Cybersecurity and Information Warfare

FBI Alerts on Cybercriminals UNC6040 and UNC6395 Targeting Salesforce

The FBI has issued a warning about two cybercriminal groups, UNC6040 and UNC6395, targeting Salesforce platforms for data theft and extortion. UNC6395 exploited compromised OAuth tokens from a breached GitHub account, while UNC6040 employed vishing campaigns to hijack Salesforce instances. Both groups are tied to extensive data exfiltration and extortion efforts, with indications of an evolving collaboration among various cybercriminal factions. Despite recent claims of shutting down operations, experts caution that such groups often re-emerge under new identities, highlighting the need for organizations to maintain vigilance against potential threats.

Share

Leave a Reply

Your email address will not be published. Required fields are marked *