Zack Bloom

Zack Bloom

When you loaded this blog, a file was delivered to your browser called jquery-3.2.1.min.js. jQuery is a library which makes it easier to build websites, and was at one point included on as many as 74.1% of all websites. A full eighteen million sites include jQuery and other libraries using…

Critical Vulnerability Patched in 301 Redirects – Easy Redirect Manager

December 19, 2019 by Chloe Chamberland

Chloe Chamberland

Description: Authenticated Arbitrary Redirect Injection and Modification Affected Plugin: 301 Redirects – Easy Redirect Manager Affected Versions: <= 2.40 CVSS Score: 9.0 (Critical) CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H Patched Version: 2.45 On Friday December 13th, our Threat Intelligence team discovered vulnerabilities present in 301 Redirects – Easy Redirect Manager, a WordPress plugin…

1 2 3 … 5 Next »