North Korea's APT37 Expands Toolkit to Breach Air-Gapped Networks
The security researchers from Zscaler ThreatLabz have also discovered five new tools deployed by the North Korean hacking group
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The security researchers from Zscaler ThreatLabz have also discovered five new tools deployed by the North Korean hacking group
The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive for command-and-control (C2) communications to fetch more payloads and an implant that uses removable media to relay commands and breach air-gapped networks
Full Breach Scope Remains Unclear; Hundreds of Organizations Reportedly AffectedThe scope of the Salesloft Drift data breach continues to expand, now counting Cloudflare, Zscaler, Palo Alto Networks as victims and what investigators say are many hundreds more organizations that connected their Salesforce, Google Workspace or other tools to Salesloft's AI chatbot.
Two major security firms suffered downstream compromises as part of a large-scale supply chain attack involving Salesloft Drift, a marketing SaaS application from Salesforce.
'Widespread Data Theft Campaign' Compromised Many Drift OAuth Tokens, Warn ExpertsThreat researchers report that "a widespread data theft campaign" traces to attackers stealing OAuth access tokens for applications integrated with Salesloft's AI chatbot Drift, then exfiltrating data. Victims include Salesforce customer Zscaler. Google Workspace instances were also breached.
Zscaler has emerged as the latest corporate victim of a supply chain attack targeting Salesforce data
Cybersecurity company Zscaler warns it suffered a data breach after threat actors gained access to its Salesforce instance and stole customer information, including the contents of support cases. [...]
Also: New Attack Threatens VPN User Privacy; Android Malware Targets FinlandThis week, LockBit claimed responsibility for an attack, British Columbia probed an attack, the "TunnelVision" flaw threatened VPN users' privacy, a CEO was sentenced for a scam, attackers exploited a WordPress plug-in flaw, Zscaler probed a breach and Finland warned about Android malware scams.
Zscaler says that they discovered an exposed "test environment" that was taken offline for analysis after rumors circulated that a threat actor was selling access to the company's systems. [...]
Zscaler says that today's rumors it was breached are false after a threat actor claimed to be selling access to one of the "largest cyber security companies." [...]