Google breach exposes major risks in Salesforce cloud security
According to Google's Threat Intelligence team, the attackers notoriously relied on advanced voice phishing - or "vishing" - strategies to deceive employees into granting access credentials. ShinyHunters, which has grown in prominence within the cybersecurity community, reportedly utilised a malicious version of Salesforce's Data Loader application in this instance to further its aims.
Commenting on the implications of the breach, David Stuart, cybersecurity evangelist at Sentra, said, "This breach is the latest in a string of attacks targeting Salesforce environments, from Qantas to Pandora and now Google. It's a clear signal that attackers are focusing on where data is most concentrated, and often least visible - within cloud SaaS applications. Voice phishing tactics and other forms of social engineering are proving effective because the security model for SaaS platforms like Salesforce typically relies too heavily on perimeter controls and user authentication."
He continued, "Organisations need to shift their mindset: it's not just about securing systems, but understanding where sensitive data originates and lives, how it moves, and who touches it, and being proactive about ensuring its security posture. Without that baseline of visibility and control, even the most trusted cloud platforms can become data vulnerabilities."
The incident involving Google and Salesforce has underscored key weaknesses in the way businesses manage data and defend digital assets. While cloud adoption accelerates for efficiency and scalability, security oversight within these environments has yet to keep pace. Rather than exploiting software flaws, attackers are increasingly capitalising on the human factor, manipulating staff through deceptive lures such as fake support calls, emails, and malicious third-party applications.
Richard Taylor, managing director of marketing technology consultancy Digital Balance, remarked, "Another day, another data breach. This time revealed by Google with Salesforce once again at the centre. The attackers, known as the ShinyHunters group, leveraged a malicious version of Salesforce's Data Loader application, tricking employees into granting access. This incident follows a pattern where threat actors are not exploiting technical flaws in platforms but are instead using social engineering tactics to compromise systems."
He added, "This highlights that even with robust security measures, the human element can be the weakest link, leaving sensitive data vulnerable. This pattern suggests a need for stricter security protocols and training around third-party application usage."
Industry experts have long cautioned that existing security models for SaaS platforms can create a false sense of safety. Perimeter defences and even multi-factor authentication can be sidestepped if users can be convinced to hand over credentials or authorise malicious applications. This reality is leading to calls for more granular monitoring of where sensitive data resides, continuous auditing of data movements, and more aggressive training of staff to identify and resist sophisticated phishing attempts.
As businesses continue to invest in cloud services, the burden falls on both the vendors and their customers to ensure adequate defence measures. Enhanced monitoring tools, tighter controls over third-party integrations, and fostering a culture of scepticism regarding external communications are all recommended as next steps. The rise in such attacks reflects the evolving threat landscape in which traditional security endpoints are no longer the only battleground - increasingly, the user base itself is in the crosshairs.
The breach serves as a reminder that while SaaS platforms can offer significant operational benefits, they are not immune from novel and persistent cyber threats. Ongoing vigilance, education, and robust internal controls remain essential to defend against both technical and social vectors of attack.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
NZ Herald
a day ago
- NZ Herald
Auckland Council hires private investigator to track homeowner, forced sale looms over $220k rates bill
