Salesforce Zero-Day Exploited to Phish Facebook Credentials
The cyberattacks used the legitimate Salesforce.com domain by chaining the vulnerability to an abuse of Facebook's Web games platform, slipping past email protections.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The cyberattacks used the legitimate Salesforce.com domain by chaining the vulnerability to an abuse of Facebook's Web games platform, slipping past email protections.
Hackers exploited a zero-day vulnerability in Salesforce's email services and SMTP servers to launch a sophisticated phishing campaign targeting valuable Facebook accounts. [...]
A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce's email services, allowing threat actors to craft targeted phishing messages using the company's domain and infrastructure