SecurityWeek
26 Security Issues Patched in TeamCity
JetBrains patches 26 security issues in TeamCity and takes steps to avoid malicious exploitation of vulnerabilities.
SecurityWeek
JetBrains Patches Critical Authentication Bypass in TeamCity
JetBrains releases patches for a critical-severity TeamCity authentication bypass leading to remote code execution.
Infosecurity News
TeamCity Users Urged to Patch Critical Vulnerabilities
JetBrains says on-premises TeamCity servers must be upgraded to mitigate two critical new bugs
Infosecurity News
Hundreds of Rogue Users Added to Unpatched TeamCity Servers
Security experts warn of mass exploitation of critical TeamCity vulnerability
CSO
TeamCity supply chain bugs receive massive exploitation
Many TeamCity instances remain unpatched, allowing hackers to generate rogue admin accounts at a massive scale.
SecurityWeek
Recent TeamCity Vulnerability Exploited in Ransomware Attacks
Servers impacted by recently patched TeamCity vulnerability CVE-2024-27198 targeted in ransomware attacks and abused for DDoS.
SecurityWeek
North Korean Hackers Exploiting Recent TeamCity Vulnerability
Multiple North Korean hacking groups have exploited a recent TeamCity vulnerability and Microsoft warns of potential supply chain attacks.
Bleeping Computer
Ransomware gangs now exploiting critical TeamCity RCE flaw
Ransomware gangs are now targeting a recently patched critical vulnerability in JetBrains' TeamCity continuous integration and deployment server.
The Hacker News
BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks
Hackers leveraging JetBrains TeamCity flaws to propagate BianLian ransomware attacks
The Hacker News
Critical JetBrains TeamCity On-Premises Flaws Could Lead to Server Takeovers
JetBrains TeamCity vulnerabilities could let hackers take full control of your servers.
Security Affairs
BianLian group exploits JetBrains TeamCity bugs in ransomware attacks
BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks.
SecurityWeek
Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies
US, UK, and Poland warn of Russia-linked cyberespionage group’s broad exploitation of recent TeamCity vulnerability.
.webp)
Cyber Security News
BianLian Hackers Exploiting TeamCity Servers to Deploy Powershell Backdoor
The BianLian Hackers have uncovered a new method of attack involving the exploitation of TeamCity servers.
Security Affairs
Experts warn of critical JetBrains TeamCity On-Premises bug
A new vulnerability in JetBrains TeamCity On-Premises can be exploited by threat actors to take over vulnerable instances.
Security Affairs
CISA adds JetBrains TeamCity bug to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a JetBrains TeamCity vulnerability to its Known Exploited Vulnerabilities catalog................
SecurityWeek
Recently Patched TeamCity Vulnerability Exploited to Hack Servers
In-the-wild exploitation of a critical vulnerability in the TeamCity CI/CD server started shortly after a patch was released by developers.
DarkReading
Critical TeamCity Bugs Endanger Software Supply Chain
Customers warned to immediately patch critical vulnerabilities in on-prem deployments of CI/CD pipeline tool JetBrains TeamCity that could allow threat actors to gain admin server control.
The Hacker News
CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability
CISA has added a critical JetBrains TeamCity flaw (CVE-2024-27198, CVSS 9.8) to its KEV catalog due to active exploitation.
Security Affairs
Experts disclosed two flaws in JetBrains TeamCity On-Premises SW
Two new security flaws in JetBrains TeamCity On-Premises software can allow attackers to take over affected systems.
Security Affairs
Threat actors actively exploit JetBrains TeamCity flaws to deliver malware
Multiple threat actors are exploiting the recently disclosed JetBrains TeamCity flaw CVE-2024-27198 in attacks in the wild.
Bleeping Computer
JetBrains warns of new TeamCity auth bypass vulnerability
JetBrains urged customers today to patch their TeamCity On-Premises servers against a critical authentication bypass vulnerability that can let attackers take over vulnerable instances with admin privileges.
Latest Hacking News
Critical Security Flaw Found In JetBrains TeamCity
Researchers caught a serious security flaw in JetBrains TeamCity software that could allow unauthenticated code execution attacks. JetBrains patched the vulnerability following the bug report, urging users to update their servers as soon as possible. JetBrains
DarkReading
Global TeamCity Exploitation Opens Door to SolarWinds-Style Nightmare
Russia's APT29 is going after a critical RCE flaw in the JetBrains TeamCity software developer platform, prompting governments worldwide to issue an urgent warning to patch.
CyberSecurity Dive
JetBrains warns of another critical CVE in on-premises TeamCity servers
The new vulnerability disclosure comes two months after authorities warned of other TeamCity exploitation activity linked to Midnight Blizzard.
