Snowflake breach snowballs as more victims, perps, come forward
The Snowflake data breach expands to include Ticketek, Ticketmaster, and Advance Auto Parts. ShinyHunters claim involvement, Snowflake enforces security measures. CDK faces ransomware attack, Juniper and Apple vulnerabilities identified. Jetflicks operators convicted.
Read original article
The Snowflake data breach continues to escalate with more victims coming forward, including Australian ticketing provider Ticketek and US companies like Ticketmaster and Advance Auto Parts. A hacker group named ShinyHunters claimed involvement in the breach, stating they accessed Snowflake systems through compromised third parties. Snowflake denies direct penetration but is enforcing multifactor authentication for all customers. In a separate incident, CDK, a software provider for car dealerships, is facing a ransomware attack, potentially impacting 15,000 dealerships in North America. Meanwhile, critical vulnerabilities in Juniper Secure Analytics and other systems have been identified, urging immediate patching. Additionally, alleged internal tools from Apple were reportedly leaked, but investigations revealed they were custom integrations for internal use. In a legal case, five individuals were convicted for operating an illegal streaming site, Jetflicks, which amassed a vast library of pirated TV episodes. The ringleader faces up to 48 charges, including money laundering and criminal copyright infringement.
Related
Simple ways to find exposed sensitive information
Various methods to find exposed sensitive information are discussed, including search engine dorking, Github searches, and PublicWWW for hardcoded API keys. Risks of misconfigured AWS S3 buckets are highlighted, stressing data confidentiality.
Software company plans to pay millions in ransom to hackers
CDK Global faces a ransomware attack, disrupting operations at 15,000 car dealerships in North America. The company plans to pay hackers millions. The incident exposes the automotive industry's vulnerability to cyber threats.
LockBit claims to exfiltrate 33TB of data from US Federal Reserve
LockBit claims to have hacked the US Federal Reserve, raising concerns about cybersecurity. The extent of the breach and impact remain unclear as investigations continue.
Seattle library network outage nears a month
The Seattle Public Library faces a prolonged network outage from a ransomware attack, disrupting operations and leaving patrons unable to return books. Mayor Harrell promises efforts to restore services and safeguard personal information.
Chinese Hackers Have Stepped Up Attacks on Taiwanese Organizations
A cybersecurity firm identified RedJuliett, a suspected Chinese state-sponsored hacking group, targeting Taiwanese sectors. The group exploited VPN software vulnerabilities, raising tensions between China and Taiwan. Organizations are advised to enhance security measures.
1 commentsRelated
Simple ways to find exposed sensitive information
Various methods to find exposed sensitive information are discussed, including search engine dorking, Github searches, and PublicWWW for hardcoded API keys. Risks of misconfigured AWS S3 buckets are highlighted, stressing data confidentiality.
Software company plans to pay millions in ransom to hackers
CDK Global faces a ransomware attack, disrupting operations at 15,000 car dealerships in North America. The company plans to pay hackers millions. The incident exposes the automotive industry's vulnerability to cyber threats.
LockBit claims to exfiltrate 33TB of data from US Federal Reserve
LockBit claims to have hacked the US Federal Reserve, raising concerns about cybersecurity. The extent of the breach and impact remain unclear as investigations continue.
Seattle library network outage nears a month
The Seattle Public Library faces a prolonged network outage from a ransomware attack, disrupting operations and leaving patrons unable to return books. Mayor Harrell promises efforts to restore services and safeguard personal information.
Chinese Hackers Have Stepped Up Attacks on Taiwanese Organizations
A cybersecurity firm identified RedJuliett, a suspected Chinese state-sponsored hacking group, targeting Taiwanese sectors. The group exploited VPN software vulnerabilities, raising tensions between China and Taiwan. Organizations are advised to enhance security measures.