#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
DevSecOps

CDN Network | Breaking Cybersecurity News | The Hacker News

Category — CDN Network
Cloudflare Saw Record-Breaking DDoS Attack Peaking at 26 Million Request Per Second

Cloudflare Saw Record-Breaking DDoS Attack Peaking at 26 Million Request Per Second

Jun 15, 2022
Cloudflare on Tuesday disclosed that it had acted to prevent a record-setting 26 million request per second (RPS) distributed denial-of-service (DDoS) attack last week, making it the largest HTTPS DDoS attack detected to date. The web performance and security company said the attack was directed against an unnamed customer website using its Free plan and emanated from a "powerful" botnet of 5,067 devices, with each node generating approximately 5,200 RPS at peak. The botnet is said to have created a flood of more than 212 million HTTPS requests within less than 30 seconds from over 1,500 networks in 121 countries, including Indonesia, the U.S., Brazil, Russia, and India. Roughly 3% of the attack came through Tor nodes. The attack "originated mostly from Cloud Service Providers as opposed to Residential Internet Service Providers, indicating the use of hijacked virtual machines and powerful servers to generate the attack — as opposed to much weaker Internet of Things...
Top 5 Essential Features of Effective Cybersecurity for Web Apps

Top 5 Essential Features of Effective Cybersecurity for Web Apps

Dec 19, 2019
There's hardly any business nowadays that don't use computers and connect to the Internet. Companies maintain an online presence through their official websites, blogs, and social media pages. People use online services to conduct day to day activities like banking. And of course, there are many businesses that are completely based on the web like online markets, e-Commerce websites and financial services. All of these activities create opportunities for cyber attacks. Various threats can affect websites, online services, API endpoints, and the applications used or provided by businesses. Such devastating attacks include privacy intrusion, DDoS attacks , data breaches, defacements of websites, online store shutdowns, scraping, payment fraud, abuse of online services, and backdoor installations. The 2019 Cost of Cybercrime Study by Accenture reports that there has been a 67% increase in cyber attacks over the last five years. The corresponding increase in financial ter...
Protecting Your Software Supply Chain: Assessing the Risks Before Deployment

Protecting Your Software Supply Chain: Assessing the Risks Before Deployment

Feb 11, 2025Software Security / Threat Intelligence
Imagine you're considering a new car for your family. Before making a purchase, you evaluate its safety ratings, fuel efficiency, and reliability. You might even take it for a test drive to ensure it meets your needs. The same approach should be applied to software and hardware products before integrating them into an organization's environment. Just as you wouldn't buy a car without knowing its safety features, you shouldn't deploy software without understanding the risks it introduces. The Rising Threat of Supply Chain Attacks Cybercriminals have recognized that instead of attacking an organization head-on, they can infiltrate through the software supply chain—like slipping counterfeit parts into an assembly line. According to the 2024 Sonatype State of the Software Supply Chain report , attackers are infiltrating open-source ecosystems at an alarming rate, with over 512,847 malicious packages detected last year alone—a 156% increase from the previous year. Traditional sec...
New Cache Poisoning Attack Lets Attackers Target CDN Protected Sites

New Cache Poisoning Attack Lets Attackers Target CDN Protected Sites

Oct 23, 2019
A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate content or resources. The issue could affect sites running behind reverse proxy cache systems like Varnish and some widely-used Content Distribution Networks (CDNs) services, including Amazon CloudFront, Cloudflare, Fastly, Akamai, and CDN77. In brief, a Content Distribution Network (CDN) is a geographically distributed group of servers that sit between the origin server of a website and its visitors to optimize the performance of the website. A CDN service simply stores/caches static files—including HTML pages, JavaScript files, stylesheets, images, and videos—from the origin server and delivers them to visitors more quickly without going back to the originating server again and again. Each of the geographically distributed CDN se...
cyber security

Webinar: 5 Ways New AI Agents Can Automate Identity Attacks | Register Now

websitePush SecurityAI Agents / Identity Security
Learn how CUAs like OpenAI Operator can be used by attackers to automate account takeover and exploitation.
Incapsula Updated Review — New Security Options, Improved Delivery and Reliability

Incapsula Updated Review — New Security Options, Improved Delivery and Reliability

Sep 06, 2017
It's been close to five years since we last looked at Incapsula , a security-focused CDN service known for its DDoS mitigation and web application security features. As one would expect, during these five years the company has expanded and improved, introducing lots of new features and even several new products. Most recently, Incapsula underwent an extensive network expansion that includes new PoPs in Asia including two new data centers in New Delhi and Mumbai. This seems like an excellent opportunity to revisit the service and see how it has evolved. Acquisition, Award and Growth Before we jump into Incapsula's service upgrades, we want to mention the changes in the company itself briefly. The most notable of those is Incapsula's 2014 acquisition by Imperva—an authority in web application security and a four-time Gartner Magic Quadrant leader for web application firewalls. The acquisition boosted Incapsula's security capabilities, resulting in its own cloud...
Serious Bug Exposes Sensitive Data From Millions Sites Sitting Behind CloudFlare

Serious Bug Exposes Sensitive Data From Millions Sites Sitting Behind CloudFlare

Feb 24, 2017
A severe security vulnerability has been discovered in the CloudFlare content delivery network that has caused big-name websites to expose private session keys and other sensitive data. CloudFlare, a content delivery network (CDN) and web security provider that helps optimize safety and performance of over 5.5 Million websites on the Internet, is warning its customers of the critical bug that could have exposed a range of sensitive information, including passwords, and cookies and tokens used to authenticate users. Dubbed Cloudbleed , the nasty flaw is named after the Heartbleed bug that was discovered in 2014, but believed to be worse than Heartbleed. The vulnerability is so severe that it not only affects websites on the CloudFlare network but affects mobile apps as well. What exactly is "Cloudbleed," how it works, how are you affected by this bug, and how you can protect yourself? Let's figure it out. What is Cloudbleed? Discovered by Google Project Ze...
The Pirate Bay relaunch is FBI's Honeypot? Pirate Bay Team Responds,'NO WAY'

The Pirate Bay relaunch is FBI's Honeypot? Pirate Bay Team Responds,'NO WAY'

Feb 04, 2015
After almost two months of untimely and unexpected outage, The Pirate Bay (TPB) finally came back this weekend. But the re-launch of the infamous torrent-indexing website raised a question among those suspicious about this new setup — Is it really The Pirate Bay? A few days back we reported that The Pirate Bay – a widely popular file-sharing website predominantly used to share copyrighted material free of charge – had made its return to the Internet once again after suffering two months of outage following a police raid in Sweden late last year. Many users, including I, thought the site left dead as last took down was the longest outage the torrenting site has ever experienced. But history repeats and The Pirate Bay made its way a day before it claimed. Pirate lovers around the world rejoiced while others noticed something very suspicious. IS THE FBI RUNNING THE PIRATE BAY ? The truth behind The Pirate Bay , like who was driving the re-emergence of the site or who w...
Expert Insights / Articles Videos
Cybersecurity Resources