Two top-level Salesforce security engineers have lost their jobs over the details of an IT defense tool they revealed at the annual DEF CON hacking conference.
Director of Offensive Security Josh Schwartz, and Senior Offensive Security Engineer John Cramb were terminated via text message by a Salesforce executive after delivering a presentation at the DEF CON conference. Minutes before taking the stage, a message was sent threatening their jobs if they proceeded with their presentation. They allegedly did not see this message, gave said presentation, and were consequently removed from their positions. Schwartz himself confirmed that they no longer worked at Salesforce, shortly after the talk.
The presentation was described on the DEF CON website thusly:
Attention Red Teamers, Penetration Testers, and Offensive Security Operators, isn’t the overhead of fighting attribution, spinning up infrastructure, and having to constantly re-write malware an absolute pain and timesink!?! It was for us too, so we’re fixing that for good (well, maybe for evil). Join us for the public unveiling and open source release of our latest project, MEATPISTOL, a modular malware framework for implant creation, infrastructure automation, and shell interaction. This framework is designed to meet the needs of offensive security operators requiring rapid configuration and creation of long lived malware implants and associated command and control infrastructure. Say goodbye to writing janky one-off malware and say hello to building upon a framework designed to support efficient yoloscoped adversarial campaigns against capable targets.
Yes, MEATPISTOL. It’s “a modular malware framework for implant creation, infrastructure automation, and shell interaction” that Salesforce uses internally to test penetration of their security. Originally, the plan was to open source the tool for further development, but despite being approved early in the year, both lawyers and executives for Salesforce have since reversed course.
For now, Salesforce has no further comment on MEATPISTOL or the terminations.
Follow Nate Church @Get2Church on Twitter for the latest news in gaming and technology, and snarky opinions on both.