Showing only posts tagged cloudflare. Show all posts.

Cloudflare once again comes under pressure for enabling abusive sites

Source

Enlarge (credit: Getty Images) A familiar debate is once again surrounding Cloudflare, the content delivery network that provides a free service that protects websites from being taken down in denial-of-service attacks by masking their hosts: Is Cloudflare a bastion of free speech or an enabler of spam, malware delivery …

Okta hit by another breach, this one stealing employee data from 3rd-party vendor

Source

Enlarge (credit: Getty Images) Identity and authentication management provider Okta has been hit by another breach, this one against a third-party vendor that allowed hackers to steal personal information for 5,000 Okta employees. The compromise was carried out in late September against Rightway Healthcare, a service Okta uses …

Patch Tuesday, October 2023 Edition

Source

Microsoft today issued security updates for more than 100 newly-discovered vulnerabilities in its Windows operating system and related software, including four flaws that are already being exploited. In addition, Apple recently released emergency updates to quash a pair of zero-day bugs in iOS. Apple last week shipped emergency updates …

Cloudflare’s CAPTCHA replacement lacks crosswalks, checkboxes, Google

Source

Enlarge / CAPTCHAs are meant to prevent these kinds of browsing scenarios, not train us all to better recognize vehicles and infrastructure in grainy photos. (credit: Getty Images) Cloudflare has recently made an audacious claim: We could all be doing something better with our lives than deciding which images contain …

How 1-Time Passcodes Became a Corporate Liability

Source

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures …

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

Source

On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. The assault came from “ Meris,” the same new botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure firm Cloudflare earlier this summer. Cloudflare recently wrote about …