⇄ Σ = Mᄃ² ⇆
Follow

Cloudflare Falls Victim to Okta Breach, Atlassian Systems Cracked

blog.cloudflare.com/thanksgivi

The cyberattackers, believed to be state sponsored, didn't get far into Cloudflare's global network, but not for lack of trying

Yet Another Okta Breach Victim

darkreading.com/threat-intelli

· 1· 1· 3
Hakomo 🇮🇱 🇺🇦 🇹🇼  

@ecksmc

"Cloudflare worked with CrowdStrike and was able to determine that, after initial reconnaissance work, cyberattackers accessed its internal wiki (Confluence) and bug database (Jira) before establishing persistence on its Atlassian server. From there, the perpetrators poked around for places to pivot into, successfully puddle-hopping into the Cloudflare source code management system (Bitbucket) and an AWS instance."

Reconnaissance

1
Hakomo 🇮🇱 🇺🇦 🇹🇼  

@ecksmc

Nonetheless, the firm erred on the side of caution: "We undertook a comprehensive effort to rotate every production credential (more than 5,000 individual credentials), physically segment test and staging systems, performed forensic triages on 4,893 systems, reimaged and rebooted every machine in our global network including all the systems the threat actor accessed and all Atlassian products (Jira, Confluence, and Bitbucket)."

😎 👍🏽

0
Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.

Resources

Developers

What is CounterSocial?

Created by potrace 1.15, written by Peter Selinger 2001-2017

counter.social

More…