After Snowflake, Hugging Face reports security breach
- by nlqip
Personal credentials of the demo account of a former employee were obtained and used by the threat actors, specifically, because the account was not behind Okta or Multi-Factor Authentication (MFA), unlike Snowflake’s corporate and production systems, according to Jones.
“The incident playing out at Snowflake is due to the same issue we’re seeing across the market, companies are not incorporating the security of their SaaS applications into their security architectures,” said Brian Soby, chief technology officer and co-founder at AppOmni. “In this case, an attacker simply bought stolen credentials and used them to log in directly to Snowflake’s ServiceNow instance, as it was misconfigured to allow Single Sign On (SSO) to be optional instead of mandatory.”
Threat group ShinyHunters, who recently claimed responsibility for Santander and Ticketmaster breaches, allegedly claimed they stole data from cloud storage company Snowflake after hacking into an employee’s account.
Source link
lol
Personal credentials of the demo account of a former employee were obtained and used by the threat actors, specifically, because the account was not behind Okta or Multi-Factor Authentication (MFA), unlike Snowflake’s corporate and production systems, according to Jones. “The incident playing out at Snowflake is due to the same issue we’re seeing across the…
Recent Posts
- Bitcoin ATM scams skyrocket – Week in security with Tony Anscombe
- North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams
- FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals
- ESET Research Podcast: HotPage
- A Vulnerability in SonicWall SonicOS Management Access and SSLVPN Could Allow for Unauthorized Resource Access