Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
ServiceNow Security Shocker: Hackers Exploit Flaws to Steal Login Credentials!
Hackers are exploiting ServiceNow vulnerabilities to steal user login credentials, targeting everything from government agencies to software companies. Despite a fix being released, many organizations remain vulnerable.
Hot Take:
Looks like hackers are now treating ServiceNow vulnerabilities like a buffet—taking a little bit of this, a little bit of that, and serving up a heaping plate of chaos. Bon appétit!
Key Points:
- Hackers are exploiting multiple ServiceNow vulnerabilities to steal user login credentials.
- The primary vulnerability, CVE-2024-4879, has a severity score of 9.3.
- Two additional flaws, CVE-2024-5178 and CVE-2024-5217, were also found and exploited.
- Victims include government agencies, data centers, and software development companies.
- A fix was released on July 10, 2024, but many organizations have yet to apply it.
Hackers’ Buffet
Cybersecurity researchers from Resecurity have discovered that hackers are having a field day exploiting multiple vulnerabilities in ServiceNow, a popular cloud-based business solution for digital workflow management. The primary vulnerability, now known as CVE-2024-4879, has a terrifying severity score of 9.3—basically a red alert in the cybersecurity world. As if that wasn’t enough, the folks at Assetnote decided to add some spice to the mix by uncovering two more flaws: CVE-2024-5178 and CVE-2024-5217. These flaws were then leveraged in attacks, proving once again that hackers will never pass up a good opportunity to wreak havoc.
Credential Stew
So, what’s on the menu? Well, hackers have been injecting a payload that checks for specific results in server responses. If they get the right response, they go for a second round, deploying another payload that dives into the database. The final step involves dumping user lists and account credentials. While most of these credentials are typically hashed, some unlucky victims had their credentials dumped in plaintext. Imagine leaving your front door key under the mat—it’s just that bad. The consequences? Think ransomware attacks and all the digital mayhem you can imagine.
ServiceNow’s Popularity Contest
ServiceNow isn’t just any cloud-based business solution; it’s basically the prom queen of digital workflow management with nearly 300,000 internet-exposed instances. Big names like Coca-Cola, Dell, Deloitte, and even the State of California are part of its fan club, relying on it for everything from IT service management to state-wide IT operations. With such a massive user base, it’s no wonder hackers are drooling over these vulnerabilities like they’re the last slice of pizza at a tech conference.
Fix It, Felix!
The fix for these vulnerabilities was released on July 10, 2024. However, in a plot twist that surprises absolutely no one, many organizations have yet to apply it. This procrastination gives hackers ample time to exploit these flaws and continue their rampage. Users are advised to install the fix immediately and make sure they cover all instances. Seriously, folks, it’s time to channel your inner Fix-It Felix before things get even more out of hand.
More From TechRadar Pro
If this cybersecurity drama wasn’t enough to satisfy your tech news cravings, TechRadar Pro has you covered. Check out their latest articles on dangerous UEFI bootkits, the best firewalls in town, and top-notch endpoint protection tools. They’ve got all the juicy details to keep your business safe and sound.
Meet the Writer
Sead, the seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina, has been in the game for over a decade. With a penchant for writing about IT and cybersecurity, he’s contributed to numerous media outlets, including Al Jazeera Balkans. When he’s not busy uncovering the latest cyber threats, Sead holds modules on content writing for Represent Communications, sharing his expertise with the next generation of writers.
Conclusion
In a nutshell, hackers are exploiting multiple ServiceNow vulnerabilities to steal user credentials and wreak havoc. While a fix has been released, many organizations have yet to apply it, leaving them vulnerable to attacks. ServiceNow’s popularity among major companies like Coca-Cola, Dell, and Deloitte makes this a critical issue. Stay tuned to TechRadar Pro for more updates, and remember, when it comes to cybersecurity, procrastination is not an option.
Already a member? Log in here