Welcome to the Triad Situation Report, your trusted source for the latest cybersecurity and compliance news. In this edition, we bring you crucial updates on emerging cyber threats, including data breaches, phishing schemes, and sophisticated malware campaigns. Stay informed and take proactive steps to protect your business from evolving cyber risks.
FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks
The FBI has issued a flash alert about two threat groups—UNC6040 and UNC6395—actively targeting Salesforce platforms. UNC6395 leveraged compromised OAuth tokens via Salesloft’s Drift application, while UNC6040 has used vishing, custom scripts, and modified tools to hijack Salesforce instances and steal large datasets. The FBI advises that customers treat integrations related to compromised applications as potentially compromised and strengthen access controls.
Read more
Hackers Left Empty-Handed After Massive NPM Supply-Chain Attack
A massive supply-chain breach hit the NPM ecosystem when a maintainer’s account was compromised through a phishing attack. Popular packages like “chalk” and “debug-js”—with billions of downloads weekly—were tampered with to steal cryptocurrency. Though the breach reached about 10% of cloud environments within hours, the attackers made almost no profit, and cleanup actions removed malicious code quickly.
Read more
71% of CISOs Hit with Third-Party Security Incident This Year
A survey reveals that 71% of Chief Information Security Officers (CISOs) have experienced at least one material security incident involving third parties in the past year. Many organizations depend on complex supplier and SaaS networks, which expand the attack surface. The report highlights issues like over-permissioned integrations, weak oversight, and insufficient supply chain visibility as major vulnerabilities.
Read more
VC Giant Insight Partners Notifies Staff and Limited Partners After Data Breach
Venture capital firm Insight Partners confirmed that a social engineering attack in January exposed sensitive information about limited partners, employees, and entities within its portfolio. Data included banking, tax, and personal details. The firm has since notified affected parties but hasn’t disclosed whether there was an extortion component or how many people were impacted.
Read more
RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities
A new Android malware strain, RatOn, combines NFC relay attacks with ATS (Automated Transfer System) fraud. It targets cryptocurrency wallet apps and bank apps by mimicking interfaces, overlaying fake screens, and using device permissions to hijack accounts. It also includes ransomware-like features, locking devices and threatening victims to induce compliance. Initially observed in Czechia with language-specific targeting.
Read more
How Triad InfoSec Can Assist Your Business:
Navigating the complexities of cybersecurity compliance can be challenging. Triad InfoSec is dedicated to helping businesses prepare for CMMC audits, ensuring compliance, and optimizing cybersecurity strategies. Our services include:
- CMMC Audit Preparation: Guiding your organization through the necessary steps to achieve CMMC certification.
- MSP Partnerships: Collaborating with Managed Service Providers to ensure your business remains compliant while reducing cyber insurance premiums.
- Comprehensive Cybersecurity Solutions: Offering a range of services tailored to meet all your cybersecurity needs.
Partner with Triad InfoSec to secure your business’s future
