The use of Cloudflare Tunnels by threat actors to create covert communication channels from compromised sites and maintain persistent access has been exposed by new research.
According to Nic Finn, a senior threat intelligence analyst at GuidePoint Security, “Cloudflared is functionally very similar to ngrok.” But unlike ngrok, Cloudflared offers far more functionality for no cost, including the capacity to host TCP connectivity across cloudflared.
Cloudflare Tunnel’s cloudflared command-line tool enables users to set up safe connections between an origin web server and Cloudflare’s closest data centre, hiding the web server IP addresses and thwarting brute-force login and volumetric distributed denial-of-service (DDoS) attacks read more Hackers Abusing Cloudflare Tunnels for Covert Communications.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.