Snowflake Breach - Secure Coding Challenge Inspired by The Incident

Snowflake experienced a significant data breach facilitated by an infostealer malware. The attacker exploited stolen credentials from a Snowflake employee’s ServiceNow account, bypassing OKTA and generating session tokens to exfiltrate data. This breach impacted potentially 400 companies. The attacker attempted to ransom the data for $20 million.

This secure coding challenge is inspired by a security company discussion with the adversary who is seemingly behind the incident.

We use this challenge as an opportunity to learn a subtle security weakness with JWT that can allow unexpired token!

Please give it a try and let us know your feedback.

:warning: If you have not complete any SecDim secure code challenges, to get started first complete Start Here.py.

:point_right: Snowflake.py

1 Like