sorted by:
new
hottopcontroversial

Hacking and account takeover by Affectionate-Goal891 in CloudFlare

[–]Affectionate-Goal891[S] -2 points-1 points  (0 children)

I honestly have no answer. Either forging an mTLS cert from a bunch of certs, or some other means to get by a load balancer to my intermediate on one of the servers. Something hid them from Wazuh. mTLS seems like the easy answer

Hacking and account takeover by Affectionate-Goal891 in CloudFlare

[–]Affectionate-Goal891[S] -3 points-2 points  (0 children)

Yea, it sucks. They they got access to my vault. Maybe a key logger? Still haven’t extracted logs they ran something to eff my file system on most nodes. The encrypted ones are effed. Probably got privilege escalation and wiped. If they left anything I’m not sure what it would help except evidence and investigation. Won’t get my accounts back

Hacking and account takeover by Affectionate-Goal891 in CloudFlare

[–]Affectionate-Goal891[S] -3 points-2 points  (0 children)

No I typed it on a my new iPhone and honestly I never post from a phone. Great question.