#Tag
Threat actors have reportedly launched yet another campaign involving an application connected to Salesforce.
This time, it's the Gainsight application.
And yes, it is the ShinyScatteredLapsus$ collective that is responsible for this new campaign.
Threat actors have reportedly launched yet another campaign involving an application connected to Salesforce.
This time, it's the Gainsight application.
And yes, it is the ShinyScatteredLapsus$ collective that is responsible for this new campaign.
Texas Attorney General Ken Paxton has filed a lawsuit against PowerSchool over its massive 2024 data breach. The lawsuit claims that PowerSchool violated both the Texas Deceptive Trade Practices Act and the Identity Theft Enforcement and Protection Act by misleading customers about its security practices and failing to take reasonable measures to protect sensitive information entrusted by Texas families and school districts.
Lawsuit: https://www.texasattorneygeneral.gov/sites/default/files/images/press/PowerSchool%20Petition.pdf
h/t, Click2Houston
Well? Should they? Let’s ask Ian Betteridge.
Four weeks ago, #Google admitted it was hacked by #ShinyHunters and/or #ScatteredSpider—via #vishing. Sadly, this sparked a journalistic game of Telephone: Over the space of four weeks, “This #Salesforce instance got vished,” quickly became, “2.5 billion #Gmail users hacked!!1!”
Sigh. “This is entirely false,” complains Google. In #SBBlogwatch, we bait for clicks during dog days.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://securityboulevard.com/2025/09/gmail-hack-telephone-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc
Well? Should they? Let’s ask Ian Betteridge.
Four weeks ago, #Google admitted it was hacked by #ShinyHunters and/or #ScatteredSpider—via #vishing. Sadly, this sparked a journalistic game of Telephone: Over the space of four weeks, “This #Salesforce instance got vished,” quickly became, “2.5 billion #Gmail users hacked!!1!”
Sigh. “This is entirely false,” complains Google. In #SBBlogwatch, we bait for clicks during dog days.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://securityboulevard.com/2025/09/gmail-hack-telephone-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc
(exclusive):
ShinyHunters sent Google an extortion demand; Shiny comments on current activities
In a long chat yesterday, Shiny touched on Google, France, Australia and the Qantas injunction, and the NSA's alleged attempts at voice analysis:
#ShinyHunters#ScatteredSpider#Salesforce#Google#LVMH#Qantas
@campuscodi @lawrenceabrams @zackwhittaker @eurinfosec @kevincollier
Are Scattered Spider and ShinyHunters one group or two? And who did France arrest?
It's been a wild weekend here trying to sort out the relationship between #ShinyHunters and #ScatteredSpider. And then, to really blow my mind, I heard from the leader of ShinyHunters (or someone claiming to be him) and no, he's not in prison in France.
If I was trolled, it's absolutely an amazingly good troll. But see what you think.
As expected, more details are emerging in other news outlets about the arrest of #ShinyHunters.
One detail I noted is that ShinyHunters is suspected of being responsible for the attacks on #LVMH, which is the high-end brand associated with Tiffany and Dior, who both reported breaches this year. Although there had been some speculation that #ScatteredSpider might be responsible for those breaches, it appears that ShinyHunters was allegedly responsible.
There have been a number of hacks this year where it is not clear -- in the absence of law enforcement confirmation -- whether a #databreach has been by Scattered Spider or ShinyHunters, or whether they have collaborated with one doing the hacking and the other doing the extortion. I predict in weeks/months to come, we will be given a pretty big list of big hacks that ShinyHunters has been involved in this year.
As I reported in my coverage of the PowerSchool hack and prosecution of Matthew Lane, ShinyHunters' name has been linked to that one, too, but was not named as a co-conspirator.
This is where I should write "This is a developing story..." huh?
A space for Bonfire maintainers and contributors to communicate
