Salesforce Security Office Hours with Guest Speaker, Tom Bassett

Salesforce just announced major security changes coming in September after sophisticated social engineering attacks hit some of the biggest names in business including Adidas, Chanel, Google, and Workday. The hacker group ShinyHunters has been running voice phishing campaigns, calling Salesforce users and convincing them to download fake versions of Salesforce’s Data Loader tool that exploited vulnerabilities in how Salesforce handles uninstalled connected apps.

This week we will be diving deeper into how these attacks happened and exploring the new security measures that Salesforce is putting into place. We’ll examine why these social engineering tactics were so successful, how attackers exploited OAuth Device Flow vulnerabilities, and what these incidents reveal about connected app authorization without admin oversight.

We will explore Salesforce’s response, including automatically blocking access to uninstalled connected apps and removing OAuth Device Flow from Data Loader entirely. We’ll discuss what these dramatic security changes mean for your organization and examine the lessons learned from these high-profile breaches to help you better secure your Salesforce environment from similar attacks.