Ghost Sites – Hackers May Steal Corporate Data From Deactivated Salesforce Communities

June 2, 2023, 6:57 a.m. | Guru

Cyber Security News cybersecuritynews.com

Researchers at Varonis Threat Labs discovered that some Salesforce sites were improperly deactivated or unmaintained SalesforceGhost Sites. Threat actors can exfiltrate PII and business data by simply manipulating the host headers for these websites. Salesforce partners and customers are provided an option to create customized communities to help them collaborate. When these communities are not […]

The post Ghost Sites – Hackers May Steal Corporate Data From Deactivated Salesforce Communities appeared first on Cyber Security News.

business communities corporate corporate data customers cyber security data ghost ghost sites hackers headers host labs may partners pii researchers salesforce steal threat threat actors threat labs varonis websites

Visit resource

More from cybersecuritynews.com / Cyber Security News

LayerX Security Raises $24M for its Browser Security Platform, Enabling Employees to Work Securely from … 4 hours ago | cybersecuritynews.com

browser browser security capital dell +24

Path Traversal Vulnerability In Popular Android Apps Let Attackers Overwrite Files 5 hours ago | cybersecuritynews.com

aim android android apps android security +26

ArcaneDoor Hackers Who Exploited Cisco Firewall Zero-Days Linked To China 5 hours ago | cybersecuritynews.com

access actor arcanedoor attacks +36

CISA Warns Of Hackers Actively Attacking GitLab Password Reset Vulnerability 5 hours ago | cybersecuritynews.com

access access control agency alert +28

NCSC Warns of Russian Hackers Attacking Critical National Infrastructure 6 hours ago | cybersecuritynews.com

alignment critical critical national infrastructure cyber +19

New macOS Adload Malware Bypasses Built-in macOS Antivirus Detection 9 hours ago | cybersecuritynews.com

adload antivirus apple authors +13

World Password Day 2024: Create Strong Passwords & Stay Safe Online 12 hours ago | cybersecuritynews.com

accounts cyber cyber security cyber threats +20

Beware! Threat Actors Selling RDP Access on Hacker Forums 12 hours ago | cybersecuritynews.com

access alert communities critical +28

Critical MailCleaner Vulnerabilities Let Attackers Execute arbitrary command 13 hours ago | cybersecuritynews.com

administrator attacker attackers command +17

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

DevSecOps Engineer

@ LinQuest | Beavercreek, Ohio, United States

View on infosec-jobs.com

Senior Developer, Vulnerability Collections (Contractor)

@ SecurityScorecard | Remote (Turkey or Latin America)

View on infosec-jobs.com

Cyber Security Intern 03416 NWSOL

@ North Wind Group | RICHLAND, WA

View on infosec-jobs.com

Senior Cybersecurity Process Engineer

@ Peraton | Fort Meade, MD, United States

View on infosec-jobs.com

Sr. Manager, Cybersecurity and Info Security

@ AESC | Smyrna, TN 37167, Smyrna, TN, US | Santa Clara, CA 95054, Santa Clara, CA, US | Florence, SC 29501, Florence, SC, US | Bowling Green, KY 42101, Bowling Green, KY, US

View on infosec-jobs.com

View more jobs

all InfoSec news

Ghost Sites – Hackers May Steal Corporate Data From Deactivated Salesforce Communities

More from cybersecuritynews.com / Cyber Security News

Jobs in InfoSec / Cybersecurity

Social Engineer For Reverse Engineering Exploit Study

DevSecOps Engineer

Senior Developer, Vulnerability Collections (Contractor)

Cyber Security Intern 03416 NWSOL

Senior Cybersecurity Process Engineer

Sr. Manager, Cybersecurity and Info Security