Cloudflare Confirms Recent 1.1.1.1 DNS Outage Caused by BGP Attack or Hijack

Cloudflare’s widely used 1.1.1.1 DNS resolver service experienced a significant 62-minute global outage on July 14, 2025, affecting millions of users worldwide from 21:52 UTC to 22:54 UTC. Contrary to initial speculation, the company has confirmed that the outage was caused by an internal configuration error rather than a BGP attack, though a coincidental BGP hijack by Tata Communications India (AS4755) was observed during the incident. Cloudflare's DNS service experienced a 62-minute global outage on July 14, 2025, impacting millions of users. This misconfiguration remained dormant in the production network until July 14, when a second configuration change was made to attach a test location to the non-production service, triggering a global refresh of network configuration. The root cause of the outage was traced back to a configuration change made on June 6, 2025, during preparations for a Data Localization Suite (DLS) service. During the outage investigation, Cloudflare discovered that Tata Communications India (AS4755) had started advertising the 1.1.1.0/24 prefix, creating what appeared to be a BGP hijack scenario. To prevent similar incidents, Cloudflare announced plans to deprecate legacy systems that lack progressive deployment methodologies and implement staged addressing deployments with health monitoring capabilities. Service was restored by reverting configurations; Cloudflare will upgrade legacy systems to prevent recurrence.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 17 Jul 2025 06:45:16 +0000

Cyber News related to Cloudflare Confirms Recent 1.1.1.1 DNS Outage Caused by BGP Attack or Hijack

How to Prevent DNS Attacks: DNS Security Best Practices - To protect against attack, best practices must be applied to protect the DNS protocol, the server on which the DNS protocol runs, and all access to the DNS processes. Implementing these best practices will not only protect DNS but also network ...
1 year ago Esecurityplanet.com

Cloudflare Dashboard and APIs down after data center power outage - An ongoing Cloudflare outage has taken down many of its products, including the company's dashboard and related application programming interfaces customers use to manage and read service configurations. The complete list of services whose ...
1 year ago Bleepingcomputer.com

Cloudflare discloses breach related to stolen Okta data - Last fall, Cloudflare announced it mitigated an attempted cyberattack stemming from the infamous Okta breach. Cloudflare disclosed in a blog post that it had been breached by an unnamed nation-state threat actor using an access token and three ...
1 year ago Techtarget.com

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com

Cloudflare Confirms Recent 1.1.1.1 DNS Outage Caused by BGP Attack or Hijack - Cloudflare’s widely used 1.1.1.1 DNS resolver service experienced a significant 62-minute global outage on July 14, 2025, affecting millions of users worldwide from 21:52 UTC to 22:54 UTC. Contrary to initial speculation, the company has ...
8 hours ago Cybersecuritynews.com

Cloudflare says 1.1.1.1 outage not caused by attack or BGP hijack - To quash speculation of a cyberattack or BGP hijack incident causing the recent 1.1.1.1 Resolver service outage, Cloudflare explains in a post mortem that the incident was caused by an internal misconfiguration. Cloudflare also points out that the ...
22 hours ago Bleepingcomputer.com

CVE-2025-6087 - A Server-Side Request Forgery (SSRF) vulnerability was identified in the @opennextjs/cloudflare package. The vulnerability stems from an unimplemented feature in the Cloudflare adapter for Open Next, which allowed unauthenticated users to proxy ...
1 month ago

Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator - The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has been traced to a common operator, according to ...
1 year ago Bleepingcomputer.com

CVE-2020-3398 - A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) ...
3 years ago

Cloudflare R2 service outage caused by password rotation error - The absence of safeguards and validation checks for high-impact actions led to the outage, prompting Cloudflare to plan and implement additional measures for improved account provisioning, stricter access control, and two-party approval processes for ...
3 months ago Bleepingcomputer.com

DNS Tunneling Abuse Expands to Tracking & Scanning Victims - Attackers are taking malicious manipulation of DNS traffic to the next level, abusing DNS tunneling to scan a victim's network infrastructure as well as track victims' online behavior. Researchers from Palo Alto Networks' Unit 42 have identified ...
1 year ago Darkreading.com

Cloudflare mitigates record number of DDoS attacks in 2025 - Internet services giant Cloudflare says it mitigated a record number of DDoS attacks in 2024, recording a massive 358% year-over-year jump and a 198% quarter-over-quarter increase. However, 2025 is looking to be an even bigger problem for online ...
2 months ago Bleepingcomputer.com

How to Arm Yourself With CloudFlare Security Solutions - Securing your website or digital asset is a critical part of running a successful business or website. With the rise of the digital era, the need to protect yourself from cyber-attacks is essential. That's why CloudFlare, the leading cloud solution ...
2 years ago Blog.cloudflare.com

Using Passive DNS To Trace Command And Control Infrastructure - When a security team discovers a suspicious domain or IP address, passive DNS allows them to trace its historical connections and uncover the broader infrastructure used by the threat actor. Finally, security teams should combine passive DNS ...
2 months ago Cybersecuritynews.com Hunters

Cloudflare publishes details of Thanksgiving security breach The Register - Cloudflare has just detailed how suspected government spies gained access to its internal Atlassian installation using credentials stolen via a security breach at Okta in October. In a write-up on Thursday, CEO Matthew Prince, CTO John ...
1 year ago Go.theregister.com

CVE-2017-12319 - A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) ...
5 years ago

CVE-2018-0295 - A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is ...
5 years ago

CVE-2019-15989 - A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect ...
5 years ago

CVE-2020-3165 - A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the ...
5 years ago

CVE-2022-20758 - A vulnerability in the implementation of the Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is ...
3 years ago

Cloudflare Incident on January 24th, 2023 - An Overview - On January 24th, 2023, Cloudflare experienced an incident that impacted its customers globally. In this article, we will provide an overview analysis of the incident, its impacts on SEO, security, threats, etc. ...
2 years ago Blog.cloudflare.com

Understanding DNS Zones: A Comprehensive Guide - DNS stands for Domain Name System, and it is one of the most important components of the Internet. It is a network of servers that coordinates the registration, updating and resolution of domain names, so that users can easily access websites and ...
2 years ago Heimdalsecurity.com

CVE-2020-1613 - A vulnerability in the BGP FlowSpec implementation may cause a Juniper Networks Junos OS device to terminate an established BGP session upon receiving a specific BGP FlowSpec advertisement. The BGP NOTIFICATION message that terminates an established ...
3 years ago

CVE-2019-16023 - Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The ...
3 years ago

CVE-2019-16021 - Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The ...
3 years ago

Cloudflare Confirms Recent 1.1.1.1 DNS Outage Caused by BGP Attack or Hijack

Cyber News related to Cloudflare Confirms Recent 1.1.1.1 DNS Outage Caused by BGP Attack or Hijack

Latest Cyber News

Cyber Trends (last 7 days)

Trending Cyber News (last 7 days)