US EditionSalesforce Platforms Are Being Cracked Open for Data Theft - FBI Warns of UNC6040 and UNC6395 IOCs
The FBI detailed attack techniques by UNC6040 and UNC6395 exploiting OAuth tokens and social engineering to steal data from global Salesforce customers, urging enhanced security measures.
6 Articles
6 Articles
FBI Warns About 2 Campaigns Targeting Salesforce Instances - Cybernoz - Cybersecurity News
The FBI on Friday released an alert warning that two hacker groups have been targeting Salesforce instances for extortion and data theft. The groups, identified as UNC6040 and UNC6395, have been identified in recent attacks using different methods of gaining initial access, according to the FBI. The alert includes indicators of compromise and additional guidance that can help security teams determine if they have been targeted and prevent futur…
FBI Releases IOCs on Cyber Threats Exploiting Salesforce for Data Theft
The Federal Bureau of Investigation (FBI) has released a detailed flash advisory disclosing indicators of compromise (IOCs) and tactics used by two cybercrime groups—UNC6040 and UNC6395—to breach Salesforce customer environments and siphon sensitive data. Coordinated with the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS/CISA), the bulletin aims to equip security teams and […] The post FBI Releases IOCs on…
FBI Warns of Major Salesforce Data Breaches by UNC6040 and UNC6395
The FBI has issued an urgent FLASH alert warning that two cybercrime groups, UNC6040 and UNC6395, are breaching companies’ Salesforce environments to steal sensitive data and demand ransoms. The coordinated campaigns have hit dozens of high-profile firms in recent months, exposing massive stores of customer and support information. The FBI said the groups are using OAuth tokens and social engineering to quietly siphon data from Salesforce, then …
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
