Dark Reading

ShinyHunters Expands Scope of SaaS Extortion Attacks

Following their Salesforce attacks last year, the cybercrime group has broadened its targeting and gotten more aggressive with extortion tactics.

Google's security team look at how ShinyHunters has rolled out SSO scams

Mandiant analyzed ShinyHunters' MO, detailing how it steals login and MFA codes.

ShinyHunters claims Okta customer breaches, leaks data belonging to 3 orgs

'A lot more' victims to come, we're told ShinyHunters has claimed responsibility for an Okta voice-phishing campaign during which the extortionist crew allegedly gained access to Crunchbase and ...
Cybernews

Reports link ShinyHunters to SSO vishing attacks, but key details reserved for Okta paying customers

There are reports that threat actor ShinyHunters is behind an active voice phishing campaign, aimed at stealing single ...

Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...

Canva among ~100 targets of ShinyHunters Okta identity-theft campaign

Atlassian, RingCentral, ZoomInfo also among tech targets ShinyHunters has targeted around 100 organizations in its latest ...
DataBreachToday

Social Engineering Hackers Target Okta Single Sign On

Security experts warn that "an active and ongoing campaign" being waged by ShinyHunters extortionists has at least 150 ...