Collaborate Disseminate
Quote from Challenge Bypass Extension
The Privacy Pass extension implements the Privacy Pass protocol for
providing a private authentication mechanism during web browsing.
Privacy Pass is currently supported by Cloudf… Continue reading Can I trust Cloudflare’s Privacy Pass extension? Does it brings risks and side effects regarding privacy?
Fifteen major companies, including the Apple, Facebook, Google, IBM, and PwC, announced Wednesday they are joining together to change their cybersecurity job descriptions and requirements to attract more talent to the 3 million cybersecurity job openings that are expected to be available over the next two years. Specifically, the companies — which are part of the Aspen Cybersecurity Group — are focused on nixing requirements that candidates have four-year bachelor’s degrees and gender-biased job descriptions. “A bachelors degree is actually not a good proxy for whether you have the talent,” Chair of the Aspen Institute’s Cyber & Technology Program John Carlin told CyberScoop. “There’s plenty of talented people out there but we need to figure out better ways to identify them and train them.” The group, which also includes AIG, Cloudflare, the Cyber Threat Alliance, Duke Energy, IronNet, Johnson & Johnson, Northrop Grumman, Symantec, Unisys, and Verizon, came together over […]
The post 15 major companies announce effort to tackle cybersecurity workforce recruitment issues appeared first on CyberScoop.
I know that enabling http compression would make a server vulnerable to the BREACH attacks. So we have disabled compression from the server side, tested and it was all good.
Then we implemented CloudFlare for the instance. We performed t… Continue reading Does cloudflare protect against BREACH attacks?
I have a client’s real IP/ server which is behind Cloudflare but I’m white-listed. How can I test the website’s real IP using Burp Suite? The hostname resolution under connections in Project options doesn’t work as it hits th… Continue reading How to test original/ real IP, if the website is behind Cloudflare [on hold]
While doing penetration testing for a client I stumbled upon a security incident. CloudFlare promises to hide the origin IP address when using its DNS.
I went to dnsdumpster.com, inputted my client’s domain and there I found… Continue reading Did I just find a bug in CloudFlare or is this a feature?
As promised in April, Cloudflare has finally launched Warp, a consumer mobile privacy app that looks a lot like a VPN without actually being one. Continue reading Cloudflare adds VPN features to 1.1.1.1 privacy app
Cloudflare, the security, performance, and reliability company helping to build a better Internet, announced support for HTTP/3, the new standard of the web that will make the Internet faster, more secure, and more reliable, for everyone. Cloudflare ha… Continue reading Cloudflare now supports HTTP/3
Following hot on Mozilla’s trail, Google officially announced its own DNS-over-HTTPS (DoH) experiment in Chrome this week. Continue reading Google experiments with DNS-over-HTTP in Chrome
Internet services and cybersecurity provider Cloudflare has acknowledged it may have violated U.S. sanctions by doing business with terrorist groups and international drug traffickers, an admission that comes as the San Francisco company prepares to go public as soon as this week. Cloudflare voluntarily disclosed the possible economic and trade sanction violations to the U.S. Department of Treasury in its S-1 filing, amended to stipulate that Cloudflare technology was “used by, or for the benefit of, certain individuals or entities” named on the Office of Foreign Assets Control’s list of Specially Designated Nationals, as the Wall Street Journal first reported. The filing does not name specific parties, saying only that the group includes “entities identified in OFAC’s counter-terrorism and counter-narcotics trafficking sanctions programs, or affiliated with governments currently subject to comprehensive U.S. sanctions.” A small number of those entities also made payments to Cloudflare. The updated regulatory filing also notes […]
The post Cloudflare may have provided service to terrorists, drug traffickers in violation of U.S. sanctions appeared first on CyberScoop.
Immediately after Mozilla announced its plan to soon enable ‘DNS over HTTPS’ (DoH) by default for Firefox users in the United States, Google today says it is planning an experiment with the privacy-focused technology in its upcoming Chrome 78.
Under d… Continue reading Google to Experiment ‘DNS over HTTPS’ (DoH) Feature in Chrome 78