Concerned about exposure from the recent Snowflake data breach? LayerX can help! LayerX has deployed policies for its customers to help them lock down their Snowflake accounts. Read our guide below for actionable steps you can take today! https://lnkd.in/dtSxymKx
LayerX Security’s Post
More Relevant Posts
-
On one hand, I'm sure there could be things that Snowflake does to either mitigate or make these attacks easier, but they wouldn't have happened if the customer wasn't compromised first. On the other, note the section in the article on how a user apparently can't set a policy to require company-wide use of #MFA it must be enabled account-by-account. Why is that? I'd assign the majority of blame to the customers, but Snowflake certainly gets a share. Carry on... https://lnkd.in/gSfgF7_c #auguryit #cysec
Hackers steal “significant volume” of data from hundreds of Snowflake customers
arstechnica.com
To view or add a comment, sign in
-
UNC5537 observed using stolen credentials to target organizations utilizing Snowflake databases. The threat actor is using a custom attack tool to target Snowflake environments that primarily lack two-factor authentication (2FA).
Threat actor compromising Snowflake database customers | TechTarget
techtarget.com
To view or add a comment, sign in
-
I build and operate Exploratory Data Warehouses that uncover millions of dollars of real business value.
Is it time to rethink the risk / benefit ratio of moving critical business data to the cloud? I think it boils down to two questions. 1. Can you implement your cloud hosted data in such a way the when it is breached, it is basically unusable. Think only hosting hashed PII info outside your local network. It’s still highly valuable business data but it doesn’t put your customer at risk. 2. How much data do you really need to store outside of your full control? Do your data volumes and access needs really necessitate the cost, complexity, and risk of being not just Cloud First but Cloud Only?
Yet another WAKE-UP call to all organisations using third party data platforms, processors or storage facilities! We would expect organisations that use Snowflake to have sought assurances that you are not affected by this breach and to take appropriate action. For everyone else - don’t miss this opportunity to check your third party providers don’t become your Achilles heel.
The Snowflake Attack May Be Turning Into One of the Largest Data Breaches Ever
wired.com
To view or add a comment, sign in
-
Infosec leader, Responsible AI, Data Protection, Cyber-Psychology amateur, providing thought leadership and business strategy. AI Governance Professional (IAPP), ex CISSP Instructor
Supply chain and third party attacks will continue to be one of the biggest vectors for attack against any organisation. Even if you are not targeted directly, you may end up collateral damage; while this story continues to unfold, it is a continuing cautionary tale to ensure you have amazing supply chain risk management in place...You cannot outsource accountability, and it's incumbent on us all to ensure good controls...
Yet another WAKE-UP call to all organisations using third party data platforms, processors or storage facilities! We would expect organisations that use Snowflake to have sought assurances that you are not affected by this breach and to take appropriate action. For everyone else - don’t miss this opportunity to check your third party providers don’t become your Achilles heel.
The Snowflake Attack May Be Turning Into One of the Largest Data Breaches Ever
wired.com
To view or add a comment, sign in
-
https://lnkd.in/d5a5fDDD An interesting state of affairs and what looks like a breach of staggering proportions. A carefully crafted notification that does not (perhaps intentionally) mention the misuse of credentials by other trusted third parties i.e. other than snowflake personnel or end users. The notification does not cover a scenario where TAs may have trojanised an admins machine and ridden in on the back of an authenticated remote access session. So important to fully protect endpoints and use PAM. Important to see how this develops.
Cloud company Snowflake denies that reported breach originated with its products
therecord.media
To view or add a comment, sign in
-
Snowflake’s Data Leak: Why Honesty Matters Recently, Snowflake had a data leak. This kind of thing is a big risk for any business, but trying to hide it is even riskier. Here’s why we should be honest: 1. Trust: Customers need to know we’re taking care of their data. Being upfront helps keep their trust. 2. Learning: Admitting mistakes means we can fix them and get better. 3. Rules: There are laws about reporting breaches. Not following them can get us in trouble. At Snowflake and everywhere else, it’s super important to prevent data breaches and be honest when they happen. Trying to cover up a breach can do more damage in the long run. Let’s push for better data protection and a culture of honesty. #DataSecurity #Honesty #Snowflake #DataBreach #Trust
The Snowflake Attack May Be Turning Into One of the Largest Data Breaches Ever
wired.com
To view or add a comment, sign in
-
Good Lord...below is why Xiid says PLEASE let us show you how to become 100% credential-less so what happened to Snowflake wont happen to you. Can we set up a meeting to review and show you how? Newest Snowflake Info: A threat actor has accessed data belonging to at least 165 organizations using valid credentials to their Snowflake accounts, thanks to no MFA and poor password hygiene. https://lnkd.in/eDZSDzGG
Snowflake Cloud Accounts Felled by Rampant Credential Issues
darkreading.com
To view or add a comment, sign in
-
Have you ever wondered about the difference between #dataleaks and #databreaches? 😵 Well, you’re not alone! Our latest blog post is here to help you sort through the confusion! (TLDR: It doesn't matter which one you're facing, Flow's got you covered for both). Read now to learn: ➡ Definitions of data leaks and data breaches ➡ The distinctions between the two ➡ Common causes of each ➡ Strategies to minimize the risk of both ➡ How Flow’s runtime approach detects and prevents both from happening >> https://lnkd.in/dhtBm9nY
Data Leaks vs. Data Breaches: Understanding Data Threats
https://www.flowsecurity.com
To view or add a comment, sign in
4,043 followers
Helping Enterprises Protect Their Browsers @ LayerX
2wGreat initiative by LayerX!