CrowdStrike catches insider feeding information to hackers

pCrowdStrike catches insider feeding information to hackersppNvidia confirms October Windows updates cause gaming issuesppFCC rolls back cybersecurity rules for telcos despite statehacking risksppCISA warns Oracle Identity Manager RCE flaw is being actively exploitedppGoogle enables PixeltoiPhone file sharing via Quick Share AirDropppEnterprise password security and secrets management with Passwork 7ppIberia discloses customer data leak after vendor security breachppNew Costco Gold Star Members also get a 40 Digital Costco Shop CardppHow to access the Dark Web using the Tor BrowserppHow to enable Kernelmode Hardwareenforced Stack Protection in Windows 11ppHow to use the Windows Registry EditorppHow to backup and restore the Windows RegistryppHow to start Windows in Safe ModeppHow to remove a Trojan Virus Worm or other MalwareppHow to show hidden files in Windows 7ppHow to see hidden files in WindowsppRemove the Theonlinesearchcom Search RedirectppRemove the Smartwebfindercom Search RedirectppHow to remove the PBlock adware browser extensionppRemove the Toksearchesxyz Search RedirectppRemove Security Tool and SecurityTool Uninstall GuideppHow to Remove WinFixer Virtumonde Msevents TrojanvundoppHow to remove Antivirus 2009 Uninstall InstructionsppHow to remove Google Redirects or the TDSS TDL3 or Alureon rootkit using TDSSKillerppLocky Ransomware Information Help Guide and FAQppCryptoLocker Ransomware Information Guide and FAQppCryptorBit and HowDecrypt Information Guide and FAQppCryptoDefense and HowDecrypt Ransomware Information Guide and FAQppQualys BrowserCheckppSTOPDecrypterppAuroraDecrypterppFilesLockerDecrypterppAdwCleanerppComboFixppRKillppJunkware Removal ToolppeLearningppIT Certification CoursesppGear GadgetsppSecurityppBest VPNsppHow to change IP addressppAccess the dark web safelyppBest VPN for YouTubeppppUpdate November 21 1204 EST Story updated with information from hackersppAmerican cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on internal systems with hackers after they were leaked on Telegram by the Scattered Lapsus Hunters threat actorsppHowever the company noted that its systems were not breached as a result of this incident and that customers data was not compromisedppWe identified and terminated a suspicious insider last month following an internal investigation that determined he shared pictures of his computer screen externally a CrowdStrike spokesperson told BleepingComputer todayppOur systems were never compromised and customers remained protected throughout We have turned the case over to relevant law enforcement agenciesppCrowdStrike did not specify the threat group responsible for the incident or the motivations of the malicious insider who shared screenshotsppHowever this statement was provided in response to questions from BleepingComputer regarding screenshots of CrowdStrike systems that were recently posted on Telegram by members of the threat groups ShinyHunters Scattered Spider and LapsusppShinyHunters told BleepingComputer earlier today that they allegedly agreed to pay the insider 25000 to provide them with access to CrowdStrikes networkppThe threat actors claimed they ultimately received SSO authentication cookies from the insider but by then the suspected insider had already been detected by CrowdStrike which had shut down his network accessppThe extortion group added that they also attempted to purchase CrowdStrike reports on ShinyHunters and Scattered Spider but did not receive themppBleepingComputer contacted CrowdStrike again to confirm if this information is accurate and will update the story if we receive additional informationppThese groups now collectively calling themselves Scattered Lapsus Hunters have previously launched a dataleak site to extort dozens of companies impacted by a massive wave of Salesforce breachesppScattered Lapsus Hunters have been targeting Salesforce customers in voice phishing attacks since the start of the year breaching companies such as Google Cisco Allianz Life Farmers Insurance Qantas Adidas Workday as well as LVMH subsidiaries including Dior Louis Vuitton and Tiffany CoppCompanies they attempted to extort include highprofile brands and organizations such as Google Cisco Toyota Instacart Cartier Adidas Sake Fifth Avenue Air France KLM FedEx DisneyHulu Home Depot Marriott Gap McDonalds Walgreens Transunion HBO MAX UPS Chanel and IKEAppScattered Lapsus Hunters also claimed responsibility for the Jaguar Land Rover JLR breach stealing sensitive data and significantly disrupting operations resulting in damages of over 196 million 220 million in the last quarterppAs BleepingComputer reported this week the ShinyHunters and Scattered Spider extortion groups are switching to a new ransomwareasaservice platform named ShinySp1d3r after previously using other ransomware gangs encryptors in attacks including ALPHVBlackCat RansomHub Qilin and DragonForceppThis Thursday ShinyHunters also claimed a new wave of data theft attacks that allegedly impacted Salesforce instances belonging to over 280 companies In Telegram messages today they said the list of breached companies contains multiple highprofile names including LinkedIn GitLab Atlassian Thomson Reuters Verizon F5 SonicWall DocuSign and MalwarebytesppAs the threat actors told BleepingComputer yesterday they compromised the Salesforce instances after breaching Gainsight using secrets stolen in the Salesloft drift breachppWhether youre cleaning up old keys or setting guardrails for AIgenerated code this guide helps your team build securely from the startppGet the cheat sheet and take the guesswork out of secrets managementppMeet ShinySp1d3r New RansomwareasaService created by ShinyHuntersppSalesforce refuses to pay ransom over widespread data theft attacksppOracle patches EBS zeroday exploited in Clop data theft attacksppRed Hat data breach escalates as ShinyHunters joins extortionppShinyHunters launches Salesforce data leak site to extort 39 victimspppWhat an idiot I would have done it differently and better first I would tell the boss of crowdstrike that i39ve been contacted by these hackers and i wish to take 25000 dollars from them and give them some fake access cookies in a realistic honeynet and boom we tricked the tricksterspppHindsight is always 2020ppNot a member yet Register NowppWhatsApp API flaw let researchers scrape 35 billion accountsppMicrosoft Outofband update fixes Windows 11 hotpatch install loopppGrafana warns of max severity admin spoofing vulnerabilityppWorried about finance scams Get Avast Free Antivirus with intelligent online scam detectionppWhy your DevOps stack data might be more vulnerable than you think and how to address itppCMMC Made Simple Get auditready with Huntressfaster easier and more affordableppEmpowering IT teams with intelligencedriven cyber threat researchppReview of Passwork Affordable EnterpriseGrade Password ManagerppGet The CISOs Guide to Stopping Ransomware with PhishingResistant MFAppTerms of Use Privacy Policy Ethics Statement Affiliate DisclosureppCopyright 2003 2025 Bleeping Computer LLC All Rights ReservedppNot a member yet Register NowppRead our posting guidelinese to learn what content is prohibitedp