Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity

Read full story on The Hacker News
Share
Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity
AI disclosure

Summary

Attackers whose methods line up with the data-extortion group ShinyHunters have spent the past year walking into corporate Salesforce environments without exploiting a single flaw in the platform. The way in has been the trust the organization had already extended, usually through the OAuth connections that tie Salesforce to the apps and third-party vendors around it. In 

Original reporting

Open original source

Related coverage

Read full article on The Hacker News

Get the AFBytes Brief

Major stories, AI-assisted analysis, and what to watch next. Free, monthly, unsubscribe anytime.