"Researcher Reveals New Techniques to Bypass Cloudflare's Firewall and DDoS Protection"

Cloudflare's firewall and Distributed Denial-of-Service (DDoS) attack prevention mechanisms can be circumvented by exploiting gaps in cross-tenant security controls. Certitude researcher Stefan Proksch noted that attackers could use their own Cloudflare accounts to exploit the per-design trust relationship between Cloudflare and customer's websites, causing the protection mechanism to be ineffective. The issue stems from the shared infrastructure available to all tenants within Cloudflare, regardless of their legitimacy, making it easy for threat actors to exploit the implicit trust associated with service and defeat protection mechanisms. This article continues to discuss findings regarding the tactics that could be used to bypass Cloudflare's firewall and DDoS prevention mechanisms. 

THN reports "Researcher Reveals New Techniques to Bypass Cloudflare's Firewall and DDoS Protection"

Submitted by grigby1