/plushcap/analysis/cloudflare/patching-the-internet-against-global-brute-force-campaigns

Account Takeover Protection and WAF mitigations to help stop Global Brute Force Campaigns

What's this blog post about?

A cybersecurity advisory has been published by international security agencies warning about widespread attacks against government and private sector targets worldwide since mid-2019. These attacks involve brute force access attempts, network traversal using known vulnerabilities, and deployment of remote shells for gathering additional information. In response to this ongoing threat, Cloudflare has accelerated the release timeline of its WAF mitigations and exposed credential check feature to protect its customers. The company is also encouraging users to implement additional best practices such as multi-factor authentication, account time-out and lock-out features, and stronger methods of authentication that require "having" something like a hard token or client certificate.

Company
Cloudflare

Date published
July 1, 2021

Author(s)
Michael Tremante

Word count
1029

Hacker News points
3

Language
English


By Matt Makai. 2021-2024.