The Hacker News
Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover - Patch Now
Critical Flaw in JetBrains TeamCity On-Premises (CVE-2024-23917) Allows Attackers to Take Over Servers
The Record
JetBrains releases urgent advisory on vulnerabilities affecting TeamCity
The Czech software giant advised users to urgently patch two vulnerabilities affecting all on-premises versions of its TeamCity product, which is used by developers to test and exchange software code before its release.
Bleeping Computer
CISA: Russian hackers target TeamCity servers since September
CISA and partner cybersecurity agencies and intelligence services warned that the APT29 hacking group linked to Russia's Foreign Intelligence Service (SVR) has been targeting unpatched TeamCity servers in widespread attacks since September 2023.
Latest Hacking News
TeamCity RCE Flaw Actively Exploited To Deploy Ransomware
The recently patched TeamCity RCE flaw is now under active attack by numerous ransomware gangs. The researchers warn the organizations to patch their systems immediately, suspecting most have already fallen prey to the attacks. Multiple Ransomware
Infosecurity News
Cozy Bear Hackers Target JetBrains TeamCity Servers in Global Campaign
The FBI and CISA detected that hackers linked to the Russian foreign intelligence service (SVR) have been targeting a JetBrains TeamCity vulnerability since September 2023
Trend Micro
TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types
CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.
HACKRead
Russian APT29 Hacked US Biomedical Giant in TeamCity-Linked Breach
According to cybersecurity researchers at FortiGuard Labs, the Russian intelligence-linked APT29 group exploited a critical TeamCity vulnerability, which had initially been patched in September 2023.
SecurityWeek
In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover
A critical vulnerability in the TeamCity CI/CD server could allow unauthenticated attackers to execute code and take over vulnerable servers.
The Hacker News
Microsoft Warns of North Korean Attacks Exploiting JetBrains TeamCity Flaw
North Korean threat actors known as Diamond Sleet and Onyx Sleet are exploiting a critical security flaw in JetBrains TeamCity to breach servers.
The Hacker News
Russian SVR-Linked APT29 Targets JetBrains TeamCity Servers in Ongoing Attacks
Russian SVR-linked APT29 targets unpatched JetBrains TeamCity servers using CVE-2023-42793, a vulnerability enabling remote code execution by unauthen
Bleeping Computer
North Korean hackers exploit critical TeamCity flaw to breach networks
Microsoft says that the North Korean Lazarus and Andariel hacking groups are exploiting the CVE-2023-42793 flaw in TeamCity servers to deploy backdoor malware, likely to conduct software supply chain attacks.
Bleeping Computer
Exploit available for new critical TeamCity auth bypass bug, patch now
A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control of the server with administrative permissions.
The Hacker News
TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks
Multiple threat actors exploit security flaws in JetBrains TeamCity to deploy ransomware, crypto miners, Cobalt Strike beacons, and Spark RAT
The Hacker News
Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers
Your CI/CD pipeline may be at risk! A critical security vulnerability (CVE-2023-42793) has been uncovered in JetBrains TeamCity software.
Cyber Security News
Investigating Two TeamCity Authentication Bypass Vulnerabilities
Reviewing the “getJspFromRequest” method details we can see that it pulls the HTTP parameter “jsp” from the web request.
DarkReading
JetBrains TeamCity Mass Exploitation Underway, Rogue Accounts Thrive
Just one day after disclosure, adversaries began targeting the vulnerabilities to take complete control of affected instances of the popular developer platform.
Infosecurity News
Patched Critical Flaw Exposed JetBrains TeamCity Servers
Tracked as CVE-2024-23917, the flaw carries a CVSS rating of 9.8
SC Magazine
JetBrains TeamCity critical flaw exploited; 1.4k servers compromised
Attackers are creating hundreds of admin accounts, with a high potential for supply chain attacks.
DarkReading
Patch Now: Critical TeamCity Bug Allows for Server Takeovers
Cyberattackers can exploit a vulnerability in JetBrain's continuous integration and delivery (CI/CD) server (APT target) to gain administrative control.
SC Magazine
BianLian ransomware crew exploiting bugs in JetBrains' TeamCity platform
Known for its adaptability, the threat group is once again taking advantage of recent vulnerabilities organizations may not have patched yet.
SC Magazine
Open-source ransomware, RATs deployed on compromised TeamCity servers
Jasmin ransomware, SparkRAT and XMRig cryptominers were dropped post-exploitation of CVE-2024-27198.
CyberSecurity Dive
JetBrains TeamCity a ripe attack target as more vulnerabilities emerge
Despite available security fixes, Rapid7 researchers raised concerns about JetBrains' lack of coordination in vulnerability disclosure.
