Google Warns of New Campaign Targeting BPOs to Steal Corporate Data
Summary
Google has identified a new cyberattack campaign, tracked as UNC6783, that specifically targets Business Process Outsourcing (BPO) firms. The objective of this campaign is to steal corporate data, and the threat actor is believed to be connected to the "Mr. Raccoon" group.
IFF Assessment
This is bad news for defenders because a new campaign is actively targeting a specific type of organization (BPOs) with the intent of stealing sensitive corporate data.
Defender Context
Defenders should be aware of this campaign targeting BPOs, as these organizations often handle sensitive data for their clients. Organizations relying on BPOs should ensure their partners have robust security measures in place and consider enhanced monitoring for data exfiltration attempts originating from these third parties.