On 11 April 2024, CISA issued an disclosing a compromise of customer data from Sisense. The previous day, cybersecurity journalist Brian Krebs had published an by the company¡¯s CISO. The specific details of the compromise have not been made public at this time. Furthermore, Arctic Wolf has not observed any malicious activities conducted by threat actors using compromised credentials from Sisense.?
Sisense is a business intelligence firm which produces software with features for analysis and visualisation of datasets for decision-making. The company integrates with various platforms such as CRM applications, analytics platforms, databases, APIs, and numerous other applications.?
While the extent of this compromise is not fully known, Arctic Wolf strongly recommends that organisations using Sisense rotate credentials and secrets for applications using their services, in line with the guidance provided by CISA. CISA emphasises that they are actively collaborating private industry partners to respond to this incident, as there is a connection to impacted critical infrastructure sector organisations.?
Recommendations?
Recommendation: Reset Credentials and Secrets?
CISA urges Sisense customers to reset any credentials and secrets (e.g., API Keys) that may have been exposed to or utilised for accessing Sisense services.?
References?
- ?
- ?
