Cyber Security Headlines Farmers Insurance also hit by Salesforce breach, UpCrypter phishing campaign, Pakistan hits Indian government agencies
8 snips
Aug 26, 2025 Farmers Insurance faces a massive data breach affecting 1.1 million customers due to a Salesforce flaw. Meanwhile, a global phishing campaign exploits fake voicemails to trick unsuspecting victims. The conversation also delves into the evolution of cybercriminal tactics and the potential rise of AI-based steganography attacks. With security teams overwhelmed by alerts, the need for effective triage solutions becomes ever more critical.
AI Snips
Chapters
Transcript
Episode notes
Salesforce Third‑Party Breach Scale
- Farmers Insurance confirmed 1.1 million customers were exposed via a Salesforce third-party breach affecting names, addresses, DOBs, driver's license numbers, and partial SSNs.
- The breach ties to the Shiny Hunters Group using voice phishing to exfiltrate data from Salesforce instances across industries.
Voicemail Phish Delivers UpCrypter
- A global phishing campaign fakes voicemail and purchase-order emails to push victims to download UpCrypter via a malicious ZIP.
- UpCrypter is a JavaScript loader that installs remote access tools for spying and theft across many industries and countries.
APT36 Targets Indian Agencies
- APT36, linked to Pakistan, shifted from website defacements to Linux-targeting malware against Indian government agencies.
- Attackers used phishing disguised as government contract paperwork to deliver malware via Google Drive decoys.