BeyondMachines 
ShinyHunters Exploits Salesforce Misconfigurations to Target 100 High-Profile Organizations
ShinyHunters exploited misconfigured guest user permissions in Salesforce Experience Cloud sites using a modified Mandiant tool to allegedly steal data from approximately 100 high-profile organizations.
**If you use Salesforce Experience Cloud, audit your guest user permissions immediately and enforce least-privilege access: disable public API access for guest profiles and set all object sharing to "private." Review your site for exposure through the /s/sfsites/ aura endpoint and check with Salesforce support for updated detection rules to identify any past malicious scanning activity.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/shinyhunters-exploits-salesforce-misconfigurations-to-target-100-high-profile-organizations-m-c-k-w-l/gD2P6Ple2L
ShinyHunters Exploits Salesforce Misconfigurations to Target 100 High-Profile Organizations
ShinyHunters exploited misconfigured guest user permissions in Salesforce Experience Cloud sites using a modified Mandiant tool to allegedly steal data from approximately 100 high-profile organizations.