CyberSecurity Dive
Critical flaw in JetBrains TeamCity exploited weeks after patch issued
State-linked actors are targeting the CI/CD platform, and the vendor warns backdoors are lingering undetected.
DarkReading
North Korean State Actors Attack Critical Bug in TeamCity Server
Known threat groups Diamond Sleet and Onyx Sleet focus on cyber espionage, data theft, network sabotage, and other malicious actions, Microsoft says.
CyberSecurity Dive
JetBrains says TeamCity servers exploited as it defends disclosure policies
The company is publicly disputing with Rapid7 researchers over the timing and detail provided in connection with critical security vulnerabilities.
Infosecurity News
BianLian Threat Actor Shifts Focus to Extortion-Only Tactics
GuidePoint said the threat actor gained initial access via vulnerabilities in a TeamCity server
Infosecurity News
North Korean Attackers Exploiting Critical CI/CD Vulnerability
Microsoft has warned organizations using JetBrains TeamCity server to take immediate steps to mitigate this threat
CyberNews
JetBrains vulnerability actively exploited in the wild: CISA urging users to patch
America’s cyber defense agency CISA is warning of a critical vulnerability that allows bypass authentication and the ability to perform admin actions on JetBrains TeamCity.
CyberSecurity Dive
State-linked cyber actors behind SolarWinds plant seeds for new malicious campaign
U.S. authorities are raising alarms that the 2020 Sunburst attack threat actors are exploiting a CVE in JetBrains TeamCity in preparation for future supply chain compromises.
The Record
JetBrains vulnerability being exploited by North Korean gov’t hackers, Microsoft says
Multiple groups of hackers tied to North Korea’s government are targeting a vulnerability that emerged earlier this year in a popular product from Czech software giant JetBrains, Microsoft says.
The Record
Russian foreign intelligence service spotted exploiting JetBrains vulnerability
Agencies in the U.S., U.K. and Poland said the hacking group tracked as APT29 or Cozy Bear was exploiting a software vulnerability previously used by hackers attributed to North Korea's government.
Security Affairs
Security Affairs newsletter Round 462 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
DarkReading
'Midnight Blizzard' Breached HPE Email Months Before Microsoft Hack
The Russian APT behind the SolarWinds attacks exfiltrated data from HPE email accounts last May.
The Hacker News
CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities
CISA has identified 2 active vulnerabilities - CVE-2023-42793 and CVE-2023-28229.
The Cyber Wire
Ukraine at D+658: Maximalist rhetoric from the Kremlin.
Russia increases cyber and kinetic strikes against civilians and infrastructure as winter closes in. The SVR undertakes a cyber campaign against software supply chains.
SC Magazine
Lazarus Group continues to exploit Log4j flaw in latest campaign
In addition to Log4j, the North Korean threat group’s latest campaign also involves three previously unknown Dlang-based malware variants.
Security Affairs
Security Affairs newsletter Round 463 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
The Cyber Express
JetBrains Blasts Rapid7 Over ‘Reckless’ Vulnerability Leak, Triggering Global Security Firestorm
In the ongoing debate concerning the ethics of vulnerability disclosure, Czech software giant JetBrains has taken a firm stance against
Security Affairs
Security Affairs newsletter Round 458 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
The Cyber Express
Void Interactive Data Breach: Developer of Popular SWAT Team Game Suffers Source Code Leak
Void Interactive, the Ireland-based indie game developer behind Ready or Not, fell victim to massive data breach with over 4TB
The Cyber Express
BianLian Ransomware Strikes Lindsay Municipal Hospital: Another US Institution Under Attack
The Lindsay Municipal Hospital cyberattack has been claimed by the BianLian ransomware group. This nefarious organization, known for its disruptive
Security Affairs
Security Affairs newsletter Round 464 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
SecurityWeek
Apache Patches Critical RCE Vulnerability in Struts 2
Apache has addressed a critical-severity Struts 2 file upload vulnerability that could lead to remote code execution.
SecurityWeek
In Other News: Crypto Exchange Hack Guilty Plea, Rating AI Vulnerabilities, Intellexa Spyware
Cryptocurrency exchange hacker pleads guilty, rating LLM vulnerabilities, Intellexa spyware analysis by Cisco.
CyberSecurity Dive
Threat actors are turning to novel malware as malicious attacks rise
BlackBerry identified 5,300 unique malware samples targeting its customers per day from September through December.
SecurityWeek
North Korean Software Supply Chain Attack Hits North America, Asia
North Korean hackers breached a Taiwanese company and used its systems to deliver malware to the US, Canada, Japan and Taiwan in a supply chain attack.
SecurityWeek
AnyDesk Shares More Information on Recent Hack
AnyDesk has provided more information on the recent hack, including when the attack started and its impact.
