SalesLoft，Drift，违规时间表：您需要知道的

深入了解了Salesloft Drift违规，其时间表以及对网络安全公司的广泛影响。请了解这种关键的供应链攻击。

The Salesloft Drift breach sent shockwaves through the cybersecurity world. With over 700 organizations affected, understanding the timeline and impact is crucial. Here's a breakdown of what happened.

Salesloft Drift漏洞在网络安全世界中造成了冲击波。有700多个组织受到影响，了解时间表和影响至关重要。这是发生的事情的细分。

The Breach: A Timeline of Events

违规：事件的时间表

The Salesloft Drift breach is a complex story unfolding over several months. Here's a simplified timeline:

Salesloft Drift Breach是一个复杂的故事，几个月来展开。这是一个简化的时间表：

• March 2025: Threat actors compromise Salesloft's GitHub account.
• March - June 2025: Attackers download repository data and conduct reconnaissance on Salesloft and Drift environments.
• August 8-18, 2025: Using stolen OAuth tokens, attackers access and exfiltrate data from customer Salesforce instances.
• August 20, 2025: Salesloft and Salesforce revoke connections between Drift and Salesforce.
• August 26, 2025: Companies announce unauthorized access. Google warns of credential theft.
• August 28, 2025: Salesloft begins investigation with Mandiant.
• September 2-8, 2025: Cybersecurity firms including Palo Alto Networks, Zscaler, Cloudflare, Proofpoint, Tenable, Qualys, Rubrik, Spycloud, BeyondTrust, CyberArk, Elastic, Dynatrace, Cato Networks and BugCrowd disclose they were victims.
• September 6, 2025: Salesloft confirms GitHub compromise as the initial attack vector.
• September 8, 2025: Salesforce restores integration with Salesloft (excluding Drift).

Key Insights and Takeaways

关键见解和外卖

The Salesloft Drift breach underscores several critical points:

Salesloft Drift Breach突出了一些关键点：

• Supply Chain Risks: Third-party integrations, especially in SaaS environments, introduce significant risks.
• OAuth Token Security: Stolen OAuth tokens are a powerful attack vector, granting access without triggering typical alerts.
• Importance of Incident Response: Swift action, including isolating infrastructure and rotating credentials, is crucial in containing breaches.
• GitHub as a Target: This incident highlights the growing trend of attackers targeting code repositories like GitHub.

The Impact on Cybersecurity Companies

对网络安全公司的影响

A particularly alarming aspect of this breach is the number of cybersecurity companies affected, including Cloudflare, Zscaler, Palo Alto Networks and many others. This suggests a deliberate targeting of organizations with access to sensitive data and security infrastructure. While these companies took quick action to mitigate impact on products and services, the potential reputational damage and cost of remediation are substantial.

这种违规行为的一个特别令人震惊的方面是受影响的网络安全公司的数量，包括Cloudflare，Zscaler，Palo Alto网络等。这表明，有意针对访问敏感数据和安全基础架构的组织进行故意针对。尽管这些公司采取了快速行动来减轻对产品和服务的影响，但潜在的声誉损害和补救成本是巨大的。

My Two Cents: A Wake-Up Call

我的两分钱：唤醒电话

The Salesloft Drift breach serves as a potent reminder of the interconnectedness of the modern SaaS ecosystem. It's no longer enough to focus solely on your own security posture; you must also rigorously assess the security practices of your vendors. Assume compromise and ensure proper segmentation and monitoring are in place. Ignoring the reality of supply chain risk is a recipe for disaster.

Salesloft Drift违规行为有效地提醒了现代SaaS生态系统的相互联系。它不再仅仅专注于您自己的安全姿势；您还必须严格评估供应商的安全惯例。假设妥协并确保适当的分割和监视。忽略供应链风险的现实是灾难的秘诀。

Salesforce Restores Salesloft Integration

Salesforce还原SalesLoft集成

After investigation, Salesforce has restored integration with the Salesloft platform, while the Drift component remains disabled. The incident highlights the potential fallout of third-party application integrations, particularly with popular tools such as Salesloft and Drift.

经过调查后，Salesforce恢复了与SalesLoft平台的集成，而漂移组件仍然残障。该事件突出了第三方应用程序集成的潜在影响，尤其是在流行的工具（例如Salesloft和Drift）的情况下。

What's Next?

接下来是什么？

The investigation into the Salesloft Drift breach is ongoing. Expect further disclosures and analysis as more details emerge. In the meantime, take this as a learning opportunity to bolster your own security defenses.

对Salesloft漂流违规行为的调查正在进行中。随着更多细节的出现，期望进一步的披露和分析。同时，将此作为学习机会来增强您自己的安全防御能力。

So, yeah, maybe double-check those third-party app permissions? Just a thought. Stay safe out there, folks!

所以，是的，也许是双方应用程序权限的双重检查？只是一个想法。伙计们，保持安全！