The attack that resulted in the Salesloft Drift data breach started with the compromise of the company’s GitHub account, Salesloft confirmed this weekend. Supply chain compromise On August 26, the company publicly revealed that earlier that month, a threat actor exfiltrated data from their customers’ Salesforce instances by leveraging stolen OAuth credentials that enable the integration of their Drift (Salesloft) chatbot with said instances. Google Threat Intelligence Group attributed the...| Help Net Security
CISA reveals new malware variant used on compromised Ivanti Connect Secure devices| Help Net Security
One aspect of vulnerability intelligence is also doing a best-faith effort to track the threat actors that are using the vulnerabilities. While that information often isn’t published, when it…| Rants of a deranged squirrel.
Fortinet has publicly released information about CVE-2024-47575, a FortiManager flaw under active exploitation.| Help Net Security
Mandiant says the primary motive for the operation appears to be helping the Iranian government identify Iranians who may cooperate with Israel.| CyberScoop
Google’s announcement that it would be buying security firm Mandiant for $5.4 billion made some waves in the security world this week. Google paid a hefty 57% premium over Mandiant’s Fe…| Security Economics