Tag
medium
advisory
Potential Protocol Tunneling via Cloudflared
2 rules 2 TTPs 1 IOCAdversaries may abuse Cloudflare Tunnel (cloudflared) on Windows systems to proxy command and control traffic or exfiltrate data through Cloudflare's edge, evading direct connection blocking.
M365 Defender +1
cloudflare
tunneling
command and control
proxy
2r
2t
1i
high
advisory
Potential Abuse of Cloudflare Tunnels via Cloudflared
2 rules 2 TTPsAttackers are increasingly abusing Cloudflare tunnels, created via the cloudflared client, for establishing stealthy command and control channels and evading network defenses by proxying traffic through Cloudflare's infrastructure.
Cloudflared +3
cloudflare
reverse-proxy
tunnel
command-and-control
2r
2t