Rising Threat: Hackers Exploit Year-Old ServiceNow Security Vulnerabilities to Target Unpatched Systems

Rising Threat: Hackers Exploit Year-Old ServiceNow Security Vulnerabilities to Target Unpatched Systems

Security researchers have issued a crucial warning regarding a surge in cyberattacks exploiting three vulnerabilities in ServiceNow, an essential platform used by many organizations. These vulnerabilities, identified as CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217, have seen increased attempts at exploitation, highlighting the urgent need for companies to ensure their systems are patched.

Recent Surge in Exploitation Attempts

According to a blog post by GreyNoise, a threat intelligence startup, there has been a “notable resurgence of in-the-wild activity” targeting these three vulnerabilities. The initial disclosure of these flaws occurred in May 2024 by researchers from Assetnote, with ServiceNow implementing patches just two months later in July 2024.

Geographic Distribution of Attacks

GreyNoise reported that the majority of the malicious activity—approximately 70%—has been directed at systems located in Israel, but there have also been incidents in Germany, Japan, and Lithuania. This geographic diversity indicates a widespread interest in exploiting these vulnerabilities.

Risk of Data Exposure

As highlighted by Assetnote, these vulnerabilities can be chained together, potentially granting attackers full database access to affected ServiceNow instances. Organizations frequently utilize ServiceNow to manage sensitive employee data, including personally identifiable information and crucial HR records.

ServiceNow’s Response

In a statement to TechCrunch, ServiceNow spokesperson Erica Faltous remarked that the company became aware of the vulnerabilities nearly a year ago. She emphasized that, to date, there has been no observed impact on customers from any attack campaign related to these vulnerabilities.

Previous Warnings and Targeted Attacks

Following the vulnerabilities’ exposure, the U.S. security firm Resecurity issued warnings about attempts by foreign threat actors to exploit these weaknesses. Their investigations revealed targeted attacks on:

  • Energy companies
  • Data center organizations
  • Middle Eastern government agencies
  • Software developers
READ ALSO  US Indicts Garantex Admins for Alleged Crypto Money Laundering Tied to Terrorists and Hackers

Additionally, a report from Imperva in July 2024 indicated that exploitation attempts were detected across 6,000 sites in various industries, with particular activity noted in the financial services sector.

Conclusion

The ongoing attempts to exploit these ServiceNow vulnerabilities underscore the critical need for organizations to apply security patches promptly and remain vigilant against potential cyber threats. Ensuring that systems are up to date not only protects sensitive data but also helps maintain trust in organizational integrity.

Similar Posts

Urgent Security Alert: Hackers Target New Ivanti VPN Vulnerability to Breach Company Networks

Top Data Breaches of 2025: Uncovering the Most Significant Cybersecurity Incidents This Year

Bysupport

In 2025, data breaches are on the rise, alarming individuals and organizations. The PowerSchool breach affected over 62 million students and 9.5 million teachers, exposing sensitive information like grades and Social Security numbers. A significant compromise involving the Department of Government Efficiency jeopardized personal data for millions, prompting lawsuits from over 100 federal officials. The Community Health Center’s breach impacted over one million patients, revealing personal health data. Additionally, vulnerabilities in stalkerware apps compromised 3.2 million email addresses, and a breach at DISA affected 3.3 million individuals, highlighting the urgent need for enhanced cybersecurity measures.

North Korea's 2024 Crypto Heists: How $659M Was Stolen Through Fake Job Scams

US Lifts Sanctions on Tornado Cash: Implications for Crypto Mixing and North Korean Money Laundering

Bysupport

The U.S. Treasury has lifted sanctions on Tornado Cash, a crypto mixer previously accused of laundering $7 billion linked to North Korean hackers. This decision has ignited debate in the cryptocurrency community about its regulatory implications. Tornado Cash obscures transaction origins and has faced criticism for facilitating illicit activities. In 2022, it was labeled a “notorious” entity due to its ties to North Korea’s cyber thefts. Despite ongoing concerns about North Korean cyber threats, the Treasury allowed U.S. individuals and businesses to engage with Tornado Cash legally, raising questions about the balance between innovation and security in cryptocurrency regulation.

Exploring the Influential Figures in Elon Musk's DOGE Universe

Exploring the Vibrant Community Behind Elon Musk’s DOGE Universe

Bysupport

Elon Musk has established a vast network of companies that serves as an incubator for engineering and tech talent, intersecting with the U.S. federal government through the Department of Government Efficiency (DOGE). This collaboration highlights Musk’s influence in the tech industry, with a TechCrunch investigation revealing key individuals linked to him within DOGE. The team includes Musk as the lead, along with experienced insiders and engineers dedicated to improving government efficiency. The investigation utilized public records and interviews, uncovering insights like an xAI-powered chatbot related to DOGE. The evolving team aims to enhance governmental operations while attracting top talent.

Critics Warn: UK's Hidden Apple iCloud Backdoor Order Poses Global Security Threat

Critics Warn: UK’s Hidden Apple iCloud Backdoor Order Poses Global Security Threat

Bysupport

The U.K. government has reportedly ordered Apple to create a backdoor for accessing encrypted cloud data, raising alarms about encryption security and user privacy. This covert directive, issued under the Investigatory Powers Act 2016, targets Apple’s Advanced Data Protection feature, which provides end-to-end encryption for iCloud backups. Officials claim that this encryption hinders criminal investigations, prompting scrutiny of encrypted communication tools. Experts warn that limiting encryption in the U.K. could set a dangerous global precedent, risking user privacy and security. Privacy advocates argue that such measures could be exploited by hackers and authoritarian regimes, threatening civil liberties worldwide.

Bybit Crypto Exchange Offers $140 Million Bounty to Track Down Stolen Funds After Hack

Bybit Crypto Exchange Offers $140 Million Bounty to Track Down Stolen Funds After Hack

Bysupport

Hackers have executed the largest crypto heist ever, stealing around $1.4 billion in Ethereum from Bybit. In response, Bybit has launched a bounty program offering up to $140 million for information that aids in recovering the stolen funds. CEO Ben Zhou announced the initiative, which rewards individuals 5% of any traced and frozen amount. So far, $4.23 million has been distributed to five bounty hunters. The breach is attributed to the Lazarus Group, linked to North Korea, and involved malicious code from SafeWallet. Investigations reveal a compromised developer’s device as the source of the attack.

UN Aviation Agency Probes Major Security Breach as Hacker Alleges Personal Data Theft

UN Aviation Agency Confirms Major Data Breach: Hacker Accesses Thousands of Recruitment Records

Bysupport

The recent security breach involving the International Civil Aviation Organization (ICAO) has raised serious concerns about data privacy within global aviation agencies. A hacker, operating under the alias “Natohub,” has reportedly accessed thousands of sensitive records from the ICAO’s internal recruitment database. Details of the Data Breach Over the weekend, Natohub claimed to have breached…

Leave a Reply

Your email address will not be published. Required fields are marked *