This intelligence digest highlights an urgent FBI warning regarding threat actors actively stealing Salesforce data for extortion purposes. A new Phishing-as-a-Service platform, VoidProxy, is enabling attacks on Microsoft 365 and Google accounts, bypassing some single sign-on protections. We also cover significant shifts in the ransomware landscape and the growing security risks associated with AI misinformation.
Top 3 Critical Security Alerts
- FBI warns of UNC6040, UNC6395 hackers stealing Salesforce data: The FBI has issued a FLASH alert on two threat clusters actively compromising Salesforce environments to steal data and extort victims. Read more
- New VoidProxy phishing service targets Microsoft 365, Google accounts: A new Phishing-as-a-Service (PhaaS) platform named VoidProxy enables sophisticated attacks against Microsoft 365 and Google accounts, bypassing some SSO protections. Read more
- 15 ransomware gangs ‘go dark’ to enjoy ‘golden parachutes’: Reports indicate at least 15 ransomware operations have ceased activities, suggesting a trend of threat actors cashing out and rebranding to evade law enforcement. Read more
Threat Intelligence
- FBI warns of UNC6040, UNC6395 hackers stealing Salesforce data: The FBI has issued a FLASH alert on two threat clusters actively compromising Salesforce environments to steal data and extort victims. Read more
- New VoidProxy phishing service targets Microsoft 365, Google accounts: A new Phishing-as-a-Service (PhaaS) platform named VoidProxy enables sophisticated attacks against Microsoft 365 and Google accounts, bypassing some SSO protections. Read more
- 15 ransomware gangs ‘go dark’ to enjoy ‘golden parachutes’: Reports indicate at least 15 ransomware operations have ceased activities, suggesting a trend of threat actors cashing out and rebranding to evade law enforcement. Read more
- Web Searches For Archives, (Sun, Sep 14th): The SANS ISC reports a significant increase in reconnaissance activity, with attackers increasingly scanning for exposed archive files like ‘backup.zip’ on web servers. Read more
Security Tools & Best Practices
- Data destruction done wrong could cost your company millions: Improper data destruction on company hardware can lead to significant financial penalties and data breaches, emphasizing the need for secure disposal policies. Read more
Emerging Security Technologies
- “If Anyone Builds It, Everyone Dies” researchers warn as they call for global AI shutdown: Researchers are advocating for an international treaty to halt advanced AI development, citing existential risks to humanity if AGI is created without sufficient controls. Read more
- Leading AI chatbots are now twice as likely to spread false information as last year, study finds: A new study reveals major AI chatbots are increasingly spreading misinformation, posing a growing risk for social engineering and corporate disinformation campaigns. Read more
- Google’s VaultGemma shows the struggle to balance privacy and performance in AI: Google DeepMind’s new VaultGemma model, trained with differential privacy, highlights the ongoing challenge of creating powerful AI systems that also protect user data. Read more
