TLDR: Cloudflare has announced that it experienced a breach in which nation-state hackers accessed its source code and internal documents. The intrusion, detected in November 2023, involved stolen credentials and was carried out by a “sophisticated” actor with the aim of obtaining widespread access to Cloudflare’s global network. As a precautionary measure, Cloudflare rotated credentials, segmented systems, and conducted forensic triages. The attack involved a four-day reconnaissance period and resulted in the exfiltration of 76 source code repositories, primarily related to how backups work, network configuration, identity management, remote access, and the use of Terraform and Kubernetes. The attack was made possible by using stolen access tokens and service account credentials associated with AWS, Atlassian Bitbucket, Moveworks, and Smartsheet, which were obtained in a hack of Okta’s support case management system. Cloudflare failed to rotate these credentials and has since terminated all malicious connections. Cybersecurity firm CrowdStrike performed an independent assessment of the incident.
Cloudflare Breach: Hackers snatch source code, infiltrate internal knowledge
Latest from News
OilRig cyber group hits Iraqi Government with advanced malware surprise
Article Summary TLDR: Iranian state-sponsored threat actor OilRig targeted Iraqi government networks in a sophisticated cyber attack campaign using new malware families called Veaty
Ireland investigates Google’s AI data practices
TLDR: The Irish Data Protection Commission (DPC) is launching an inquiry into Google’s AI data practices in Europe. The inquiry will focus on whether
Report finds 4+ remote access tools in most OT environments
TLDR: Over half of OT environments have at least four remote access tools, increasing the risk of malicious activity. Non-enterprise grade tools lack key
TfL updates customer data theft statement following cyber-attack
TLDR: Transport for London (TfL) has revised its statement on the customer data theft after a cyber-attack. The cyber-attack has disrupted online services, but
Yale’s smart campus strategy: defeating AI cyber threats in cloud
TLDR: Yale’s Information Technology Department reported a rise in high-quality phishing attacks due to AI. Yale announced two initiatives: Bee SAFE, Not Sorry and