Snowflake denies breach, blames data theft on poorly secured customer accounts

Snowflake is disputing claims made by a threat actor who stole data belonging to Santander and Ticketmaster, and maintains that the theft of customer data was the result of stolen customer login credentials. “We are aware of recent reports relate… Continue reading Snowflake denies breach, blames data theft on poorly secured customer accounts

Snowflake denies breach, blames data theft on poorly secured customer accounts

Snowflake is disputing claims made by a threat actor who stole data belonging to Santander and Ticketmaster, and maintains that the theft of customer data was the result of stolen customer login credentials. “We are aware of recent reports relate… Continue reading Snowflake denies breach, blames data theft on poorly secured customer accounts

Snowflake compromised? Attackers exploit stolen credentials

Have attackers compromised Snowflake or just their customers’ accounts and databases? Conflicting claims muddy the situation. What is Snowflake? Snowflake is cloud-based data storage and analytics company based in the US, and claims nearly 9,500 … Continue reading Snowflake compromised? Attackers exploit stolen credentials

Attackers can turn AWS SSM agents into remote access trojans

Mitiga researchers have documented a new post-exploitation technique attackers can use to gain persistent remote access to AWS Elastic Compute Cloud (EC2) instances (virtual servers), as well as to non-EC2 machines (e.g., on-premises enterprise servers… Continue reading Attackers can turn AWS SSM agents into remote access trojans

How to Get the Most Out of Your Cloud Disaster Recovery Plan

Cloud disaster recovery is a complex field which requires careful diligence to execute properly. Learn some considerations and tips from industry experts.
The post How to Get the Most Out of Your Cloud Disaster Recovery Plan appeared first on TechRepub… Continue reading How to Get the Most Out of Your Cloud Disaster Recovery Plan

Threat actors can exfiltrate data from Google Drive without leaving a trace

Google Workspace (formerly G Suite) has a weak spot that can prevent the discovery of data exfiltration from Google Drive by a malicious outsider or insider, Mitiga researchers say. A problem for digital forensic analysts and incident responders &#8220… Continue reading Threat actors can exfiltrate data from Google Drive without leaving a trace

A common user mistake can lead to compromised Okta login credentials

Logged failed logins into a company’s Okta domain could be used by threat actors to discover access credentials of valid accounts, Mitiga researchers have found. Those credentials can then be used log in to any of the organization’s platforms tha… Continue reading A common user mistake can lead to compromised Okta login credentials

SVB account holders targeted with phishing, scams

After news broke late last week about Silicon Valley Bank’s bank run and collapse, security researchers started warning SVB account holders about incoming SVB-related scams and phishing attempts. Another reminder: just because caller ID says FDIC… Continue reading SVB account holders targeted with phishing, scams

The SVB demise is a fraudster’s paradise, so take precautions

For those who haven’t followed the drama, Silicon Valley Bank has been shut down by the California Department of Financial Protection and Innovation, after a bank run that followed an insolvency risk and a stock crash. The Federal Deposit Insurance Cor… Continue reading The SVB demise is a fraudster’s paradise, so take precautions