Cloudflare Dashboard and APIs down after data center power outage

An ongoing Cloudflare outage has taken down many of its products, including the company's dashboard and related application programming interfaces customers use to manage and read service configurations. The complete list of services whose functionality is wholly or partially impacted includes the Cloudflare dashboard, the Cloudflare API, Logpush, WARP / Zero Trust device posture, Stream API, Workers API, and the Alert Notification System. "This issue is impacting all services that rely on our API infrastructure including Alerts, Dashboard functionality, Zero Trust, WARP, Cloudflared, Waiting Room, Gateway, Stream, Magic WAN, API Shield, Pages, Workers," Cloudflare said. "Customers using the Dashboard / Cloudflare APIs are impacted as requests might fail and/or errors may be displayed." Customers currently have issues when attempting to log into their accounts and are seeing 'Code: 10000' authentication errors and internal server errors when trying to access the Cloudflare dashboard. Cloudflare says the service issues don't affect the cached file delivery via the Cloudflare CDN or Cloudflare Edge security features. Two hours into the outage, the company revealed that the ongoing issues are due to power outages at multiple data centers. "Cloudflare is assessing a loss of power impacting data centres while simultaneously failing over services. We will keep providing regular updates until the issue is resolved, thank you for your patience as we work on mitigating the problem," an incident report update said. This is the second large outage that has hit Cloudflare since the start of the week, with the first one taking down multiple products, including Cloudflare Sites and Services on Monday, October 30. As the company explained in a post-mortem published two days later, the Monday outage was caused by a misconfiguration in the tool used to deploy a new Workers KV build. Workers KV is "Used by both customers and Cloudflare teams alike to manage configuration data, routing lookups, static asset bundles, authentication tokens, and other data that needs low-latency access," Cloudflare's Matt Silverlock and Kris Evans said. "During this incident, KV returned what it believed was a valid HTTP 401 status code instead of the requested key-value pair(s) due to a bug in a new deployment tool used by KV.". British Library knocked offline by weekend cyberattack. American Family Insurance confirms cyberattack is behind IT outages. Cloudflare sees surge in hyper-volumetric HTTP DDoS attacks. Cyberattack on health services provider impacts 5 Canadian hospitals. Kwik Trip finally confirms cyberattack was behind ongoing outage.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Cloudflare Dashboard and APIs down after data center power outage

Cloudflare Dashboard and APIs down after data center power outage - An ongoing Cloudflare outage has taken down many of its products, including the company's dashboard and related application programming interfaces customers use to manage and read service configurations. The complete list of services whose ...
1 year ago Bleepingcomputer.com
Cloudflare discloses breach related to stolen Okta data - Last fall, Cloudflare announced it mitigated an attempted cyberattack stemming from the infamous Okta breach. Cloudflare disclosed in a blog post that it had been breached by an unnamed nation-state threat actor using an access token and three ...
10 months ago Techtarget.com
Zombie APIs: The Scariest Threat Lurking in The Shadows? - Designed to rapidly and seamlessly connect consumers and businesses to vital data and services, APIs power modern enterprises and applications. APIs are constantly in action, working in the background for when consumers finally book that dream ...
11 months ago Cyberdefensemagazine.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
2 months ago Aws.amazon.com
Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator - The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has been traced to a common operator, according to ...
5 months ago Bleepingcomputer.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Cloudflare Report Surfaces Lots of API Insecurity - A report published by Cloudflare today finds machine learning algorithms employed by the content delivery network provider found 31% more REST application programming interface endpoints than its customers have self-reported. More than 15,000 ...
11 months ago Securityboulevard.com
How to Arm Yourself With CloudFlare Security Solutions - Securing your website or digital asset is a critical part of running a successful business or website. With the rise of the digital era, the need to protect yourself from cyber-attacks is essential. That's why CloudFlare, the leading cloud solution ...
1 year ago Blog.cloudflare.com
Cybersecurity challenges emerge in the wake of API expansion - As the technological landscape increasingly integrates AI, Cindric anticipates a profound impact on the evolution of APIs, emphasizing the growing importance of API security, authentication, and the challenges posed by zombie endpoints. Your recent ...
11 months ago Helpnetsecurity.com
Cloudflare publishes details of Thanksgiving security breach The Register - Cloudflare has just detailed how suspected government spies gained access to its internal Atlassian installation using credentials stolen via a security breach at Okta in October. In a write-up on Thursday, CEO Matthew Prince, CTO John ...
10 months ago Go.theregister.com
APIs are increasingly becoming attractive targets - APIs, a technology that underpins today's most used sites and apps, are being leveraged by businesses more than ever-ultimately opening the door to more online threats than seen before, according to Cloudflare. APIs power the digital world-our ...
11 months ago Helpnetsecurity.com
Unified API Protection - A massive segment of organizations' digital footprint today is built around internal and external APIs. As more IT leaders realize and acknowledge the size of APIs' influence, it's become clear that new methods are needed to secure those APIs. While ...
1 year ago Cequence.ai
Cybersecurity In Critical Infrastructure: Protecting Power Grids and Smart Grids - Cyber Defense Magazine - Network Intrusion: Network communication systems of power and smart grids can be intruded through weak security configurations like default password, unsecured remote access, or unpatched systems and other vulnerabilities to gain control into the ...
2 months ago Cyberdefensemagazine.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
10 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
10 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
10 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
10 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
10 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
10 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
10 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
10 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
10 months ago Cybersecurity-insiders.com
Beware of OpenAI and ChatGPT-4 Turbo in Financial Services Organizations' Growing API Attack Surface - With every new API integration that OpenAI gets access to, the attack surface of a financial organization grows, creating new opportunities for attackers to exploit vulnerabilities and gain access to sensitive customer and financial data. APIs have ...
10 months ago Cybersecurity-insiders.com
Cloudflare hacked using auth tokens stolen in Okta attack - Cloudflare disclosed today that its internal Atlassian server was breached by a 'nation state' attacker who accessed its Confluence wiki, Jira bug database, and Atlassian Bitbucket source code management system. The threat actor first gained access ...
10 months ago Bleepingcomputer.com
Bermuda Experiences Widespread Internet Disruption During Power Outage - On Friday evening, Bermuda, a British Overseas Territory with a population of around 64,000, experienced a major power outage that affected the island's internet and phone service. The government declared it a serious incident and asked customers to ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)