Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.

Salesforce “Red Team” Members Present Tool at Defcon, Get Fired

posted by martyb on Friday August 11 2017, @09:50PM   Printer-friendly
from the METASPLOIT-SPAMTOILET-MOISTPLATE-MEATPISTOL dept.

Fnord666 writes:

At Defcon in Las Vegas last month, word rapidly spread that two speakers—members of Salesforce's internal "red team"—had been fired by a senior executive from Salesforce "as they left the stage." Those two speakers, who presented under their Twitter handles, were Josh "FuzzyNop" Schwartz, Salesforce's director of offensive security, and John Cramb, a senior offensive security engineer.

Schwartz and Cramb were presenting the details of their tool, called Meatpistol. It's a "modular malware implant framework" similar in intent to the Metasploit toolkit used by many penetration testers, except that Meatpistol is not a library of common exploits, and it is not intended for penetration testing. The tool was anticipated to be released as open source at the time of the presentation, but Salesforce has held back the code.

[...] Schwartz had reportedly gotten prior approval to speak at Defcon from Salesforce management, and he was working toward getting approval to open-source Meatpistol (which is currently in a very rough "alpha" state but was at use internally at Salesforce). But at the last moment, Salesforce's management team had a change of heart, and it was trying to get the talk pulled. As ZDNet's Zach Whittaker reports, a Salesforce executive sent a text message to Schwartz and Cramb an hour before their scheduled talk, telling the pair not to announce the public release of the code.

[...] A Salesforce spokesperson contacted by Ars would not comment, stating, "We don't comment on matters involving individual employees."

Source: Ars Technica

Also at ZDNet and The Register

Original Submission

 
This discussion has been archived. No new comments can be posted.
Salesforce “Red Team” Members Present Tool at Defcon, Get Fired | Log In/Create an Account | Top | 20 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Informative) by captain normal on Saturday August 12 2017, @04:47AM (1 child)

    by captain normal (2205) on Saturday August 12 2017, @04:47AM (#552730)

    Wow...for once I find I agree with jmorris. How the H-E- double toothpicks did these guys ever get such a position at Salesforce? Then again I've actually known a couple of people hired by Salesforce. They were not the sharpest tacks in the box by any means.

    --
    The Musk/Trump interview appears to have been hacked, but not a DDOS hack...more like A Distributed Denial of Reality.
    Starting Score:    1  point
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 0) by Anonymous Coward on Saturday August 12 2017, @08:35PM

    by Anonymous Coward on Saturday August 12 2017, @08:35PM (#552955)

    When building such a massive system you don't want the best, you want those competent enough to do the work and unaware enough to not figure out all the nasty shit going on.