Salesforce refuses to submit to extortion demands linked to hacking campaigns

Salesforce said it will not submit to extortion demands after a threat group claimed to have a massive trove of data ...
CSO Online

Salesforce’s glaring Dreamforce omission: Vital security lessons from Salesloft Drift

Salesforce failed to address the massive wave of OAuth breaches at its Dreamforce conference, but securing third-party ...

Lawsuits Over Salesforce-Linked Data Breaches to Test Third-Party Vendors’ Liability

Companies that handle large volumes of customers’ personal information have been repeatedly targeted by cyberattacks in ...
TechRepublic

Google: New Vishing Threat ‘Particularly Effective’ at Tricking Employees to Steal Salesforce Data

Google: New Vishing Threat ‘Particularly Effective’ at Tricking Employees to Steal Salesforce Data Your email has been sent Instances of Salesforce inside organizations have become targets of voice ...
Scoop

UNC6040 Hacks Salesforce Via Vishing And Malicious Data Loader Apps, Google Warns

A new Google Cloud Threat Intelligence report has revealed a sophisticated vishing campaign targeting Salesforce environments, enabling large-scale data theft and extortion. The operation, attributed ...

Data breach alert: Hackers claim 1bn Salesforce records stolen via UK retailer attacks – Who they are, what’s at risk?

Hackers calling themselves Scattered LAPSUS$ Hunters claim to have stolen nearly one billion Salesforce records by targeting UK retailers via vishing attacks.
CSOonline

Hackers use Vishing to breach Salesforce customers and swipe data

In an active campaign, a financially motivated threat actor is voice phishing (Vishing) Salesforce customers to compromise their organizational data and carry out subsequent extortion. Tracked as ...

SaaS Is The New Frontline: What Recent SaaS Supply Chain Attacks Teach Us About Modern Cyber Risk

Here’s what this new playbook reveals: • The attack surface is every user. Any employee with a login can unknowingly open a ...