In summary: âThe abuse of Cloudflare Tunnel infrastructure further complicates network visibility by giving the actor a disposable and encrypted transport layer for staging malicious files without maintaining traditional infrastructure,â concluded Securonixâs Peck.
What to do
Securonixâs recommendations start with the most basic advice to block attachments and treat any external link as suspicious. Thatâs easier said than done, of course, although the rise of collaboration systems such as Teams gives employees an alternative way of sharing files that doesnât involve sending and receiving emails.
Beyond that, itâs a case of turning on more detailed endpoint logging, monitoring software tools when theyâre executed from unusual locations and enabling Windows file extension visibility, said Securonix.
