To improve the cybersecurity of flocking control for connected and automated vehicles (CAVs), this paper proposes a novel resilient flocking control by specifically considering cyber-attack threats on vehicle tracking errors. Using the vehicle tracking error dynamics model, a dual extended Kalman filter (DEKF) is applied to detect cyber-attacks as an unknown constant on vehicle tracking information with noise rejections. To handle the coupling effects between tracking errors and cyber-attacks, the proposed DEKF consists of a tracking error filter (TEF) and a cyber-attack filter (CAF), which are utilized to conduct the prediction and correction of tracking errors alternatively. Whenever an abnormal tracking error is detected, an observer-based resilient flocking control is enabled. Demonstrated by simulation results, the proposed cyber-attack detection method and resilient flocking control design can successfully achieve and maintain the flocking control of multi-CAV systems by rejecting certain cyber-attack threats.