Mandiant: 'Exposed Credentials' Led To Snowflake Attacks
Search Security, Monday, June 10th, 2024
According to new threat research, Mandiant is reporting that UNC5537 conducted attacks against Snowflake database customers at least as early as April 14.
Google Cloud's Mandiant reported on Monday that exposed credentials led to attacks against Snowflake database customers.
On May 30, cloud security vendor Mitiga Security said a threat actor tracked as UNC5537 used stolen credentials to target customers of cloud storage and analytics giant Snowflake. The following day, Snowflake published a security advisory confirming this threat activity, adding that it became aware of the activity on May 23 and that the company did not believe UNC5537's attacks were the result of any vulnerability, misconfiguration or malicious activity within Snowflake's products.