Rising Threat of Credential Stuffing Attacks in 2024 In 2024, credential stuffing attacks have emerged as a significant cybersecurity concern, driven by a troubling cycle of infostealer malware infections and data breaches. The situation, already precarious, is poised to worsen with the advent of Computer-Using Agents (CUAs), a novel class…
Cloudflare Confirms Impact from Salesloft Drift Breach On Tuesday, Cloudflare disclosed its involvement in the Salesloft Drift breach, confirming that cybercriminals obtained 104 API tokens associated with its platform. Despite the breach, Cloudflare’s security team, led by Sourov Zaman, Craig Strubhart, and Grant Bourzikas, reported no detected suspicious activity linked…
Major Data Breach at Salesloft: Hackers Compromise Customer Tokens and Access Salesforce Data In a significant security incident, criminal hackers have successfully infiltrated Salesloft, a prominent sales automation platform, resulting in the theft of OAuth and refresh tokens linked to its AI agent, Drift, which interfaces with Salesforce. This breach…
Salesloft Authentication Token Breach Exposes Corporate Vulnerabilities Recent developments in cybersecurity have raised alarms among businesses utilizing Salesloft, a platform that streamlines customer interactions into actionable leads for Salesforce. A significant breach involving the theft of authentication tokens from Salesloft has prompted fast action from numerous companies as they scramble…
A recent advisory from Google and Mandiant has uncovered a significant data breach involving Salesforce, where the threat actor UNC6395 deployed stolen OAuth tokens to bypass Multi-Factor Authentication (MFA). Organizations are urged to take steps to protect non-human identities to prevent similar breaches. According to the advisory from the Google…
A significant data breach involving corporate Salesforce instances has emerged, with hackers exploiting compromised OAuth tokens associated with the Salesloft Drift application. This sophisticated exfiltration campaign has led to the exposure of sensitive data from numerous organizations. The threat group, identified as UNC6395, executed their operations between August 8 and…
If you’re one of the nearly 200 million customers affected by the AT&T data breach, you may be eligible for financial compensation. jetcityimage/Getty Images AT&T is preparing to make one of the largest privacy settlements recently seen, following two significant data breaches. The first breach, which occurred six years ago,…
In a significant cybersecurity breach, Allianz Life, a major US insurance firm, has had 2.8 million sensitive records exposed following a data leak linked to ongoing Salesforce attacks. These stolen records contain critical information pertaining to both business partners and customers, highlighting a troubling trend in the escalating sophistication of…
AT&T has agreed to a $177 million settlement in response to two significant data breaches that compromised the personal information of customers, as reported by CNET. The settlement will provide compensation to both current and former customers affected by at least one of the breaches. Notably, individuals who can substantiate…