The council would not disclose the current rating debt. Property records show the home, which is down a private driveway and part of a block of flats, was last sold in 1996 for $438,000. Its new council valuation is $1.025 million. 'For some years, we have been trying to contact the owner, and we are now entering the final opportunity before the property enters a rating sale process,' Tucker said. 'Despite extensive efforts to contact the owner over many years – including direct correspondence, public notification and professional services to find the owner – we haven't been able to make contact. 'We do not take a rating sale lightly, and it really is a last resort.' Tucker said all attempts to speak to the owner had been unsuccessful, apart from one instance. 'Despite a short period of email correspondence in 2023 and unverifiable claims from third parties purporting to act on the owner's behalf, no payment plan has been established, and no material payments have been received. 'The council is taking action now, as it needs to recover the unpaid rates, and there may be issues with unlawful access to the property and degradation of the site.' Due to the absence of verified contact, the property not being owner-occupied, and the failure of all previous engagement attempts, the statutory conditions for a forced rating sale had now been met under the Local Government (Ratings) Act, Tucker said. Private investigator hired to track Wu A timeline provided by the council shows the last full rates payment was made in 2005. The council was in contact with tenants and a property manager between 2006 and 2012, but neither had authority to address the rates arrears. In May 2014, the council hired a private investigator to track Wu before starting legal proceedings the following month, and registering a charging order against the property title in 2015. 'New information about the property's appropriate legal categorisation then emerged, which halted court proceedings while the council worked through associated legal details.' In 2021, the council applied to the District Court to sell the property as abandoned land. The property is down a private driveway and part of a block of flats. The owner last made a full rates payment in 2005. Photo / Google But, after posting a public notice in January 2023, the council received correspondence from a person purporting to be Choi Wu, which prevented the land from being treated as abandoned. The council is now calling for anyone who knows Wu or immediate family members to make contact 'to help resolve this matter and establish a solution'. If the sale went ahead, Tucker said the proceeds would be used to recover the full amount of outstanding rates, penalties and associated costs, including real estate agency and legal fees. The remainder of the proceeds would be released to the owner or held in trust until claimed. Tucker said anyone concerned about paying their rates was encouraged to get in touch to discuss assistance options. These included a government-funded rates rebate scheme, a rates postponement scheme for residential properties, and flexible payment options. Forced sale abandoned last year after discovery that owner had died Auckland Council was unable to contact the owners of this house in Guthrey Place, Ōtara, to arrange payment of outstanding rates and penalties totalling more than $300,000. Photo / Jason Oxenham In August last year, an imminent forced sale of a home in Ōtara was abandoned at the 11th hour after council officials learned the owner was dead. The Guthrey Pl house was set to be sold over an unpaid rates bill of $317,000. At the time, it was the city's longest outstanding rates bill. No payments had been made since March 2005. The council had tried for years to contact the owner and arrange repayment, without success. However, after coverage in the Herald, the court-ordered auction was abandoned when relatives of the property's owner, Joseph William Leef, contacted council officials to tell them Leef was dead. The only successful compulsory ratings sale in the supercity occurred in 2015. Charlotte Hareta Marsh lost her home of 20 years in a court-ordered sale after failing to pay rates for nine years. Charlotte Marsh at her former home in Manurewa before it was forcibly sold by Auckland Council. She had refused to pay rates arrears of more than $12,000. Photo / Dean Purcell Despite repeated warnings, she refused to recognise the authority of Auckland Council and claimed to have paid her rates instead to the 'rightful land owner', Arikinui o Tuhoe, a self-proclaimed sovereign authority. At the time of the sale, Marsh owed more than $12,000 in rates and penalties, and nearly $3000 in court costs. The late activist Penny Bright's 11-year refusal to pay rates nearly cost her her Kingsland home in the months before her death. Bright had disputed and refused to pay her rates, citing 'the lack of transparency in council spending on private-sector consultants and contractors'. The council went to court to have Bright's home forcibly sold to recoup tens of thousands of dollars in unpaid rates and penalties, and it was listed for sale in April 2017. But in May that year, a deal was struck after Bright applied for a rates postponement, which was accepted by the council. The forced sale proceedings were halted. Lane Nichols is Auckland desk editor for the New Zealand Herald, with more than 20 years' experience in the industry. Sign up to The Daily H, a free newsletter curated by our editors and delivered straight to your inbox every weekday.
