all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Securing Non-Human Identities: Lessons from the Cloudflare Breach

Add to bookmarks
c
March 28, 2024, 3:09 a.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by Oasis Security. Written by Roey Rozi, Director of Solutions Architecture, Oasis Security. Cloudflare disclosed on February 2nd that it had been breached by a suspected nation-state attacker. This breach exploited multiple unrotated and exposed secrets. The chain of events began with the Okta breach in October 2023, during which the attacker gained administrative access to Cloudflare’s Okta system. Although the Cloudflare team attempted to rotate all relevant credential...

architecture attacker breach breached cloudflare director events exploited exposed february human identities nation non non-human identities oasis october okta okta breach secrets security solutions state written

Visit resource

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl
Navigating the Cloud – Beyond “Best Practices” 18 hours ago | cloudsecurityalliance.org
architectures best practices beyond businesses +17
Cl
How DSPM Can Help Solve Healthcare Cybersecurity Attacks 6 days, 19 hours ago | cloudsecurityalliance.org
access access controls article attacks +41
Cl
Considerations When Including AI Implementations in Penetration Testing 6 days, 19 hours ago | cloudsecurityalliance.org
application artificial artificial intelligence ask +15
Cl
Five Reasons Why Ransomware Still Reigns 6 days, 19 hours ago | cloudsecurityalliance.org
ben ciso consent cxo +15
Cl
DevSecOps Tools 6 days, 19 hours ago | cloudsecurityalliance.org
code code management development devops +18
Cl
Livin' on the Edge: Linux's Impact on Computing 1 week ago | cloudsecurityalliance.org
attitudes automox changing ciso +16
Cl
Your Ultimate Guide to Security Frameworks 1 week, 1 day ago | cloudsecurityalliance.org
breaches build business customers +13
Cl
The Future of Cloud Cybersecurity 1 week, 1 day ago | cloudsecurityalliance.org
businesses ceo cloud cloud computing +15
Cl
AI Hallucinations: The Emerging Market for Insuring Against Generative AI's Costly Blunders 1 week, 1 day ago | cloudsecurityalliance.org
ai governance ai hallucinations blog chair +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Researcher

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Sr. Cyber Risk Analyst

@ American Heart Association | Dallas, TX, United States
View on infosec-jobs.com

Cybersecurity Engineer 2/3

@ Scaled Composites, LLC | Mojave, CA, US
View on infosec-jobs.com

Information Security Operations Manager

@ DP World | Charlotte, NC, United States
View on infosec-jobs.com

Sr Cyber Security Engineer I

@ Staples | Framingham, MA, United States
View on infosec-jobs.com

Security Engineer - Heartland (Remote)

@ GuidePoint Security LLC | Remote in the US
View on infosec-jobs.com
View more jobs