Cloudflare employees were recently targeted by a “sophisticated” cyberattack, and even though some fell for the scheme, the DDoS protection company managed to successfully defend itself. 

In a blog post(opens in new tab), Cloudflare co-founder Matthew Prince, together with team members Daniel Stinson-Diess and Sourov Zaman, explained how the attack happened and what made the difference between success and failure.

The threat actor made a couple of key preparations ahead of the attack: they registered a domain that looked legitimate and would fool many victims: cloudflare-okta.com. Okta is Cloudflare’s identity provider. They also managed to somehow obtain the phone numbers of almost 80 Cloudflare employees, as well as family members for some.


More

Medium: Exploring the World of FIDO: Life Without Passwords

The FIDO Alliance is a pioneer in digital security and is redefining authentication through SYM…

Read More →

GB News: If you’re using a password on this list, change it now – hackers could break into your account in seconds

The most common passwords of 2023, including “123456” and “admin,” have been exposed, leaving millions…

Read More →

Biometric Update: Digital IDs mean manageable and critical change, FIDO tells US federal security leaders

FIDO Alliance webinar aimed at U.S. federal data-security officials to promote digital authentication while reassuringthem…

Read More →