ServiceNow Vulnerabilities Exploited for Credential Theft

ServiceNow Vulnerabilities Exploited for Credential Theft


Malware Developments

Stargazer Goblin's Ghost Network Unveils a New Threat on GitHub 

"Stargazer Goblin," a threat actor that has orchestrated a complex malware distribution scheme known as the Stargazers Ghost Network. This sophisticated operation exploits the credibility of GitHub, a platform synonymous with secure and collaborative software development, to surreptitiously spread malware. 

READ MORE

Python Package Exploits macOS Vulnerabilities for Data Theft Leveraging Social Engineering 

In a concerning development within the open-source software ecosystem, the Python package "lr-utils-lib" was discovered to contain dangerous hidden code intended to compromise macOS systems. Upon installation, the package activates a hidden script that targets Google Cloud Platform credentials, exfiltrating them to an attacker-controlled server.

READ MORE


Vulnerabilities and Exploitation Attempts

ServiceNow Vulnerabilities Exploited for Credential Theft 

Critical vulnerabilities in ServiceNow have been exploited by attackers to breach organizations and steal credentials, including CVE-2024-4879 (CVSS score: 9.3), CVE-2024-5217 (CVSS score: 9.2), and CVE-2024-5178 (CVSS score: 6.9). Notably, CVE-2024-4879 allows for remote code execution. 

READ MORE

Security Flaw in Docker Engine Allows AuthZ Plugin Bypass via Zero-Length API Requests 

Docker has issued an advisory about a critical flaw, identified as CVE-2024-41110 with a CVSS score of 10.0, affecting Docker Engine versions from v19.03 onwards. 

READ MORE

Novel Flaw in GCP Cloud Functions Leading to Elevated Privileges - ConfusedFunction 

A security flaw dubbed “ConfusedFunction” was recently found in Google Cloud Platform, particularly affecting Cloud Functions and Cloud Build services. The issue arises during the creation or update of a Cloud Function, which inadvertently assigns a default service account to the Cloud Build instance, a process not visible to regular users.

READ MORE

UEFI Secure Boot Compromised by PKfail Untrusted Platform Keys 

The discovery of the PKfail vulnerability has revealed a significant weakness in the Secure Boot process of the UEFI system, impacting a wide range of devices. The critical issue stems from the use of a default Platform Key (PK) which was meant for testing purposes within device firmware. 

READ MORE


Identified Trends

Ransomware on the Rise, to Technology Becomes the Most Targeted Sector 

In the second quarter of 2024, the cybersecurity landscape saw significant shifts, with Business Email Compromise (BEC) and ransomware emerging as the predominant threats, together accounting for 60% of engagements. 

READ MORE


Gain deeper CTI insights! 

CyberProof’s CTI service offers comprehensive threat intelligence coverage, ensuring that your organization stays ahead of active threats that pose the greatest risk to your assets.

Our advanced CTI team investigates the threat landscape, providing you with detailed reports, related Indicators of Compromise (IOCs), technical recommendations, and MITRE ATT&CK mapping.

LEARN MORE ABOUT OUR CTI SERVICES

To view or add a comment, sign in

Insights from the community

Others also viewed

Explore topics