THREAT INTEL: SNOWFLAKE Attack Turning Into One of the Largest Data Breaches Ever.
admin June 10, 2024Gibraltar: Monday 10 June 2024 at 09:50 CET
THREAT INTEL: Snowflake Attack Turning Into One of the Largest Data Breaches Ever.
By Andy Jenkinson – Guest Contributor |Â Group CEO Cybersec Innovation Partners
via IainFRASER.net/CYBERInsights
SME Cyber Insights
Google Indexed on 110624 at 07:10 CET
#SMECyberInsights #SMECybersecurityNews #Cybersecurity #WhitethornShield #InternetSecurity #Cybercrime #CyberInsurance #DNS #PKI
THREAT INTEL: Snowflake Attack Turning Into One of the Largest Data Breaches Ever.
The number of alleged hacks targeting the customers of cloud storage firm Snowflake appears to be snowballing into one of the biggest data breaches of all time.
CrowdStrike and Mandiant (part of Google Cloud) were parachuted in and made reassuring joint statements. The rather awkward question then is Snowflake still maintaining an INSECURE DNS Zone and NOT SECURE Subdomains?
Are these real-time security faux-pas, overlooked, or major professional security incompetence?
No matter what the reason, Snowflake and all Snowflake partners and clients are exposed and insecure to further incidents.
It was reckless to allow these critical Internet Assets to be NOT SECURE in the first place. Negligent NOT to address them and leave them NOT SECURE in the aftermath.
Either of the two real-time examples below could have been easily exploited to enable Access and Digital Intrusion when Snowflake discovered their cyber incident back in April 2024. Several weeks later to discover they are still NOT SECURE is most concerning and incredibly damning.
We reached out to Snowflake several weeks ago and were sadly ignored. Class Actions and the Security Exchange Commission are no doubt sharpening their knives…
To avoid similar Access and Incidents, organizations MUST know what their Internet Assets and landscape looks like and ensure they are SECURE.
Brad Jones Sridhar Ramaswamy Michael Scarpelli Benoit Dageville Chris Degnan Denise Persson Sylvia Pagan Thierry Cruanes Sunny Bedi Derk L.
WhitethornShield FBI Cyber Division Federal Bureau of Investigation (FBI) The White House
GCHQ National Cybersecurity Coordination Center (NCSCC)
About Andy Jenkinson
Group CEO CIP. Fellow Cyber Theory Institute. Director Fintech & Cyber Security Alliance (FITCA) working with Governments. Recognised Expert in Internet Asset & DNS Vulnerabilities.
Andy Jenkinson is a senior and seasoned innovative Executive with over 30 years’ experience
as a hands-on lateral thinking CEO, coach, and leader. A ‘big deal’ business accelerator, and
inspirational, lateral thinker, Andy has crafted, created, and been responsible for delivering
100’s £ millions of projects within the Cyber, Technical, Risk and Compliance markets for
some of the world’s largest, leading organisations. Andy has a demonstrable track record
of largescale technical delivery and management within many sectors including the
Professional, Managed, and Financial Services.