"Telus Digital has admitted it fell victim to a cyberattack, investigating unauthorized access to a limited number of systems and taking immediate steps to address the unauthorized activity and secure systems against further intrusion. Reports indicate a petabyte or more of data was leaked by ShinyHunters after acquiring valid Google Cloud Platform credentials from the Salesloft breach."
"Given the evolving geopolitical landscape and the corresponding increase in state-sponsored and opportunistic cyber threats, immediate attention to security posture across all products is urged. Threat intelligence indicates a marked uptick in targeted attacks against critical infrastructure, supply chains, and enterprise environments linked to ongoing geopolitical conflicts, including advanced persistent threats, ransomware campaigns, and zero-day exploitation attempts."
"Cloud Software Group's security teams are operating at an elevated alert level and have accelerated vulnerability assessments, threat monitoring, and patch release cycles across the entire product portfolio. Customers are urged to apply all available patches immediately, verify implementations follow published security baselines, enable MFA and audit logging, and verify deployment configurations."
Telus Digital disclosed a cybersecurity incident involving unauthorized access to limited systems, claiming immediate remediation steps were taken. However, reports indicate a petabyte or more of data was leaked by the ShinyHunters crime gang, who obtained valid Google Cloud Platform credentials from the Salesloft breach. Separately, Cloud Software Group's CISO issued an urgent directive to customers emphasizing immediate patch deployment across all products due to heightened geopolitical tensions. Threat intelligence reveals increased targeted attacks against critical infrastructure and supply chains, including advanced persistent threats, ransomware campaigns, and zero-day exploitations. The company accelerated vulnerability assessments and patch cycles, recommending customers apply all updates, verify security baselines, enable multi-factor authentication, and audit logging.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]