Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more
Blog Threat Research

Threat Update 50 – Critical Salesforce Misconfiguration

Salesforce is the lifeblood of many organizations. The amount of critical, and sensitive information stored within is astronomical – however, there are parts of the solution designed to be accessed by non-corporate users, such as the Community module.
Kilian Englert
1 min read
Last updated October 21, 2021

Contents

    Salesforce is the lifeblood of many organizations. The amount of critical, and sensitive information stored within is astronomical – however, there are parts of the solution designed to be accessed by non-corporate users, such as the Community module.

    Join Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team as they dive into a potential misconfiguration within Salesforce that could allow external entities to access data stored in the protected areas of Salesforce.

    👉You can read the full, detailed breakdown of the misconfiguration, how to check for it, and recommendations.

    👉To learn how else we can help, please visit us at: https://www.varonis.com/help/

    What you should do now

    Below are three ways we can help you begin your journey to reducing data risk at your company:

    1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
    2. Download our free report and learn the risks associated with SaaS data exposure.
    3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.
    Kilian Englert
    Kilian Englert Kilian has a background in enterprise security engineering, as well as security solution selling. Kilian is a Certified Information Systems Security Professional (CISSP) and creates internal and public content on topics related to cybersecurity and technology best practices.

    Try Varonis free.

    Get a detailed data risk report based on your company’s data.
    Deploys in minutes.
    Get started View sample

    Keep reading

    Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

    threat-update-28-–-re-ryuk’ed-&-exchange-zero-day
    Threat Update 28 – Re-Ryuk’ed & Exchange Zero-Day
    threat-update-28-–-re-ryuk’ed-&-exchange-zero-day
    Kilian Englert
    March 4, 2021
    Is it too soon for a 2020 throwback? The Ryuk ransomware gang certainly doesn’t think so! It looks like one of the premiere ransomware-as-a-service groups was not content to rest on their laurels, and it appears they’ve added self-spreading capabilities.
    threat-update-18-–-sanctions-for-ransomware-payments
    Threat Update 18 – Sanctions for Ransomware Payments
    threat-update-18-–-sanctions-for-ransomware-payments
    Kilian Englert
    December 24, 2020
    Would you consider coughing up the bitcoins if you got hit with ransomware? Better think again, you could potentially end up in more trouble! Click to watch Kilian Englert and...
    threat-update-43-–-ransomware-early-warning:-brute-force
    Threat Update 43 – Ransomware Early Warning: Brute Force
    threat-update-43-–-ransomware-early-warning:-brute-force
    Kilian Englert
    June 23, 2021
    With the proliferation of more sophisticated, human-operated ransomware, attackers can live inside an organization for days, weeks, or months - finding and exfiltrating data before making their presence known by detonating ransomware.
    threat-update-23---bypassing-endpoint-controls-using-office-macros
    Threat Update 23 - Bypassing Endpoint Controls Using Office Macros
    threat-update-23---bypassing-endpoint-controls-using-office-macros
    Kilian Englert
    February 1, 2021
    So many attacks start with a simple booby-trapped document that runs malicious code. Crafty attackers can even customize the payload to bypass endpoint controls! Don’t believe us? Check out this...