#salesloftdrift

[ follow ]
#salesforce #oauth-token-compromise #data-extortion #shinyhunterslapsus #supply-chain-attack
fromTheregister
2 weeks ago

'Retired' Scattered LAPSUS$ Hunters resurface with leak site

"We are aware of recent extortion attempts by threat actors, which we have investigated in partnership with external experts and authorities," the advisory said. "Our findings indicate these attempts relate to past or unsubstantiated incidents, and we remain engaged with affected customers to provide support," it continued. "At this time, there is no indication that the Salesforce platform has been compromised, nor is this activity related to any known vulnerability in our technology."
Information security
Information security
fromDataBreaches.Net
1 month ago

Salesloft Drift Breach Rolls Up Cloudflare, Palo Alto, Zscaler, and Others - DataBreaches.Net

Supply-chain attacks exploiting a Salesloft/Drift Salesforce OAuth vulnerability compromised customer Salesforce instances at Cloudflare, Palo Alto Networks, Zscaler, SpyCloud, PagerDuty, and hundreds more.
Information security
fromwww.theregister.com
1 month ago

Zscaler customer data also nabbed in Salesloft Drift attacks

Stolen Salesloft Drift OAuth tokens enabled attackers to exfiltrate Salesforce customer data, exposing contacts, cases, opportunities, and commercial information for multiple companies.
[ Load more ]