JQUERY CONFERENCE HACKATHON WINNERS

On September 12th, at jQuery’s annual conference MaxCDN held a hackathon using code.jquery.com CDN traffic from our new Analytics API.  We’re pleased to announce the following winners: 1st – Ryan G. with MapHack 2nd – Kamron K. @KamronKennedy 3rd – Jacob R. @jroufa Github And here are some screenshots of the winning entry, which makes nice use of MapBox. On […]

Read more

INSIDE SHELLSHOCK: HOW HACKERS ARE USING IT TO EXPLOIT SYSTEMS

On Wednesday of last week, details of the Shellshock bash bug emerged. This bug started a scramble to patch computers, servers, routers, firewalls, and other computing appliances using vulnerable versions of bash. CloudFlare immediately rolled out protection for Pro, Business, and Enterprise customers through our Web Application Firewall. On Sunday, after studying the extent of the problem, and looking […]

Read more

ADDITIONAL SHELLSHOCK (GNU BASH) VULNERABILITIES (CVE-2014-6277 AND CVE-2014-6278) IDENTIFIED (POST UPDATED ON OCTOBER 14, 2014)

On September 29, 2014, two additional vulnerabilities were identified in GNU Bash. Per our defined risk mitigation procedures, we continue to do vulnerability assessments on all of our systems and take the requisite steps to mitigate any potential risks. A WAF-based rule is available to all our application performance (ADN) and commerce (Transact) customers that […]

Read more

AN UPDATE ON THE SHELLSHOCK VULNERABILITY FOR VERIZON EDGECAST CUSTOMERS

Since becoming aware of the Shellshock (CVE-2014-6271 and CVE-2014-7169) Bash vulnerability, the Verizon EdgeCast security team worked hard to mitigate risks to our environment and that of our customers. While it is important to note that Verizon EdgeCast’s CDN infrastructure runs on a purpose-built, hardened configuration with many layers of security control, monitoring, and auditing, […]

Read more

FREE AND COMPREHENSIVE PROTECTION FOR SHELLSHOCK CODE INJECTION VULNERABILITY AVAILABLE TO VERIZON EDGECAST CUSTOMERS

Verizon EdgeCast has created a Web Application Firewall (WAF) instance designed to identify and block attacks targeting the recently discovered ShellShock vulnerability. These WAF rules are implemented by Verizon EdgeCast’s Network Operations Center (NOC) and require no configuration on the customer side. Customers do not need to be an existing WAF user; any Verizon EdgeCast […]

Read more