Charming Kitten APT Wields New Scraper to Steal Email Inboxes
Google researchers say the nation-state hacking team is now employing a data-theft tool that targets Gmail, Yahoo!, and Microsoft Outlook accounts using previously acquired credentials.
Acquisitions can change ownership of security teams, systems, and data, creating risks around access, integration, compliance, and incident response.
Search across headline titles and summaries.
Background for this topic.
An acquisition is the purchase of a company, business unit, or technology by another organization, transferring control of its people, systems, and data. In information security, the event matters because the buyer may inherit unfamiliar networks, cloud services, software, credentials, suppliers, and unresolved security issues.
Before integration, security due diligence should identify exposed systems, critical vulnerabilities, active threats, prior incidents, and obligations governing personal or regulated data. After closing, teams must control access between environments, remove unnecessary accounts, verify asset ownership and logging, and bring inherited systems into vulnerability-management and monitoring processes. Connecting legacy infrastructure too quickly can create new attack paths, while poorly planned changes can hinder detection or incident response. Privacy and compliance reviews should confirm that data use, retention, and cross-border transfers remain lawful under the combined organization.
Google researchers say the nation-state hacking team is now employing a data-theft tool that targets Gmail, Yahoo!, and Microsoft Outlook accounts using previously acquired credentials.