Snowflake experienced a significant data breach facilitated by an infostealer malware. The attacker exploited stolen credentials from a Snowflake employee’s ServiceNow account, bypassing OKTA and generating session tokens to exfiltrate data. This breach impacted potentially 400 companies. The attacker attempted to ransom the data for $20 million.
This secure coding challenge is inspired by a security company discussion with the adversary who is seemingly behind the incident.
We use this challenge as an opportunity to learn a subtle security weakness with JWT that can allow unexpired token!
Please give it a try and let us know your feedback.
If you have not complete any SecDim secure code challenges, to get started first complete Start Here.py.
