"The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate Indicators of Compromise (IOCs) associated with recent malicious cyber activities by cyber criminal groups UNC6040 and UNC6395, responsible for a rising number of data theft and extortion intrusions. Both groups have recently been observed targeting organizations' Salesforce platforms via different initial access mechanisms. The FBI is releasing this information to maximize awareness and provide IOCs that may be used by recipients for research and network defense."
"FLASH Alert-20250912-001 TLP:Clear SummaryThe Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate Indicators of Compromise (IOCs) associated with recent malicious cyber activities by cyber criminal groups UNC6040 and UNC6395, responsible for a rising number of data theft and extortion intrusions. Both groups have recently been observed targeting organizations' Salesforce platforms via different initial access mechanisms. The FBI is releasing this information to maximize awareness and provide IOCs that may be used by recipients for research and network defense. Flash Alert: UNC6040 and UNC6395"
UNC6040 and UNC6395 are cybercriminal groups responsible for a rising number of data theft and extortion intrusions. Both groups have been observed targeting organizations' Salesforce platforms using different initial access mechanisms. Indicators of Compromise (IOCs) associated with these malicious activities are being disseminated to assist detection, research, and network defense. The released IOCs support identification of compromises, help prioritize incident response, and enable defenders to apply mitigations. Organizations using Salesforce and security teams should review logs, monitor for the provided IOCs, apply access controls, and investigate suspicious activity to reduce exposure to data theft and extortion.
Read at DataBreaches.Net
Unable to calculate read time
Collection
[
|
...
]