Dark Reading

ShinyHunters Expands Scope of SaaS Extortion Attacks

Following their Salesforce attacks last year, the cybercrime group has broadened its targeting and gotten more aggressive with extortion tactics.

ShinyHunters claim hacks of Okta, Microsoft SSO accounts for data theft

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) ...

Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...

Google's security team look at how ShinyHunters has rolled out SSO scams

Mandiant analyzed ShinyHunters' MO, detailing how it steals login and MFA codes.

ShinyHunters claims Okta customer breaches, leaks data belonging to 3 orgs

'A lot more' victims to come, we're told ShinyHunters has claimed responsibility for an Okta voice-phishing campaign during ...
HealthcareInfoSecurity

Voice Phishing Okta Customers: ShinyHunters Claims Credit

A surge in attacks that bypass some types of multifactor authentication has been tied to a new generation of voice-phishing toolkits that give attackers the ability ...

Canva among ~100 targets of ShinyHunters Okta identity-theft campaign

Atlassian, RingCentral, ZoomInfo also among tech targets ShinyHunters has targeted around 100 organizations in its latest ...