Lawrence Abrams reports: The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. For the past year, the threat actors have been targeting Salesforce customers in data theft attacks using social engineering and malicious OAuth applications to breach Salesforce instances and download data. The stolen data…
Tiffany discloses data breach involving gift cards — second breach disclosure in recent months (1)
In May, Tiffany & Co. confirmed a data breach affecting an unspecified number of customers in South Korea. Tiffany is one of LVMH Moët Hennessy Louis Vuitton’s 75 high-end brands in six different sectors. On May 26, Tiffany Korea emailed select customers to notify them of a cybersecurity breach involving unauthorized access to a vendor…
Self-propagating supply chain attack hits 187 npm packages
Ax Sharma reports: Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack, with a malicious self-propagating payload to infect other packages. The coordinated worm-style campaign dubbed ‘Shai-Hulud’ started yesterday with the compromise of the @ctrl/tinycolor npm package, which receives over 2 million weekly downloads. Since then, the campaign has expanded significantly and…
Latvian health authority official and IT company head fined for data breach
From Latvian Public Media: The Kurzeme Regional Court has decided to overturn the acquittal of the District Court and to find guilty an official of a state institution for disclosing confidential information and a board member of a company for inciting a public official to disclose this information, Latvian Television reports on 17 September. Latvian…
Ransomware’s new frontier: Extortion attacks evolve in Asia Pacific
Joanna England reports: Akamai Technologies, the cybersecurity and cloud computing company that powers and protects business online, has found that bad actors are using a new quadruple extortion tactic in ransomware campaigns, while double extortion remains the most common approach. With ransomware accounting for more than half of the total data breaches in this region…
Scattered Spider Tied to Fresh Attacks on Financial Services
Mathew J. Schwartz reports: A member of the band of native English-speaking adolescent hackers lately calling itself Scattered Lapsus$ Hunters published Friday a semi-coherent screed proclaiming the collective would be “going dark.” Many cybersecurity experts responded with skepticism. Evidence suggests that at least some members of the loose-knit hacking collective are continuing to hit targets. Threat intelligence…