Category: Salesforce
-
BreachForums seized, but hackers say they will still leak Salesforce data
BreachForums seized, but hackers say they will still leak Salesforce data Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley
-
Salesforce data breach: what you need to know
Salesforce data breach: what you need to know The Scattered LAPSUS$ Hunters hacking group claims to have accessed data from around 40 customers of Salesforce, the cloud-based customer relationship management service, stealing almost one billion records. Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
ShinyHunters Wage Broad Corporate Extortion Spree
ShinyHunters Wage Broad Corporate Extortion Spree A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they refuse to pay a ransom. The group also claimed responsibility…
-
Smashing Security podcast #437: Salesforce’s trusted domain of doom
Smashing Security podcast #437: Salesforce’s trusted domain of doom Researchers uncovered a security flaw in Salesforce’s shiny new Agentforce. The vulnerability, dubbed “ForcedLeak”, let them smuggle AI-read instructions in via humble Web-to-Lead form… and ended up spilling data for the low, low price of five dollars. And we discuss why data breach communicationss still default…
-
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google…