RT @jamescox91: Spoke to @ConspiracyProof about his discovery of 1.1 million NHS employees' records being leaked online, Aaron previously d….

Want to know how you can hack Microsoft Power Page websites? How I was able to access (and later secure) PII of 1.1 MILLION #NHS employees? With my latest blog post, you can learn how to pentest a Power Page site for data leaks in as little as 2 minutes. Check it out below:.

The most fun image & video creation tool in the world is here. Try it for free in the Grok App.

RT @CRN: More than 1,000 ServiceNow instances have been discovered to be exposing potentially sensitive Knowledge Base data, according to @….

Want to know how I could've hacked thousands of Oracle NetSuite sites in order to extract sensitive information? It was so severe that within days, Oracle rolled out multiple hardening measures to reduce the risk of it happening again. If you're a pentester, security engineer,

RT @jamescox91: Spoke to @ConspiracyProof about his discovery of the HSE vaccine data of one million people being exposed, and how he publi….

It really concerns me that the HSE are claiming it requires 'deep technical expertise'. They'd be right. if I hadn't published a step-by-step guide on how to manually find, exploit, and secure these kinds of issues in Salesforce systems a year prior:

Other publications available on: .

Read about my recent disclosure on how vaccination details for 1m+ users were exposed in a GOV implementation of Salesforce Health Cloud. My own blog post will be published to the @AppOmniSecurity site tomorrow! . #salesforce #hse #saas #saassecurity #cybersecurity #sfdc.

Since ServiceNow rolled out a point-in-time modification to all blank ACLs, you are likely okay for the time being with respect to data exposure for MOST things. Nonetheless, I encourage you to assess and remove any unneeded Widget Instances that call a public widget. /fin.

As a result, Widget Instances completely bypass the later checks in SNCACLWidgetUtil.hasPublicAccess(). They bypass the:. - Widget Allow List check (LINE 46-49).- Table Allow List check (LINE 51-54). /6.

This is because '/api/now/sp/widget' != '/api/now/sp/rectangle'. Thus, a Widget Instance will always be granted access once the Widget it is calling is defined as public on the Widget record. /5.

One of the first checks in SNCACLWidgetUtil.hasPublicAccess() is to check the Request Path, and if it is NOT A WIDGET PATH, access is immediately granted. /4

If a widget is public, any widget instances that call that widget are also public. There are a number of OOB Widget Instances on the platform that use OOB public widgets (such as Simple List). Widget Instances can be accessed through /api/now/sp/rectangle/<instance_sysid> . /3.

The SNCACLWidgetUtil script that evaluates if a widget is accessible or not, completely disregards Widget Instances. Widget Instances effectively call Widgets with pre-defined parameters in the Widget Instance record. /2.

You may have received this communication as a result of my recent publication which analysed the remediation efforts by ServiceNow and discussed a few oversights that may be cause for concern. Let me provide some details within this thread /1. #servicenow #saas #cybersecurity

Check out my analysis and timeline of the changes made by ServiceNow, topped with my own skepticism regarding the comprehensiveness of the fixes, and a final dash of data security recommendations for the future. #saas #servicenow #cybersecurity #sspm.

Fantastic coverage of my ServiceNow research by .@TheRegister ! A great explanation for individuals whom may not be super technical but wish to gain a basic understanding of how thousands of organisations were exposing sensitive data in #ServiceNow. #saas #cybersecurity.

140k+ URLs, that's the potential blast wave of this issue. Tonnes of the Fortune 500 affected and I've got many open dialogues with Fortune 50 companies that are leaking data such as:.- Entire CMDB.- Email Content .- File Content.- Internal KB articles.- Internal tickets. #saas.

For those who haven't read my research, it's not too late. It's making waves! 🌊🌊. #saas #bugbountytips #CyberSecurity #servicenow.