Cloudflare employees were recently targeted by a “sophisticated” cyberattack, and even though some fell for the scheme, the DDoS protection company managed to successfully defend itself.
In a blog post(opens in new tab), Cloudflare co-founder Matthew Prince, together with team members Daniel Stinson-Diess and Sourov Zaman, explained how the attack happened and what made the difference between success and failure.
The threat actor made a couple of key preparations ahead of the attack: they registered a domain that looked legitimate and would fool many victims: cloudflare-okta.com. Okta is Cloudflare’s identity provider. They also managed to somehow obtain the phone numbers of almost 80 Cloudflare employees, as well as family members for some.
MORE FIDO in the News
L’Eclaireur FNAC: Passkey: towards the end of passwords in 2023?
The FIDO Alliance is developing an alternative authentication system that...11월 18, 2022
Tech Radar: Apple’s announcement could spell the end for passwords – and the beginning for biometrics
Apple’s Passkey technology uses established industry standards from the FIDO...
Heise: PayPal: Passkey instead of password for Apple users
PayPal is the first major service to jump on the...