Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Salesforce. Show all posts
Vulnerability and Exploits.
Cloud Platform Critical Flaws Data Exposure Digital World Malicious actor Salesforce Sensitive data Third Party Apps Vulnerability and Exploits.

ServiceNow Data Exposure Flaw Raises Concerns

ServiceNow, a popular enterprise cloud platform, was found to have a serious data exposure vulnerability. Concerns concerning the security of sensitive data in cloud-based systems have been highlighted by this occurrence, which has shocked the cybersecurity community.

According to reports from cybersecurity experts and firms, the vulnerability in ServiceNow's infrastructure could potentially lead to unauthorized access to sensitive data. The flaw, if exploited, could allow malicious actors to gain access to confidential information stored within the platform, posing a significant risk to organizations relying on ServiceNow for their day-to-day operations.

Enumerated, a cybersecurity firm, was among the first to identify and report the flaw. They disclosed that the issue stemmed from a misconfiguration in ServiceNow's security settings, leaving a gap that could be exploited by cybercriminals. This revelation has prompted immediate action from ServiceNow, as they work tirelessly to rectify the situation and implement robust security measures.

Salesforce, a leading cloud-based customer relationship management platform, was also mentioned in connection with the data exposure issue. While the exact nature of the link between Salesforce and ServiceNow remains unclear, experts speculate that this incident might highlight a broader concern regarding the security of cloud-based platforms and the need for enhanced vigilance in safeguarding sensitive data.

The cybersecurity community, along with industry experts, has been vocal about the importance of regular security audits and assessments for cloud-based platforms. This incident serves as a stark reminder of the potential risks associated with relying on third-party providers for critical business functions.

As the investigation into this data exposure flaw continues, organizations using ServiceNow are advised to review their security protocols and take immediate steps to mitigate potential risks. This includes ensuring that access controls and permissions are configured correctly and conducting thorough vulnerability assessments to identify and address any potential security gaps.

The ServiceNow data exposure vulnerability highlights how important it is for cloud-based platforms to have strong cybersecurity safeguards. It acts as a wake-up call for businesses, encouraging them to give security first priority and take preventative measures to protect sensitive data in an increasingly linked digital world.

Read more »
Technology
AI technology Generative AI Innovation Salesforce Technology

Salesforce Unveils AI Cloud, Empowering Enterprises with Reliable Generative AI Capabilities

Today, Salesforce unveiled AI Cloud, an enterprise AI solution designed to enhance productivity throughout its suite of applications. This innovative platform integrates multiple Salesforce technologies, including Einstein, Data Cloud, Tableau, Flow, and MuleSoft, to deliver real-time generative AI capabilities that seamlessly integrate with business operations. 

With this open platform, businesses can easily incorporate AI into their workflows and drive greater efficiency across Salesforce applications. The foundational element of AI Cloud is the innovative Einstein Trust Layer, which Salesforce considers to be a groundbreaking enterprise AI architecture. 

This layer not only harnesses the benefits of generative AI but also prioritizes data privacy and security, aiming to establish a new industry standard. Salesforce ensures that the utmost measures are in place to safeguard sensitive information. With the Einstein Trust Layer, Salesforce strives to instill trust in enterprise-generative AI by safeguarding sensitive data in AI applications and workflows. 

This layer ensures that proprietary data remains separate from public models, addressing crucial aspects of data privacy, security, residency, and compliance specific to generative AI. Salesforce aims to establish a solid foundation of trust by prioritizing the protection of valuable data assets. 

What is generative artificial intelligence (AI)? 

Generative AIs play crucial roles in content creation across different industries. Movie makers utilize them to fill narrative gaps or even drive the storyline. News organizations employ generative AIs to generate short snippets or entire stories, particularly for structured reports like sports or financial updates. 

AI algorithms serve various purposes such as data classification, organization, and reasoning. Among them, generative algorithms stand out by creating data through a realistic synthesis of images, sounds, and videos. These algorithms utilize models of the world to generate simulated environments that align with the predefined model. Essentially, they start with a vision of what the world should be and bring it to life through simulated representations. 

