Attackers are using Cloudflare Tunnel to proxy into victim networks. The tool is easily installed and configurations can be made from the Cloudflare dashboard. The tunnel allows the attacker to access specific services on the local machine and appear as if they're connecting from that machine. It can also route an entire network IP range, essentially working as a VPN. Monitoring for DNS queries and outbound connections to port 7844 can help detect the use of Cloudflare Tunnel. #Cloudflare #ProxyAttack #NetworkSecurity

https://www.csoonline.com/article/649000/attackers-use-cloudflare-tunnel-to-proxy-into-victim-networks.html