RNZ News
2 days ago
- RNZ News
YouTube turns to AI to spot children posing as adults
Photo: AFP/ NurPhoto YouTube has started using artificial intelligence (AI) to figure out when users are children pretending to be adults on the popular video-sharing platform amid pressure to protect minors from sensitive content. The new safeguard is being rolled out in the United States as Google-owned YouTube and social media platforms such as Instagram and TikTok are under scrutiny to shield children from content geared for grown-ups. A version of AI referred to as machine learning will be used to estimate the age of users based on a variety of factors, including the kinds of videos watched and account longevity, according to YouTube Youth director of product management James Beser. "This technology will allow us to infer a user's age and then use that signal, regardless of the birthday in the account, to deliver our age-appropriate product experiences and protections," Beser said. "We've used this approach in other markets for some time, where it is working well." The age-estimation model enhances technology already in place to deduce user age, according to YouTube. Users will be notified if YouTube believes them to be minors, giving them the option to verify their age with a credit card, selfie, or government ID, according to the tech firm. Social media platforms are regularly accused of failing to protect the well-being of children. Australia will soon use its landmark social media laws to ban children under 16 from YouTube , a top minister said late last month, stressing a need to shield them from "predatory algorithms." Communications Minister Anika Wells said four in 10 Australian children had reported viewing harmful content on YouTube, one of the most visited websites in the world. Australia announced last year it was drafting laws that will ban children from social media sites such as Facebook, TikTok and Instagram until they turn 16. "Our position remains clear: YouTube is a video sharing platform with a library of free, high-quality content, increasingly viewed on TV screens," the company said in a statement at the time. "It's not social media." On paper, the ban is one of the strictest in the world. It is due to come into effect on 10 December. The legislation has been closely monitored by other countries, with many weighing whether to implement similar bans. - AFP
Techday NZ
2 days ago
- Techday NZ
Oracle & Google Cloud boost AI with Gemini model access
Oracle and Google Cloud have expanded their partnership to provide Oracle customers with direct access to Google's Gemini AI models through the Oracle Cloud Infrastructure Generative AI service. The collaboration gives Oracle customers the ability to leverage Gemini 2.5 and its upcoming model family for enterprise-grade applications, including advanced coding, workflow automation, and domain-specific solutions such as MedLM for healthcare. Expanded AI offerings Through the integration, enterprises will have the opportunity to use Gemini's multimodal capabilities, enabling applications that can handle text, code, and industry-specific tasks. Oracle plans further integrations with Google Cloud's Vertex AI, which will make the entire Gemini model suite - including video, image, speech, and music generation - accessible within Oracle Fusion Cloud Applications across various departments such as finance, HR, supply chain, sales, service, and marketing. Oracle customers will also be able to deploy Gemini models using their existing Oracle Universal Credits, potentially simplifying adoption and controlling costs. Use cases and industry impact Gemini models are designed to provide accuracy and performance for enterprise use cases, partly due to their grounding in up-to-date Google Search data, large context windows, and data privacy features. The models can be used for knowledge retrieval, productivity tools, advanced software development, and sector-specific solutions. Specialised industry models like MedLM for healthcare are among the offerings expected for future integration. The presence of these models within existing Oracle platforms aims to streamline the adoption of AI across industries, supporting teams in tasks that range from automating business processes to building AI-powered agents. Customer access and integration With the expanded partnership, Oracle states customers will have more flexibility and choice over the models they use. As future integrations are developed, customers will be able to select from a range of Gemini models via Vertex AI, directly within Oracle's cloud applications ecosystem. "Today, leading enterprises are using Gemini to power AI agents across a range of use cases and industries," said Thomas Kurian, CEO, Google Cloud. "Now, Oracle customers can access our leading models from within their Oracle environments, making it even easier for them to begin deploying powerful AI agents that can support developers, streamline data integration tasks, and much more." Google's Gemini models have been cited for their enterprise suitability due to features such as encryption, privacy controls, and reasoning abilities. Clay Magouyrk, President, Oracle Cloud Infrastructure, stated, "Oracle has been intentional in offering model choice curated for the enterprise, spanning open and proprietary models. The availability of Gemini on OCI Generative AI service highlights our focus on delivering powerful, secure, and cost-effective AI solutions that help customers drive innovation and achieve their business goals." Performance and scalability Oracle continues to position its infrastructure as a foundation for running intensive AI workloads. According to the companies, Oracle Cloud Infrastructure offers specialised, cost-effective GPU instances suitable for applications in generative AI, natural language processing, computer vision, and recommender systems. The collaboration is described as a means for customers to apply generative and agentic AI to business needs, with a focus on meeting enterprise requirements for security, adaptability, and performance. Through this partnership, both companies aim to facilitate the deployment of multimodal and AI agent technologies in a broad range of enterprise scenarios.
