Hackers are using Cloudflare Tunnels to gain stealthy access. They exploit the tunnels for stealthy HTTPS connections, bypassing firewalls, and maintaining long-term persistence. Cloudflare Tunnels allow outbound connections via HTTPS to Edge Servers, with access to services like SSH, RDP, and SMB. Attackers can control functionality activation and deactivation and evade detection by using QUIC connections on port 7844. Steps for exploiting Cloudflare Tunnels include creating a token on the victim's machine, accessing the executable, and establishing a client connection. Organizations should monitor unauthorized tunnel use and restrict services to chosen data centers. #cybersecurity #cybersecuritynews

https://cybersecuritynews.com/hackers-abuse-cloudflare-tunnels/