Cloudflare detected a threat actor on their self-hosted Atlassian server. CrowdStrike's Forensic team confirmed no compromise of customer data due to security measures like access controls and Zero Trust tools.
The threat actor engaged in intelligence gathering and gained persistent access to Atlassian servers by utilizing credentials from an Okta compromise. A thorough investigation was conducted to confirm denial of access and address vulnerabilities through the Code Red initiative.
Collection
[
|
...
]