Google: New UNC6783 hackers steal corporate Zendesk support tickets
Summary
A threat actor known as UNC6783 is targeting business process outsourcing (BPO) providers to steal corporate support tickets from companies using Zendesk. This actor has already successfully compromised several BPO companies, allowing them to access sensitive information from their clients.
IFF Assessment
This is bad news for defenders as it indicates a new, sophisticated threat actor gaining access to sensitive corporate data through supply chain compromises.
Defender Context
Defenders need to be aware of this new threat actor, UNC6783, and the tactics they employ, particularly their focus on compromising BPO providers and stealing Zendesk support tickets. This highlights the importance of securing the supply chain and implementing robust access controls for third-party vendors.