The German tech giant has been the target of a recent data theft. Cybercriminals took advantage of a Zero-Day vulnerability. Apparently, They stole source code from the Bosch i-Site platform, From IoT devices (Internet of Things)
The data was leaked last 20 October on a well-known cybercrime forum, In a small file of just 184KB. There, It includes iSite files, Including code for the authentication system, Messaging and multiple device controllers.
In addition to confidential corporate data, It seems that the files do not contain personal employee data or other sensitive information, fortunately. According to the authors of the leak, They exploited a Zero-Day vulnerability in the SonarQube platform, donde estaban almacenados los datos.
Esto es, Again, un aviso de lo que puede suponer una información almacenada de forma insegura. Las organizaciones deben extremar las precauciones para evitar este tipo de robos e, even, ataques tipo ransomware. Entre los cuidados a tener en cuenta, se incluye el uso de buenos sistemas de detección de amenazas y manejo de incidencias y el uso de sistemas de encriptación para proteger la información confidencial.
Fountain:Cybernews
Image:Wikimedia Commons