Jason Bilnoski with the FBI’s cyber division told CyberScoop that investigators seized on the mistakes of companies China has used in its widespread cyberespionage.
Researchers said Google Workspace customers were hit, and noted other platforms are impacted as well. Fresh evidence proves impact was not limited to Salesforce, as Salesloft previously…
The financially motivated threat group demonstrates deep knowledge of hybrid cloud environments, which allows it to rapidly steal sensitive data, destroy backups and encrypt systems for ransomware.
A threat group Google tracks as UNC6395 systematically stole large amounts of data from Salesforce customer instances by using OAuth tokens stolen from Salesloft Drift, researchers said.
Operation Serengeti 2.0 dismantled almost 11,500 malicious infrastructures between June and August. Officials arrested more than 1,200 alleged cybercriminals.