TWINN #106 Cloudflare used to bypass firewalls
Mondays after the holidays are always busy and exciting, but it seems that the threats don’t take a break during the holidays. The people behind them don’t necessarily take a break and that’s what we’ve seen again this season.
As threats and the threat detection cat and mouse game continues, we are more commonly now seeing threat protection evasion techniques being used, including ways to bypass gateway security. We’ve been strong proponents of data sovereignty when it comes to gateway security, and this week we have a perfect example of how services from Cloudflare are being used to bypass protection:
Table of Contents
The 5 Top Cyber Security Stories Of The Week – January 9, 2023
Malicious PyPi packages create CloudFlare Tunnels to bypass firewalls. This is an example of why self-custody in terms of protection is critically important, resulting in data sovereignty for the business owner.
Rackspace Blames Zero-Day Exploit for Ransomware Hit Success. Rackspace was in a tough spot. Applying the patches broke Outlook Web Access, but applying Microsoft’s recommended mitigation left other vulnerabilities, which attackers exploited. Rackspace is now out of the Hosted Exchange business completely.
First LastPass, now Slack and CircleCI. The hacks go on (and will likely worsen). Continuous auditing of the supply chain will only become increasingly essential.
Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More. Is any vehicle *not* vulnerable? Wow.
Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors. What’s old is new again. Spreading malware via USB is still applied as it is useful to the attackers.
Did you know?
At CES2023, the trend is All battery power, everywhere, all the time. The future looks amazing!