Challenges of generative artificial intelligence (AI)? 

Certain advanced generative AI algorithms possess the ability to deceive, leading to the creation of what is commonly known as "deep fakes." These fabricated outputs can be misused for fraudulent activities, such as impersonating individuals to carry out various forms of fraud. 

For instance, malicious actors may attempt to mimic someone's identity to illicitly withdraw funds from a bank account and other sensitive information. Additionally, deep fakes can be used to manipulate and falsely attribute statements to individuals, potentially leading to serious consequences like defamation or slander. 

 What does the future look like? 

According to recent research by Salesforce, global economic growth is anticipated to receive a significant boost of over $15 trillion by 2030 due to the influence of AI. This growth is projected to lead to a substantial 26% increase in GDP. 

However, the widespread adoption of AI hinges on the crucial factors of building trust and ensuring robust data privacy measures. To fully leverage the potential of AI, it is imperative to establish a foundation of trust and safeguard the privacy of data.
Read more »
Varonis Threat Lab
Data Breach deactivated sites DNS Hacking Ghost sites Salesforce Threat actors Varonis Threat Lab

Ghost Sites: Attackers are now Exposing Data From Deactivated Salesforce Sites


Varonis Threat Lab researchers recently discovered that Salesforce ‘ghost sites,’ that are no longer in use, if improperly deactivated and unmaintained may remain accessible and vulnerable of being illicitly used by threat actors. They noted how by compromising the host header, a hacker may gain access to sensitive PII and business data.

With the help of Salesforce Sites, businesses can build specialized communities where partners and clients could work collaboratively.

But when these communities are no longer required, they are frequently preserved rather than shut down. These sites aren't examined for vulnerabilities since they aren't maintained, and the administrators don't update the security measures in accordance with contemporary guidelines.

Apparently, Varonis Threat Labs on its recent findings discovered that since these ghost sites were not properly deactivated, they were easily accessible to attackers who were using them to put illicit data, exploiting the sites.

They added that the exposed data did not only consist of the old data of the sites, but also fresh records that were disclosed to guest user, who shared configuration in the Salesforce environment.

Salesforce Ghost Sites

According to Varonis Threat Labs, Salesforce ghost sites are created when a company, instead of using unappealing internet URLs uses a custom domain name. This is done so that the organization’s partners could browse the sites. . “This is accomplished by configuring the DNS record so that ‘partners.acme.org’ [for example] points to the lovely, curated Salesforce Community Site at “partners.acme.org. 00d400.live.siteforce.com[…]With the DNS record changed, partners visiting “partners.acme.org” will be able to browse Acme’s Salesforce site. The trouble begins when Acme decides to choose a new Community Site vendor,” the researchers said.

Companies might switch out a Salesforce Experience Site for an alternative, just like they would with any other technology. Varonis Threat Labs stated, "Acme subsequently updates the DNS record of 'partners.acme.org' to link toward a new site that might function in their AWS environment." The Salesforce Site is no longer present from the users' perspective, and a new Community page is now accessible. The new page may not be functioning in the environment or connected to Salesforce in any way, and no blatant integrations are visible.

However, the study found that a lot of businesses only modify DNS entries. “They do not remove the custom domain in Salesforce, nor do they deactivate the site. Instead, the site continues to exist, pulling data and becoming a ghost site,” a researcher said.

Attackers exploit these sites simply by changing the host header. They mislead Salesforce into believing that the site was accessed as https://partners.acme.org/ making the sites accessible to the attackers.

Although these sites can also be accessed through their whole internal URLs, an intruder would find it difficult to recognize these URLs. However, locating ghost sites is significantly simpler when utilizing tools that index and archive DNS information, like SecurityTrails and comparable technologies.

What is the Solution

Varonis Threat Labs advised that the sites that are no longer in use should be properly deactivated. They also recommended to track all Salesforce sites and their respective users’ permissions, involving both community and guest users. Moreover, the researchers created a guide on ‘protecting your active Salesforce Communities against recon and data theft.’ 

Read more »
Subscribe to: Posts (Atom)