all InfoSec news
JetBrains TeamCity Authentication Bypass (CVE-2023-42793)
Dec. 15, 2023, 5:57 p.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
Multiple cyberthreat actors seen exploiting the authentication bypass flaw in JetBrains TeamCity that could lead to remote code execution. If compromised, access to a TeamCity server would provide malicious actors with access to the software developer's source code, signing certificates, and the ability to manipulate software compilation and deployment processes. The malicious actors could further use to conduct supply chain operations.
What is the Vendor Solution?
JetBrains released patch on September 18, 2023 to fix the …
access attack authentication authentication bypass authentication bypass flaw bypass certificates code code execution compromised cve cyberthreat deployment developer exploiting flaw jetbrains jetbrains teamcity malicious malicious actors processes remote code remote code execution server signing software software developer source code teamcity what is
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
Tinyproxy use-after-free Vulnerability (CVE-2023-49606)
1 week, 2 days ago |
fortiguard.fortinet.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368
@ Allen Integrated Solutions | Chantilly, Virginia, United States
Consultant Sécurité SI H/F Gouvernance - Risques - Conformité
@ Hifield | Sèvres, France
Infrastructure Consultant
@ Telefonica Tech | Belfast, United Kingdom