Hacking Group Claims Responsibility for Breaching Apple’s Website and Leaking Source Code
A hacking group known as IntelBroker has claimed responsibility for breaching Apple’s website and leaking the source code of three commonly used tools, raising concerns about Apple’s internal system security. The group also stole AMD employees’ credentials and data related to the company’s future product roadmap, prompting an investigation by AMD.
Sp1d3r Cybercrime Gang Strikes Truist Bank, Compromising Data on Thousands of Employees
The Sp1d3r cybercrime gang has targeted Truist Bank, compromising data on 65,000 employees including names, account numbers, and balances. The breach occurred in October 2023, with stolen data now for sale at $1 million. Despite speculation, there is no evidence of a Snowflake incident. This cyberattack highlights the ongoing threats faced by major corporations from cybercriminals.
Snowflake Denies Claims of Data Breach Linked to Santander and Ticketmaster Hacks
A recent breach involving Santander and Ticketmaster has been linked to hacks on Snowflake accounts. A threat actor claims to have accessed data by hacking into an employee’s account at the cloud storage company Snowflake. However, Snowflake denies these claims, attributing recent breaches to poorly secured customer accounts. Snowflake’s cloud data platform is utilized by major companies such as Adobe, AT&T, Capital One, Doordash, HP, Instacart, JetBlue, Kraft Heinz, Mastercard, Micron, NBC Universal, Nielsen, Novartis, Okta, PepsiCo, Siemens, US Foods, Western Union, Yamaha, and more. Cybersecurity firm Hudson Rock reports that the threat actor also gained access to data from other prominent companies using Snowflake’s services, including Anheuser-Busch, State Farm, Mitsubishi, Progressive, Neiman Marcus, Allstate, and Advance Auto Parts. The actor allegedly bypassed Okta’s secure authentication process by logging into a Snowflake employee’s ServiceNow account with stolen credentials, enabling them to extract data from Snowflake customers. Snowflake declined to comment further on the breach when contacted by BleepingComputer, and representatives from Santander and Ticketmaster were unavailable for immediate comment.
Scammers Exploiting DNS System to Target Victims Worldwide
Scammers using a unique DNS scam known as Savvy Seahorse are targeting victims in Australia and around the world. The operation exploits DNS functionality to deceive victims, promising easy investment and fast returns before swiftly transferring funds to a Russian bank. Infoblox researchers have uncovered the operation, which can geofence its victims and is targeting individuals in various languages. Australians and New Zealanders are prime targets due to their high disposable income, emphasizing the need for vigilance when investing money or providing financial credentials online.