#Cloudflare stopps http traffic completely - only #https allowed

Source: blog.cloudflare.com/https-only…

#web #www #api #software #news #encryption #internet

HTTPS-only for Cloudflare APIs: shutting the door on cleartext traffic

We are closing the cleartext HTTP ports entirely for Cloudflare API traffic. This prevents the risk of clients unintentionally leaking their secret API keys in cleartext during the initial request, before we can reject the connection at the server si…

^{The Cloudflare Blog}

Major #web services go dark in #Russia amid reported #Cloudflare #block

source: therecord.media/russia-website…

According to data from several internet monitoring websites, the outages were observed Thursday across multiple Russian regions, particularly in the #Urals and #Siberia, affecting platforms such as #TikTok, #Steam, #Twitch, #EpicGames, #Duolingo and major Russian #mobile operators.

#online #www #internet #fail #problem #censorship #politics #test #news

Major web services go dark in Russia amid reported Cloudflare block

Website outages were observed across Russia this week, with regulators attributing them to issues with foreign servers. Observers said the problems might be tied to Russian government moves to block Cloudflare services.

^{therecord.media}

wrote: "[...] something we technically knew was going on before but didn't consciously consider a threat, until now."

I've been warning for CDN's like Cloudflare and Fastly (and cloud providers in general) for a long time.

Here's a recent toot (in Dutch, the "translate" button should do the job): infosec.exchange/@ErikvanStrat….

If you trust Google to translate it (guaranteed NOT error-free, it *may* work in other browsers than Chrome): infosec-exchange.translate.goo…

P.S. Fastly knows your infosec.exchange login credentials.

@malanalysis

#Cloudflare #MitM #AitM #Fastly #CDN #TLSinterception

Erik van Straten (@ErikvanStraten@infosec.exchange)

Attached: 1 image Risico Cloudflare (+Trump) 🌦️ Achter Cloudflare Steeds meer websites zitten "achter" het Amerikaanse bedrijf Cloudflare. Stel u opent https://pvv.

^{Infosec Exchange}

#SurveillanceState #Surveillance #Technology #Meta

👉Which #Messenger To Replace the #DataKraken #WhatsApp with? 👈

#FightTechnofeudalism

👉 #SignalHack👈

(15/n)

...Clouds of #Google, #Amazon, #Microsoft & #Cloudflare. They can de-anonymise every user!

Here are all the tech details:

primal.net/e/note14hf9%E2%80%A…

Weitere Infos zum #SignalHack:

social.tchncs.de/@Optimus/1140…

fed.brid.gy/r/bsky.app/profile…

chilemasto.casa/@sebagutiem/11…

******************

....

Merle Meyerdierks

2025-03-18 11:21:45

Die verwendeten Mobilnummern stammen (möglicher Weise) von diesem Twillo Hack vor einigen Jahren. Dabei sind die Hacker an Mobilfunknummern gekommen, die die #Signal bei der Registrierung erzwingt und die über SMS verifiziert wird. tarnkappe.info/artikel/it-s...

Signal Messenger betroffen: Tw...

Signal Messenger betroffen: Twilio-Hacker erbeutet Rufnummern

Ein Angreifer konnte sich durch einen Hack auf Twilio Zugriff auf Registrierungsdaten des Signal Messengers verschaffen.

^{Marc Stöckel (TARNKAPPE.INFO)}

@thevril @pluralistic @kino

#SurveillanceState

👉Which #Messenger To Replace the #DataKraken #WhatsApp with? 👈

#FightTechnofeudalism

(7/n)

... 👉our international discussion: 👈

pleroma.iselfhost.com/objects/…

In conclusion, as all services using #US servers like signal have been compromised since the #CloudAct went into force,

"Since #Signal's entire traffic runs over the clouds of #Amazon [#AWS,] #Google, #Microsoft & #Cloudflare.

👉All US services...

People use already compromised passwords 41% of the time when logging into email, streaming services, social networks, or any other online services, Cloudflare’s analysis reveals.

#password #Cloudflare #cybersecurity #privacy

cnews.link/half-login-attempts…

Tell me I'm reading this blog post wrong. It reads as if Cloudflare is admitting to reading the login credentials of users of sites that use Cloudflare.

"Our data reveals that 52% of all detected authentication requests contain leaked passwords found in our database of over 15 billion records, including the Have I Been Pwned (HIBP) leaked password dataset."

h/t: @0xF21D

blog.cloudflare.com/password-r…

#infosec #security #cloudflare

Password reuse is rampant: nearly half of observed user logins are compromised

Nearly half of observed login attempts across websites protected by Cloudflare involved leaked credentials. The pervasive issue of password reuse is enabling automated bot attacks and account takeovers on a massive scale.

^{The Cloudflare Blog}

So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.

Let me put the important words in uppercase.

So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.

[Edit with H/T: benjojo.co.uk/u/benjojo/h/cR4d…]

blog.cloudflare.com/password-r…

#cloudflare #password #cybersecurity

Password reuse is rampant: nearly half of observed user logins are compromised

Nearly half of observed login attempts across websites protected by Cloudflare involved leaked credentials. The pervasive issue of password reuse is enabling automated bot attacks and account takeovers on a massive scale.

^{The Cloudflare Blog}