June 23, 2024 at 10:21PM
Snowflake breach continues to expand with victims, including Ticketek and Advance Auto Parts. Hacker claims to have accessed Snowflake by compromising third parties. CDK faces ransomware attack and potential payment. Critical vulnerabilities found in Juniper Secure Analytics, CAREL Boss-Mini, Westermo L210-F2G, and RAD Data Communications SecFlow-2. Alleged Apple tools leaked. Jetflicks operators found guilty of criminal copyright infringement.
Key takeaways from the meeting notes:
1. Snowflake has experienced a significant security breach, affecting at least 165 targets, including Ticketek and Advance Auto Parts. Hacker group ShinyHunters claims to have accessed Snowflake systems through compromised third parties, but Snowflake denies direct penetration by cyber criminals.
2. CDK, a software house providing services to car dealerships, is under ransomware attack and may be considering paying the extortionist to regain access to its systems.
3. A security update for Juniper Secure Analytics is critical due to multiple vulnerabilities, some of which are rated as high as 9.8 out of 10 on the CVSS scale.
4. IntelBroker allegedly leaked internal Apple tools, but an IT services firm found that the leaked data did not actually include such tools, but rather custom integrations for Apple’s internal network.
5. Five individuals have been convicted for criminal copyright infringement in operating the illegal streaming site Jetflicks, which amassed a significant library of television episodes and attempted to disguise its activities as an aviation entertainment company when facing copyright complaints.