SecurityWeek
Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns
Russian threat group ColdRiver has developed Spica, a malware that enables it to compromise systems and steal information.
CyberSecurity Dive
Microsoft to overhaul internal security practices after Midnight Blizzard attack
After Microsoft disclosed a state-sponsored actor stole data from senior executives, experts are raising questions about its security capabilities and practices.
SecurityWeek
Exploitation of Critical ownCloud Vulnerability Begins
Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure.
SecurityWeek
Qlik Sense Vulnerabilities Exploited in Ransomware Attacks
Qlik Sense vulnerabilities CVE-2023-41266, CVE-2023-41265 and CVE-2023-48365 exploited for initial access in Cactus ransomware attacks.
SecurityWeek
AnyDesk Revokes Passwords, Certificates in Response to Hack
AnyDesk is revoking certificates and passwords in response to a recently discovered security breach impacting production systems.
CyberScoop
North Korean hacking ops continue to exploit Log4Shell
Two years after it was disclosed, the Log4j vulnerability continues to enable North Korean hacking operations.
Security Affairs
North Korea-linked APT Diamond Sleet supply chain attack relies on CyberLink software
North Korea-linked APT group Diamond Sleet is distributing a trojanized version of the CyberLink software in a supply chain attack.
The Hacker News
North Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack
North Korean hackers, aka Diamond Sleet, spread a trojanized version of CyberLink's legit app.
SecurityWeek
HPE Says Russian Government Hackers Had Access to Emails for 6 Months
HPE told the SEC that Russian state-sponsored threat group Midnight Blizzard had access to an email system for several months.
CSO
Russia-based group hacked emails of Microsoft’s senior leadership
The global tech giant has alleged that the cyberattack was carried out by a Russian threat actor Midnight Blizzard or Nobelium.
SecurityWeek
New DLL Search Order Hijacking Technique Targets WinSxS folder
Attackers can abuse a new DLL search order hijacking technique to execute code in applications within the WinSxS folder.
HACKRead
UAC-0099 Hackers Using Old WinRAR Flaw in New Cyberattack on Ukraine
The exploited WinRAR vulnerability was a zero-day flaw identified in August 2023 – Despite subsequent patching efforts, unpatched systems remain at risk and continue to be targeted.
The Hacker News
North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
North Korean hackers used fake job offers to deliver a new Trojan called Kaolin RAT. It can change file timestamps and load malware.
The Hacker News
Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws
Microsoft releases Patch Tuesday updates to patch 61 new vulnerabilities, including privilege escalation flaws in Azure, Windows, & Authenticator.
The Hacker News
Lazarus Group Using Log4j Exploits to Deploy Remote Access Trojans
Lazarus Group launched a new global campaign involves exploiting security flaws in Log4j to deploy previously undocumented RAT on compromised hosts.
Security Affairs
Security Affairs newsletter Round 450 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
SecurityWeek
Mass Exploitation of 'Citrix Bleed' Vulnerability Underway
Multiple threat actors are exploiting CVE-2023-4966, aka Citrix Bleed, a critical vulnerability in NetScaler ADC and Gateway.
Infosecurity News
Microsoft: China Using AI-Generated Content to Sow Division in US
A Microsoft report found that China-affiliated actors are publishing AI-generated content on social media to amplify controversial domestic issues in the US
The Hacker News
Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days
Microsoft's latest Patch Tuesday tackles 73 vulnerabilities, including actively exploited zero-days.
SecurityWeek
Details and Lessons Learned From the Ransomware Attack on the British Library
The inside story on the destructive ransomware cyberattack that the British Library experienced in October 2023.
.webp)
Cyber Security News
Cyber Security News Weekly Round-Up : Cyber Attacks, Vulnerabilities, Threats & New Cyber Stories
With our weekly cybersecurity news summary, explore and learn about the most recent developments in the cybersecurity field.
.png)
Cyber Security News
Cyber Security News Weekly Round-Up : Cyber Attacks, Vulnerabilities, Threats & New Cyber Stories
cybersecurity news will keep you posted on the latest developments, exposures, advances, occurrences, threats, and narratives in this field.
CSO
Repeated cyberattacks on court systems raise security concerns for the US
Court systems form crucial national infrastructure and therefore a nation-state angle cannot be completely ruled out in the recent surge in attacks.
Bleeping Computer
Microsoft February 2024 Patch Tuesday fixes 2 zero-days, 74 flaws
Today is Microsoft's February 2024 Patch Tuesday, which includes security updates for 74 flaws and two actively exploited zero-days.
Bleeping Computer
Microsoft February 2024 Patch Tuesday fixes 2 zero-days, 73 flaws
Today is Microsoft's February 2024 Patch Tuesday, which includes security updates for 73 flaws and two actively exploited zero-days.