Advertisement · 728 × 90
#
Hashtag
#AuraInspector
Advertisement · 728 × 90
CyberMaterial
CyberMaterial
@cybermaterial.bsky.social
1 month ago
Post image

Threat Actors Scan Salesforce AuraInspector
Read More: buff.ly/w3DWYJN

#SalesforceSecurity #AuraInspector #ExperienceCloud #GuestUserMisconfig #DataScraping #CloudSecurity #ThreatIntel #InfosecAlert

0 0 0 0
ransomNews
ransomNews
@ransomnews.online
1 month ago
Post image

🚨 Custom tool turns Salesforce scanning into data theft

Attackers modified the open-source #AuraInspector tool to mass-scan public #Salesforce Experience Cloud sites and extract data directly via the `/s/sfsites/aura` API when guest user permissions are overly permissive.

#ransomNews

1 0 0 0
iT4iNT SERVER
iT4iNT SERVER
@it4intserver.bsky.social
1 month ago
Preview
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool Salesforce has warned of an increase in threat actor activity that's aimed at exploiting misconfigurations in publicly accessible Experience Cloud sites by making use of a customized version of an open-source tool called AuraInspector. The activity, per the company, involves the exploitation of customers' overly permissive Experience Cloud guest user configurations to obtain access to sensitive

iT4iNT SERVER Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool VDS VPS Cloud #Salesforce #CyberSecurity #DataBreach #ThreatActors #AuraInspector

0 0 0 0
Giorgio di Grazia
Giorgio di Grazia
@rcinghio.bsky.social
3 months ago
Preview
AuraInspector: Auditing Salesforce Aura for Data Exposure | Google Cloud Blog Our open-source tool AuraInspector can help defenders identify Salesforce Aura access control misconfigurations.

Mandiant is releasing #AuraInspector, a new open-source tool designed to help defenders identify and audit access control misconfigurations within the #Salesforce Aura framework.
cloud.google.com/blog/topics/...

0 0 0 0
The Daily Tech Feed
The Daily Tech Feed
@thedailytechfeed.com
3 months ago
Post image

Enhance your Salesforce security with AuraInspector, Mandiant's new open-source tool for auditing Aura framework misconfigurations. #Salesforce #CyberSecurity #AuraInspector Link: thedailytechfeed.com/mandiant-lau...

0 0 0 0
piggo
piggo
@pigondrugs.bsky.social
3 months ago
AuraInspector: Auditing Salesforce Aura

~Mandiant~
Mandiant's AuraInspector tool finds Salesforce data leaks, using a GraphQL method to bypass record limits.
-
IOCs: *. vf. force. com, *. my. salesforce-sites. com, *. my. salesforce. com
-
#AuraInspector #Salesforce #ThreatIntel

0 0 0 0