Inside the infamous Mirai IoT Botnet: A Retrospective Analysis

Published on by Guest Author.

This is a guest post by Elie Bursztein who writes about security and anti-abuse research. It was first published on his blog and has been lightly edited. This post provides a retrospective analysis of Mirai — the infamous Internet-of-Things botnet that took down major websites via massive distributed denial-of-service using hundreds

The New DDoS Landscape

Published on by Junade Ali.

News outlets and blogs will frequently compare DDoS attacks by the volume of traffic that a victim receives. Surely this makes some sense, right? The greater the volume of traffic a victim receives, the harder to mitigate an attack - right? At least, this is how things used to work.

The WireX Botnet: How Industry Collaboration Disrupted a DDoS Attack

Published on by Jaime Cochran.

Updated October 2017: The Cyberwire Research Saturday Podcast: Introduction On August 17th, 2017, multiple Content Delivery Networks (CDNs) and content providers were subject to significant attacks from a botnet dubbed WireX. The botnet is named for an anagram for one of the delimiter strings in its command and control protocol.

How we built rate limiting capable of scaling to millions of domains

Published on by Julien Desgats.

Back in April we announced Rate Limiting of requests for every Cloudflare customer. Being able to rate limit at the edge of the network has many advantages: it’s easier for customers to set up and operate, their origin servers are not bothered by excessive traffic or layer 7 attacks,

Understanding Our Cache and the Web Cache Deception Attack

Published on by Joshua Liebow-Feeser.

About a month ago, security researcher Omer Gil published the details of an attack that he calls the Web Cache Deception attack. It works against sites that sit behind a reverse proxy (like Cloudflare) and are misconfigured in a particular way. Unfortunately, the definition of "misconfigured" for the purposes of