In this picture taken near the truce village of Panmunjom inside the demilitarized zone (DMZ) separating the two Koreas, a bird flies near a North Korean flag fluttering in the wind at the propaganda village of Gijungdong in North Korea on October 4, 2022. (Photo by ANTHONY WALLACE/AFP via Getty Images)
Research from Cisco Talos and Google Threat Intelligence Group underscores the extent to which North Korea-aligned attackers attempt to avoid detection.
Okta thwarted the supply-chain attack with security controls it had in place. Zscaler did not. Their experiences provide insights into the root of a much broader problem.
The emails, which are littered with broken English, aim to instill fear, apply pressure, threaten public exposure and seek negotiation for a ransom payment.
The company said a threat actor accessed and snooped around its account for months, then stole OAuth tokens for Drift integrations from its cloud environment.
Researchers said Google Workspace customers were hit, and noted other platforms are impacted as well. Fresh evidence proves impact was not limited to Salesforce, as Salesloft previously…