6 matches found
SonicWall Confirms State-Sponsored Hackers Behind September Cloud Backup Breach
SonicWall has formally implicated state-sponsored threat actors as behind the September security breach that led to the unauthorized exposure of firewall configuration backup files. "The malicious activity – carried out by a state-sponsored threat actor – was isolated to the unauthorized access o...
GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies
Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account. Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through...
Chinese Hackers Exploited New Zero-Day in Barracuda's ESG Appliances
Barracuda has revealed that Chinese threat actors exploited a new zero-day in its Email Security Gateway ESG appliances to deploy backdoors on a "limited number" of devices. Tracked as CVE-2023-7102, the issue relates to a case of arbitrary code execution that resides within a third-party and...
N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX
The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company, demonstrating a new level of sophistication with North Korean threat actors. Google-owned Mandiant, which is tracking the attack event under the moniker UNC4736, said the...
Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents
Targeted ransomware incidents have brought a threat of disruptive and destructive attacks to organizations across industries and geographies. FireEye Mandiant Threat Intelligence has previously documented this threat in our investigations of trends across ransomware incidents, FIN6 activity,...
Community Health Systems APT Data Breach Medical Espionage
At first blush, the Community Health Systems data breach by Chinese hackers seems to be an anomaly. State-sponsored attackers generally target intellectual property for the purposes of military or economic gain; stealing healthcare credentials and personal patient records seems incongruous. But...