TLDR: Cloudflare has announced that it experienced a breach in which nation-state hackers accessed its source code and internal documents. The intrusion, detected in November 2023, involved stolen credentials and was carried out by a “sophisticated” actor with the aim of obtaining widespread access to Cloudflare’s global network. As a precautionary measure, Cloudflare rotated credentials, segmented systems, and conducted forensic triages. The attack involved a four-day reconnaissance period and resulted in the exfiltration of 76 source code repositories, primarily related to how backups work, network configuration, identity management, remote access, and the use of Terraform and Kubernetes. The attack was made possible by using stolen access tokens and service account credentials associated with AWS, Atlassian Bitbucket, Moveworks, and Smartsheet, which were obtained in a hack of Okta’s support case management system. Cloudflare failed to rotate these credentials and has since terminated all malicious connections. Cybersecurity firm CrowdStrike performed an independent assessment of the incident.
Cloudflare Breach: Hackers snatch source code, infiltrate internal knowledge
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-20.jpg)
Latest from News
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-123-720x480.png)
UK Firms Unite for Cybersecurity Success
TLDR: Yahoo is part of the Yahoo brand family, which includes Yahoo and AOL. When using Yahoo sites and applications, Cookies are used for
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-14-720x480.jpg)
PKfail vulnerability lets hackers install UEFI malware on 200+ devices
TLDR: PKfail vulnerability affects over 200 device models, compromising Secure Boot. Exploiting the vulnerability allows attackers to install UEFI malware. Article Summary: The PKfail
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-121-720x480.png)
OpenStack Nova flaw lets hackers infiltrate cloud servers without permission
TLDR: A vulnerability in OpenStack’s Nova component, tracked as CVE-2024-40767, allows hackers to gain unauthorized access to cloud servers. The vulnerability affects multiple versions
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-40-720x480.jpg)
CrowdStrike alert: New phishing scam targets German customers
TLDR: – CrowdStrike warns of a new phishing scam targeting German customers. – Malicious installers distributed via a fake website impersonating a German entity.
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-36-720x480.jpg)
Beware: NKorea Cyber Op Targets Military, Nuclear Secrets in UK, US, SKorea
Article Summary TLDR: UK, US, and S. Korea issued a warning about a North Korea-backed cyber espionage campaign The group Andariel has been targeting