ShiftDelete.net
FOLLOW US

All trade secrets of Mercedes-Benz revealed! So how did it happen?

A simple mistake but one that will have huge consequences! Mercedes-Benz shared all its trade secrets and open source codes!

All trade secrets of Mercedes-Benz revealed! So how did it happen?

The popular German car brand Mercedes-Benz made a big mistake. The company accidentally shared its open source codes and trade secrets. So, which software does the source code in question belong to? What exactly was the scope of trade secrets shared by the company? Here are all the details about the subject…

All trade secrets and open source codes of Mercedes-Benz have been revealed!

Security is among the indispensable items, especially for large companies. The German automotive company Mercedes-Benz needs to work a little more on this issue. GitHub, where all the brand’s trade secrets and open source codes are located, was literally blown up.

Mercedes-Benz

Many companies that provide security support to large companies go around the internet unannounced and inspect brands. RedHunt Labs, a UK-based security company, was on the tour for exactly this purpose. And in the meantime, they discovered a GitHub repository containing Mercedes-Benz’s trade secrets and source codes.

Making a statement on the issue, Shubham Mittal, co-founder of RedHunt Labs, stated in his statement that they gained full access to the mentioned repository by using an authentication token. He underlined that full access provides access to documents considered “critical”, such as the brand’s future commercial plans, concept and non-concept vehicle designs.

In addition, the company stated that they noticed this token in their scan in January and stated that this token was actually published in September 2023. Through the GitHub repository vulnerability in question, access to the cloud system’s access keys, API keys and additional passwords could also be obtained. It was also stated that the entire infrastructure could be destroyed with an attack on Mercedes-Benz’s information systems using all these passwords and keys.

Regarding the issue, an official from Mercedes-Benz stated that all the API tokens in question were canceled and the pool that was open to the public was removed. But the token, which has not been audited since September, has been publicly available for a long time. Questions such as who received what information during the elapsed time remain unanswered.

SDN Comments 0 Comments

Comment

Related News

oppo find n5
Oppo Find N5 could be the world’s most powerful foldable phone!
The world’s best-selling smartphone model has been announced!
The world’s best-selling smartphone model has been announced!
Galaxy Samsung z flip
Affordable foldable Z Flip FE coming from Samsung?
google pixel 11 pro
Google Pixel 11 series may compromise on performance this time!

SDN Network

Sihirli Elma Yeşil Robot Tech Inside Pembe Teknoloji Future Flow Life

SDN.net

1250 BORREGAS AVENUE, #40, SUNNYVALE, CA
94089 ShiftDelete.Net LLC

info@shiftdelete.net

Shiftdelete.Net is a member of the Association of Internet Media and IT Reporters.

Desteklio