Salesforce Misconfigurations are Exposing Sensitive Data | allinfosecnews.com

c

June 12, 2023, 8:56 p.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by Obsidian Security. Just last week, cybersecurity journalist Brian Krebs shared a post to his website detailing how Salesforce misconfigurations were causing several organizations to inadvertently expose sensitive data to the public.Affected organizations discovered that guest users (accounts that do not require authentication prior to data access) of their Salesforce Experience Cloud websites were able to access private records including full names, Social Security num...

access accounts authentication brian brian krebs cloud cybersecurity data data access experience exposing guest users journalist misconfigurations obsidian obsidian security organizations public salesforce security sensitive data website

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl

CISOs, AI, and OT: A Balancing Act Between Innovation and Protection 1 day ago | cloudsecurityalliance.org

act balancing act ben ciso +19

Cl

Microsoft Copilot for Security: Everything You Need to Know 1 day, 19 hours ago | cloudsecurityalliance.org

ai-powered copilot copilot for security cybersecurity +17

Cl

Navigating the Cloud – Beyond “Best Practices” 3 days, 2 hours ago | cloudsecurityalliance.org

architectures best practices beyond businesses +17

Cl

Defining Cloud Key Management: 7 Essential Terms 1 week, 1 day ago | cloudsecurityalliance.org

access access control breaches cloud +26

Cl

How DSPM Can Help Solve Healthcare Cybersecurity Attacks 1 week, 2 days ago | cloudsecurityalliance.org

access access controls article attacks +41

Cl

Considerations When Including AI Implementations in Penetration Testing 1 week, 2 days ago | cloudsecurityalliance.org

application artificial artificial intelligence ask +15

Cl

Five Reasons Why Ransomware Still Reigns 1 week, 2 days ago | cloudsecurityalliance.org

ben ciso consent cxo +15

Cl

DevSecOps Tools 1 week, 2 days ago | cloudsecurityalliance.org

code code management development devops +18

Cl

Post-Quantum Preparedness 1 week, 3 days ago | cloudsecurityalliance.org

availability change code computers +23

Financial Crimes Compliance - Senior - Consulting - Location Open

@ EY | New York City, US, 10001-8604

View on infosec-jobs.com

Software Engineer - Cloud Security

@ Neo4j | Malmö

View on infosec-jobs.com

Security Consultant

@ LRQA | Singapore, Singapore, SG, 119963

View on infosec-jobs.com

Identity Governance Consultant

@ Allianz | Sydney, NSW, AU, 2000

View on infosec-jobs.com

Educator, Cybersecurity

@ Brain Station | Toronto

View on infosec-jobs.com

Principal Security Engineer

@ Hippocratic AI | Palo Alto

View on infosec-jobs.com