ShinyHunters claims more high-profile victims in latest Salesforce customers data heist
Summary
The threat group ShinyHunters claims to have stolen data from approximately 100 high-profile companies, including Salesforce itself, in a recent data heist. Notably, the group stated they utilized a Mandiant-developed open-source tool during these attacks.
IFF Assessment
This is bad news for defenders as it highlights a successful large-scale data theft operation and the potential for legitimate security tools to be repurposed for malicious activities.
Defender Context
Defenders should be aware of ShinyHunters' continued activity and their ability to target high-profile organizations. Furthermore, the use of an open-source tool developed by a reputable security firm like Mandiant underscores the importance of securing and monitoring the use of all software, even ostensibly benign or beneficial tools.