Hosted on MSN

CISA says SaaS providers in firing line after Commvault zero-day Azure attack

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that SaaS companies are under fire from criminals on the prowl for cloud apps with weak security.… Apps with default ...
Dark Reading

CISA Warns of Attacks Targeting Commvault SaaS Environment

A threat actor is targeting authentication credentials stored in Commvault's cloud-based backup and recovery platform and using them to gain unauthorized access to customers' Microsoft 365 accounts.
CSOonline

CISA flags Commvault zero-day as part of wider SaaS attack campaign

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned about threat actors abusing Commvault’s SaaS cloud application, Metallic, to access its clients’ critical application secrets.
Homeland Security Today

CISA Advisory Update on Cyber Threat Activity Targeting Commvault’s Cloud Application

Commvault is monitoring cyber threat activity targeting their applications hosted in their Microsoft Azure cloud environment. Threat actors may have accessed client secrets for Commvault’s (Metallic) ...