Hi, I’m Tomer Schwartz, director of security research at Adallom Labs. As you probably know by now, a bit over a week ago, Salesforce.com announced they detected a new variant of Dyre (aka Dyreza) that was targeting Salesforce user credentials. Since many of our customers rely on us to secure their users and data inside of Salesforce.com, we were inundated with questions about the ramifications and intent of the malware. We’ve spent the last week trying to take a closer look at the Dyre malware variant that Salesforce.com pointed us to in order to provide actionable information to our customers, and I wanted to share our results in this post in case the rest of you are curious (there’s some important stuff inside, but not what you might expect). First, let’s start off with an intro to Dyre
more here................http://www.adallom.com/blog/salesforce-dyre-variant-research-analysis/
more here................http://www.adallom.com/blog/salesforce-dyre-variant-research-analysis/