tldrdailynews.com logo
Tag

Shinyhunters

All articles tagged with #shinyhunters

GTA 6 Studio Hit by Cloud Breach, Hackers Warn of Data Leak Over Ransom
technology5 hours ago

GTA 6 Studio Hit by Cloud Breach, Hackers Warn of Data Leak Over Ransom

Hackers ShinyHunters claim Rockstar Games’ cloud environment was breached and threaten to leak a data cache unless a ransom is paid by April 14; Rockstar later confirmed a data breach but said only a limited amount of non-material company information was accessed via a third-party service, with no impact on players or operations. The attackers are believed to have targeted corporate data (contracts, financials, marketing), not user passwords or personal gamer data.

via Kotaku|
#data-breach#gta-6#ransomware
ShinyHunters claim new Salesforce Aura breach via misconfigured guest access
security1 month ago

ShinyHunters claim new Salesforce Aura breach via misconfigured guest access

Salesforce warns customers that misconfigured Experience Cloud guest access can let unauthenticated visitors query CRM data, while ShinyHunters claims to be exploiting a bug with a modified AuraInspector to steal data. Salesforce stresses there is no platform flaw and urges admins to audit guest permissions, set org defaults to private, disable API access for guest profiles, turn off self-registration, and monitor Aura Event Monitoring. Mandiant confirms AuraInspector misuse and notes that detection in logs does not guarantee a breach.

via BleepingComputer|
#aura#data-theft#experience-cloud
Canva Counted Among ~100 Victims in Shiny Hunters Credential theft
technology2 months ago

Canva Counted Among ~100 Victims in Shiny Hunters Credential theft

The Register reports that Canva is among about 100 targets affected by the Shiny Hunters credential-theft operation, with the piece listing numerous advertising-tech vendors and the types of data and cookies involved. The broad scope underscores a sizable attack surface across the ad-tech ecosystem and highlights the need for strong credential hygiene and monitoring for suspicious activity across partnered platforms.

via theregister.com|
#adtech#canva#credential-theft
ShinyHunters Claims Massive Salesforce Data Breach and Extortion
cybersecurity6 months ago

ShinyHunters Claims Massive Salesforce Data Breach and Extortion

An extortion group called ShinyHunters, along with associated groups, has launched a website leaking data from 39 companies affected by Salesforce breaches, threatening to release personal data unless ransom demands are met. The attacks involved voice phishing and OAuth token theft, impacting major corporations like Google, Disney, and IKEA, with the group warning of further extortion campaigns.

via BleepingComputer|
#cyberattack#cybersecurity#data-leak
Google Addresses Security Warnings Amid Hacker Threats and Data Breaches
technology7 months ago

Google Addresses Security Warnings Amid Hacker Threats and Data Breaches

ShinyHunters, a cybercrime group known for data breaches and now employing voice-based social engineering tactics like vishing, has targeted major companies including Salesforce, affecting millions of users. The group has links with other hacking groups and is involved in selling stolen data and offering ransomware services. Protecting against such attacks involves vigilance, employee training, and enhanced security measures like multi-factor authentication. The rise of AI-generated deepfakes makes these scams more sophisticated and harder to detect.

via The Conversation|
#cybercrime#data-breach#shinyhunters
Google Alerts 2.5 Billion Gmail Users to Change Passwords After Security Breach
technology7 months ago

Google Alerts 2.5 Billion Gmail Users to Change Passwords After Security Breach

Google has issued an emergency warning to Gmail users following a cyber threat linked to a Salesforce data breach, with hackers exploiting stolen data through social engineering and impersonation tactics. The threat is associated with the notorious cybercriminal group ShinyHunters, which has targeted major organizations and stolen vast amounts of data. Users are advised to enhance their security by updating passwords and enabling two-factor authentication to mitigate risks.

via yahoo.com|
#cybersecurity#data-breach#gmail
technology7 months ago

Google Data Breach Affects 2.5 Billion Gmail Users

Google confirmed a data breach affecting up to 2.5 billion users, linked to the ShinyHunters ransomware group, which compromised a Salesforce database containing mostly public business information. The breach occurred in June but was only disclosed after security experts identified the data loss. Google responded quickly, but the incident highlights ongoing cybersecurity risks, including social engineering scams targeting users.

via extremetech.com|
#cybersecurity#data-breach#database-hack
Google Reports Hackers Breached Internal Salesforce System
technology8 months ago

Google Reports Hackers Breached Internal Salesforce System

Google announced that the hacking group ShinyHunters breached one of its Salesforce databases containing contact information for small and medium-sized businesses, but the hackers only accessed publicly available data for a brief period. The group is known for social engineering attacks and has targeted other major companies this year, often demanding ransom after data exfiltration.

via Axios|
#cybersecurity#data-breach#google
AT&T Paid Hacker $370,000 to Erase Stolen Customer Data
cybersecurity1 year ago

AT&T Paid Hacker $370,000 to Erase Stolen Customer Data

AT&T paid a hacker $370,000 in bitcoin to delete stolen customer data, negotiating through an intermediary after the hacker initially demanded $1 million. The hacker provided a video as proof of deletion, but there are concerns that some data excerpts may still exist. The breach is linked to the ShinyHunters group, which also compromised Ticketmaster and Santander Bank using stolen credentials from a third-party cloud storage company.

via The Verge|
#atandt#cybersecurity#data-breach