Salesforce refuses to submit to extortion demands linked to hacking campaigns

Salesforce said it will not submit to extortion demands after a threat group claimed to have a massive trove of data ...
CSO Online

Salesforce’s glaring Dreamforce omission: Vital security lessons from Salesloft Drift

Salesforce failed to address the massive wave of OAuth breaches at its Dreamforce conference, but securing third-party ...

Lawsuits Over Salesforce-Linked Data Breaches to Test Third-Party Vendors’ Liability

Companies that handle large volumes of customers’ personal information have been repeatedly targeted by cyberattacks in ...
Reuters

Hackers abuse modified Salesforce app to steal data, extort companies, Google says

June 4 (Reuters) - Hackers are tricking employees at companies in Europe and the Americas into installing a modified version of a Salesforce-related app, allowing the hackers to steal reams of data, ...
Scoop

UNC6040 Hacks Salesforce Via Vishing And Malicious Data Loader Apps, Google Warns

A new Google Cloud Threat Intelligence report has revealed a sophisticated vishing campaign targeting Salesforce environments, enabling large-scale data theft and extortion. The operation, attributed ...
TechRepublic

Google: New Vishing Threat ‘Particularly Effective’ at Tricking Employees to Steal Salesforce Data

Google: New Vishing Threat ‘Particularly Effective’ at Tricking Employees to Steal Salesforce Data Your email has been sent Instances of Salesforce inside organizations have become targets of voice ...
CSOonline

Hackers use Vishing to breach Salesforce customers and swipe data

In an active campaign, a financially motivated threat actor is voice phishing (Vishing) Salesforce customers to compromise their organizational data and carry out subsequent extortion. Tracked as ...

SaaS Is The New Frontline: What Recent SaaS Supply Chain Attacks Teach Us About Modern Cyber Risk

Here’s what this new playbook reveals: • The attack surface is every user. Any employee with a login can unknowingly open a ...