A critical vulnerability has been discovered in Salesforce applications, which could potentially lead to a full account takeover. The flaw was identified during a penetration test and is tied to misconfigurations within Salesforce Communities, specifically within the Salesforce Lightning component framework. This vulnerability exposes organizations using Salesforce to significant risks, such as unauthorized data access, data manipulation, and potential breaches of high-privilege accounts. The vulnerability targets “Guest Users,” who, under certain misconfiguration scenarios, could bypass access restrictions and gain unauthorized privileges. The exploit works by attackers mapping the Salesforce instance and identifying vulnerable endpoints. Once access is gained, attackers can use standard controllers, such as “getItems” and...

THis post has been updated after the attention it is gannering. The original post can be found here: https://web.archive.org/web/20240813033032/https://blog.blancorpsolutions.com/kenya/concerns-about-the-ict-bill-2024-in-kenya/ Kenya's tech industry has been a beacon of innovation and growth, thanks in part to a regulatory environment that has allowed startups and innovators to thrive. This is evident from the multitude of tech companies heading over to Kenya and the increasing number of tech offerings originating from Kenya. As usual, there are always prospects to advance, regulate and maintain order in any field, especially if it gains much momentum. There are case studies on this globally for anyone to check, the most prominent one being the EU laws...

The article explains that organizations that process personal data of EU citizens, regardless of where the organization is located, must comply with the GDPR and must obtain explicit consent, inform individuals of their rights

Welcome back to This Week in Apps, the TechCrunch series that recaps the latest OS news, the applications they support and the money that flows through...