DiscoverSecurity SerengetiSS-NEWS-145 - Snowflakes are not unique, summary of incidents at .gov
SS-NEWS-145 - Snowflakes are not unique, summary of incidents at .gov

SS-NEWS-145 - Snowflakes are not unique, summary of incidents at .gov

Update: 2024-06-17
Share

Description

This week we discuss the FY23 incidents in the US Government's annual report, and then we discuss Snowflake a bit, and some of the issues around SAAS and Malware Remediation (infostealers steal more than just the work accounts!)


Article 1 - White House report dishes deets on all 11 major government breaches from 2023
Supporting Article:
Microsoft breach led to theft of 60,000 US State Dept emails


Article 2 - Snowflake customers not using MFA are not unique – over 165 of them have been compromised
Supporting Articles:
UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion
No Snow, No Flakes: Pondering Cloud Security Shared Responsibility, Again!
Mapping Snowflake’s Access Landscape


If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

Comments 
loading
In Channel
SS-NEWS-154 - Salt Typhoon and MS MFA Brute Forcing

SS-NEWS-154 - Salt Typhoon and MS MFA Brute Forcing

2024-12-1642:46

SS-NEWS-153 - Lawyers will Inherit Cyber

SS-NEWS-153 - Lawyers will Inherit Cyber

2024-11-1845:41

SS-DISC-152 - Detection Engineering Behavior Maturity Model

SS-DISC-152 - Detection Engineering Behavior Maturity Model

2024-11-0440:51

SS-NEWS-151: AI Companions Hacked

SS-NEWS-151: AI Companions Hacked

2024-10-2137:07

SS-NEWS-150 - T-Mobile Consent Decree and Kia Hacking

SS-NEWS-150 - T-Mobile Consent Decree and Kia Hacking

2024-10-0749:08

SS-DISC-149 - Does the Security Job Gap Exist?

SS-DISC-149 - Does the Security Job Gap Exist?

2024-09-2335:01

SS-RPRT-148: Picus Blue Report 2024

SS-RPRT-148: Picus Blue Report 2024

2024-09-0954:59

SS-NEWS-147 - Does Phishing Education need to mature like Fire Drills did?

SS-NEWS-147 - Does Phishing Education need to mature like Fire Drills did?

2024-07-2949:14

SS-NEWS-146 - Sysmon usable as EDR?

SS-NEWS-146 - Sysmon usable as EDR?

2024-07-1635:16

SS-NEWS-145 - Snowflakes are not unique, summary of incidents at .gov

SS-NEWS-145 - Snowflakes are not unique, summary of incidents at .gov

2024-06-1744:47

SS-NEWS-144

SS-NEWS-144

2024-06-0351:46

SS-NEWS-143: Minimum Viable SOC Transformation!

SS-NEWS-143: Minimum Viable SOC Transformation!

2024-05-2052:09

SS-NEWS-142: GM Sharing Driving Data, Testing Detections

SS-NEWS-142: GM Sharing Driving Data, Testing Detections

2024-05-0645:37

SS-NEWS-141: American Privacy Rights Act

SS-NEWS-141: American Privacy Rights Act

2024-04-2249:48

SS-RPRT-140: Consolidation and Merging in Cybersecurity

SS-RPRT-140: Consolidation and Merging in Cybersecurity

2024-04-0843:36

SS-NEWS-139: Maximum Overdrive Apocalypse?

SS-NEWS-139: Maximum Overdrive Apocalypse?

2024-03-2529:41

SS-BOOK-138: All Your Face Are Belong To Us

SS-BOOK-138: All Your Face Are Belong To Us

2024-03-1154:52

SS-RPRT-137: The Blue Report

SS-RPRT-137: The Blue Report

2024-02-2650:58

SS-RPRT-136: 2024 Security Predictions

SS-RPRT-136: 2024 Security Predictions

2024-02-1249:58

SS-NEWS-135: Atlas of Surveillance and the MOAB

SS-NEWS-135: Atlas of Surveillance and the MOAB

2024-01-2941:40

loading
Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
1.0x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

SS-NEWS-145 - Snowflakes are not unique, summary of incidents at .gov

SS-NEWS-145 - Snowflakes are not unique, summary of incidents at .gov

David Schwendinger and Matthew Keener