News

Security Boulevard15h

Behind the Salesforce OAuth Drift Breach

In recent weeks, major companies like Palo Alto Networks, Zscaler, Cloudflare, and SpyCloud have all confirmed they were ...
CPO Magazine1d

Hackers Steal OAuth Tokens via Salesloft Drift Integrations in Massive Salesforce Data Theft

Google Threat Intelligence Group has tracked threat actor UNC6395 stealing OAuth tokens via Salesloft Drift integrations in a ...
Security Boulevard2d

When Google Says “Scan for Secrets”: A Complete Guide to Finding Hidden Credentials in Salesforce

The Salesloft Drift breach affected hundreds of organizations through Salesforce, including Cloudflare, Palo Alto Networks, ...
FedScoop9mon

A better way for agencies to integrate their Salesforce data within ...

How agencies are unlocking greater value from their Salesforce data with a software solution designed to streamline cross-agency data integration.
Infosecurity Magazine9d

New Data Theft Campaign Targets Salesforce via Salesloft App

Salesforce customers have again been targeted in a “widespread data theft campaign,” this time via compromised OAuth tokens ...
TechCentral.ie9d

Hackers steal data from Salesforce instances in widespread campaign

Hackers stole user credentials from Salesforce customers in a widespread campaign earlier this month, according to ...
SecurityWeek9d

Hundreds of Salesforce Customers Hit by Widespread Data Theft Campaign

Attackers used stolen OAuth tokens from Drift to siphon data from Salesforce customers; Google urges credential rotation and ...

"Widespread data theft" hits Salesforce customers via third party

How the threat actor, tracked as UNC (uncategorised) 6395, obtained the OAuth tokens from Salesloft to exfiltrate data from customer Salesforce instances wasn't detailed. Saleslof ...