|
|
|
|
|
|
by driminicus
2609 days ago
|
|
|
Because the second tine was a dns hijack, not a network compromise. I'm a little fuzzy on the details, but it had something to do with cloudflares API not revoking some access token. Either way, a DNS hijack is not great, but not nearly as bad as the initial compromise. |
|
|
"The API key was known compromised in the original attack, and during the rebuild the key was theoretically replaced. However, unfortunately only personal keys were rotated, enabling the defacement."