August 12, 2022

TechRadar.pro: Cloudflare says it was almost fooled by a phishing attack

Cloudflare employees were recently targeted by a “sophisticated” cyberattack, and even though some fell for the scheme, the DDoS protection company managed to successfully defend itself. 

In a blog post(opens in new tab), Cloudflare co-founder Matthew Prince, together with team members Daniel Stinson-Diess and Sourov Zaman, explained how the attack happened and what made the difference between success and failure.

The threat actor made a couple of key preparations ahead of the attack: they registered a domain that looked legitimate and would fool many victims: cloudflare-okta.com. Okta is Cloudflare’s identity provider. They also managed to somehow obtain the phone numbers of almost 80 Cloudflare employees, as well as family members for some.

MORE FIDO in the News


Journal du Net: Digital accessibility: Why CIOs should make it a priority

In this byline, Andrew Shikiar explains how simple and safe...

March 23, 2023

L’Eclaireur FNAC: How password managers are preparing for a future … without passwords

Passwordless authentication has the potential to continue to grow in...


ComputerWeekly: Accessible authentication: What companies need to consider  

In this byline, Andrew Shikiar, executive director and CMO of...


Communications of the ACM: Passkeys unlock a new era for authentication

Until recently, replacing passwords has ranked somewhere between tricky and...

Download Authn Specs
Sign up for updates!Get news from FIDO Alliance in your inbox.

By submitting this form, you are consenting to receive communications from: FIDO Alliance, 3855 SW 153rd Drive, Beaverton, OR 97003, US, http://www.fidoalliance.org. You can revoke your consent to receive emails at any time by using the unsubscribe link found at the bottom of every email.