Salesforce refuses to submit to extortion demands linked to hacking campaigns

Salesforce said it will not submit to extortion demands after a threat group claimed to have a massive trove of data ...
CSO Online

Salesforce’s glaring Dreamforce omission: Vital security lessons from Salesloft Drift

Salesforce failed to address the massive wave of OAuth breaches at its Dreamforce conference, but securing third-party ...

Lawsuits Over Salesforce-Linked Data Breaches to Test Third-Party Vendors’ Liability

Companies that handle large volumes of customers’ personal information have been repeatedly targeted by cyberattacks in ...
Scoop

UNC6040 Hacks Salesforce Via Vishing And Malicious Data Loader Apps, Google Warns

A new Google Cloud Threat Intelligence report has revealed a sophisticated vishing campaign targeting Salesforce environments, enabling large-scale data theft and extortion. The operation, attributed ...
Reuters

Hackers abuse modified Salesforce app to steal data, extort companies, Google says

June 4 (Reuters) - Hackers are tricking employees at companies in Europe and the Americas into installing a modified version of a Salesforce-related app, allowing the hackers to steal reams of data, ...

Data breach alert: Hackers claim 1bn Salesforce records stolen via UK retailer attacks – Who they are, what’s at risk?

Hackers calling themselves Scattered LAPSUS$ Hunters claim to have stolen nearly one billion Salesforce records by targeting UK retailers via vishing attacks.

SaaS Is The New Frontline: What Recent SaaS Supply Chain Attacks Teach Us About Modern Cyber Risk

Here’s what this new playbook reveals: • The attack surface is every user. Any employee with a login can unknowingly open a ...
CSOonline

Hackers use Vishing to breach Salesforce customers and swipe data

In an active campaign, a financially motivated threat actor is voice phishing (Vishing) Salesforce customers to compromise their organizational data and carry out subsequent extortion. Tracked as ...
TechRepublic

Google: New Vishing Threat ‘Particularly Effective’ at Tricking Employees to Steal Salesforce Data

Google: New Vishing Threat ‘Particularly Effective’ at Tricking Employees to Steal Salesforce Data Your email has been sent Instances of Salesforce inside organizations have become targets of voice ...
hcamag.com

Hackers impersonating IT teams to steal Salesforce data, Google warns

Threat actors are impersonating IT personnel to lure employees into giving access to their organisation's Salesforce data through a malicious application, the Google Threat Intelligence Group (GTIG) ...