Zscaler Customer Data Exposed After Attackers Accessed Salesforce Instance Summary of the incident Cybersecurity vendor Zscaler has disclosed a data breach in which threat actors gained access to its Salesforce instance and exfiltrated customer information, including the contents of support cases. Zscaler warned customers about the incident and said the breach followed the compromise of…
Amazon disrupts Russian APT29 campaign targeting Microsoft 365 accounts Summary of the disruption Amazon has been reported to have disrupted an operation attributed to the Russian state-sponsored threat group known as Midnight Blizzard (also tracked as APT29) that sought access to Microsoft 365 accounts and tenant data. Researchers who investigated the activity described the disruption…
ScarCruft (APT37) Deploys RokRAT in “Operation HanKook Phantom” Targeting South Korean Academics Summary of the discovery Cybersecurity researchers at Seqrite Labs have identified a new phishing campaign attributed to ScarCruft, an actor widely reported as North Korea–linked and also tracked as APT37. Seqrite has codenamed the activity Operation HanKook Phantom. According to the report, the…