Your logistics IT backbone breached – nobody told you for four days

Cyber

ID 56153101
© Flynt
| Dreamstime.com

In a nutshell: ServiceNow’s unauthenticated API flaw exposed enterprise data including IT tickets, credentials, and employee records. The company patched it silently, then hid the advisory behind a login wall. If you run ServiceNow for ITSM, HR, or supply chain workflows, this is your problem.

About three weeks ago, someone queried your ServiceNow instance without a password, without a token, without any credential at all, and ServiceNow decided you didn’t need to know about it right away.

In early …

 

Leave a Reply

Discover more from Mikhail Family Investment

Subscribe now to keep reading and get access to the full archive.

Continue reading