Data theft campaign targets Salesforce users with malicious Excel files

A recent data theft campaign has been targeting Salesforce users by distributing malicious Excel files designed to steal sensitive information. The attackers leverage social engineering tactics to trick victims into opening these files, which then execute harmful macros to exfiltrate data. This campaign highlights the ongoing risks faced by organizations relying on cloud-based CRM platforms like Salesforce. Users are advised to exercise caution when handling unexpected Excel attachments and to ensure their security software is up to date. The attack underscores the importance of robust cybersecurity measures, including user education, email filtering, and endpoint protection, to defend against sophisticated phishing and malware campaigns. Organizations should also monitor for unusual activity within their Salesforce environments to detect potential breaches early. This incident serves as a reminder that cybercriminals continuously evolve their tactics to exploit trusted business tools, making vigilance and proactive defense critical in the modern threat landscape.

This Cyber News was published on www.infosecurity-magazine.com. Publication date: Wed, 27 Aug 2025 08:50:03 +0000

Cyber News related to Data theft campaign targets Salesforce users with malicious Excel files

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 year ago Aws.amazon.com

31 Alarming Identity Theft Statistics for 2024 - Identity theft is a prevalent issue that affects millions of people annually. Although the numbers are startling, we've selected the 31 most concerning identity theft statistics to help you understand how to secure your identity. In 2022, the FTC ...
1 year ago Pandasecurity.com

Salesforce Lays-Off 700 Staff - American CRM giant Salesforce is reportedly reducing its workforce again, on top of a sizeable reduction back in 2023. The Wall Street Journal reported that Salesforce is laying off 700 workers, or 1 percent of its workforce, in the latest round of ...
1 year ago Silicon.co.uk

ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH - A wave of data breaches impacting companies like Qantas, Allianz Life, LVMH, and Adidas has been linked to the ShinyHunters extortion group, which has been using voice phishing attacks to steal data from Salesforce CRM instances. These breaches have ...
2 months ago Bleepingcomputer.com Hunters Scattered Spider

Data theft campaign targets Salesforce users with malicious Excel files - A recent data theft campaign has been targeting Salesforce users by distributing malicious Excel files designed to steal sensitive information. The attackers leverage social engineering tactics to trick victims into opening these files, which then ...
1 month ago Infosecurity-magazine.com

Inside the strategy of Salesforce's new Chief Trust Officer - In this Help Net Security interview, Arkin discusses a collaborative approach to building trust among customers, employees, and stakeholders, focusing on transparency, shared responsibility, and empowering others to integrate trusted and responsible ...
1 year ago Helpnetsecurity.com

How to Recover an Unsaved Excel File - If your Excel file was left unsaved by accident, don't fret - Microsoft understands mistakes happen and provides built-in functionality to help recover it. To recover an unsaved file, navigate to the File tab > Info > Manage Versions to undelete it ...
1 year ago Hackercombat.com

The Latest Identity Theft Methods: Essential Protection Strategies Revealed - Identity theft has evolved far beyond the days of stolen mail and dumpster diving. Today's identity thieves employ sophisticated techniques, including account takeovers and government benefit fraud, making it essential for you to stay vigilant to ...
1 year ago Hackread.com

Salesforce Releases Forensic Investigation Guide - Salesforce has published a comprehensive Forensic Investigation Guide aimed at helping organizations effectively investigate security incidents within their Salesforce environments. This guide provides detailed methodologies, best practices, and ...
1 month ago Cybersecuritynews.com

Salesforce Attacks: Latest Threats and Security Measures - Salesforce, a leading customer relationship management platform, has increasingly become a target for cyber attackers. This article delves into the latest Salesforce attacks, highlighting the methods threat actors use to exploit vulnerabilities and ...
1 month ago Cybersecuritynews.com CVE-2023-34362 CVE-2023-34363 UNC2452

CVE-2016-0054 - Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint ...
6 years ago

Allianz Life confirms data breach impacts majority of 1.4 million customers - ShinyHunters is a group of threat actors who are linked to multiple high-profile data breaches and attacks, including those against PowerSchool and the SnowFlake attacks, which ...
2 months ago Bleepingcomputer.com Hunters

ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks - In a significant cybersecurity incident, the hacking group ShinyHunters has claimed responsibility for stealing 1.5 billion Salesforce records through breaches involving the company Drift. This massive data breach highlights the increasing risks ...
3 weeks ago Bleepingcomputer.com ShinyHunters

Unmasking Identity Theft: Detection and Mitigation Strategies - In an increasingly digital world, the threat of identity theft looms large, making it imperative for individuals to be proactive in detecting potential breaches and implementing effective mitigation measures. This article delves into key strategies ...
1 year ago Cybersecurity-insiders.com

CVE-2008-7092 - Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) PageName, and (3) title parameters in a ...
8 years ago

Scattered Lapsus Hunters Returns With Salesforce Leak Site - The Lapsus$ hacking group, known for its high-profile cyberattacks, has resurfaced with a new leak site targeting Salesforce, a major cloud software company. This resurgence follows a period of inactivity and signals a renewed threat to enterprise ...
5 days ago Darkreading.com Lapsus$

CVE-2016-3358 - Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, ...
6 years ago

CVE-2011-1989 - Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for ...
6 years ago

Iranian Phishing Campaign Targets Israel-Hamas War Experts - Iran-linked threat actors are targeting high-profile researchers working on the Israel-Hamas conflict via a sophisticated social engineering campaign, according to Microsoft Threat Intelligence. The threat actor Mint Sandstorm, which has ties to ...
1 year ago Infosecurity-magazine.com

Russian Cyberattackers Launch Multiphase PsyOps Campaign - Russia-linked threat actors employed both PysOps and spear-phishing to target users over several months at the end of 2023 in a multiwave campaign aimed at spreading misinformation in Ukraine and stealing Microsoft 365 credentials across Europe. The ...
1 year ago Darkreading.com

CVE-2015-2558 - Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Excel Viewer, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007 ...
6 years ago

CVE-2015-6038 - Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 ...
6 years ago

CVE-2016-3365 - Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation ...
6 years ago

CVE-2016-3362 - Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation ...
6 years ago

Data theft campaign targets Salesforce users with malicious Excel files

Cyber News related to Data theft campaign targets Salesforce users with malicious Excel files

Latest Cyber News

Cyber Trends (last 7 days)

Trending Cyber News (last 7 days)