A threat group Google tracks as UNC6395 has pilfered troves of data from Salesforce corporate instances, in search of credentials that can be used to compromise those organizations’ environments. “[Google Threat Intelligence Group] observed UNC6395 targeting sensitive credentials such as Amazon Web Services (AWS) access keys (AKIA), passwords, and Snowflake-related access tokens,” the company’s incident responders shared. How did UNC6395 access Salesforce instances? Salesforce is a cloud-based customer relationship management platform. To access the targeted … More
The post Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: