CISA Alert AA23-074A – Threat actors exploit progress telerik vulnerability in U.S. government IIS server. [CISA Cybersecurity Alerts] | allinfosecnews.com

Web: https://thecyberwire.com/podcasts/cisa-cybersecurity-alerts/44/notes Audio: https://pdst.fm/e/chrt.fm/track/7441E/traffic.megaphone.fm/CYBW7640303159.mp3?updated=1678994606

March 16, 2023, 7:59 p.m. | CyberWire, Inc.

CyberWire Daily thecyberwire.com

CISA, FBI, and the Multi-State Information Sharing and Analysis Center are releasing this joint Cybersecurity Advisory to provide IT infrastructure defenders with TTPs, IOCs, and methods to detect and protect against recent exploitation against Microsoft Internet Information Services web servers.
AA23-074A Alert, Technical Details, and Mitigations
AA23-074A STIX XML
MAR-10413062-1.v1 Telerik Vulnerability in U.S. Government IIS Server
Telerik: Exploiting .NET JavaScriptSerializer Deserialization (CVE-2019-18935)
ACSC Advisory 2020-004
Bishop Fox CVE-2019-18935: Remote Code Execution via Insecure Deserialization in Telerik UI
Volexity Threat …

alert alerts cisa cisa alert cybersecurity exploit government iis progress progress telerik server telerik threat threat actors u.s. government vulnerability

More from thecyberwire.com / CyberWire Daily

Alon Jackson: Sometimes you feel like an octopus. [CEO] [Career Notes] 5 hours ago | thecyberwire.com

career ceo octopus

Blackfly flies back again. [Research Saturday] 1 day, 5 hours ago | thecyberwire.com

A glimpse into Mr. Putin’s cyber war room. 3CXDesktopAppsupply chain risk. XSS flaw in Azure … 1 day, 15 hours ago | thecyberwire.com

alienfox azure code code execution +10

A major supply chain attack is underway. Ms Connor, call your office. Combosquatting. False positives … 2 days, 15 hours ago | thecyberwire.com

attack call cyber don +9

Traffers and the threat to credentials. WiFi protocol flaw. Cross-chain bridge attacks. A shift in … 3 days, 15 hours ago | thecyberwire.com

attacks bridge credentials cross-chain +11

Twitter looks for a leaker. Insider risks. The state of resilience. Russian auxiliaries briefly disrupt … 4 days, 15 hours ago | thecyberwire.com

assembly cyber cyber trends disrupt +14

Evolution of criminal scams (especially BEC). Law enforcement honeypots. ChatGPT data leak. Hybrid war updates. 5 days, 15 hours ago | thecyberwire.com

bec chatgpt criminal data +10

Tanya Janca: Find a community who supports you. [CEO] [Career Notes] 1 week ago | thecyberwire.com

career ceo community find +3

Two viewpoints on the National Cybersecurity Strategy. [Special Edition] 1 week ago | thecyberwire.com

cybersecurity cybersecurity strategy national national cybersecurity strategy +3

Product Security Architect / Red Team PenTester for AUTOSAR (m/w/d)

@ Bosch Group | Stuttgart, Germany

View on infosec-jobs.com

Cloud Security Engineer - 100% US REMOTE

@ Experian | Allen, TX, United States

View on infosec-jobs.com

System Security Analyst

@ Ashburn Consulting | Baltimore, MD, United States

View on infosec-jobs.com

Senior Advisor, Cyber

@ NielsenIQ | Chicago, IL, United States

View on infosec-jobs.com

Junior Application Security Engineer

@ Netcompany-Intrasoft | Athens, Greece

View on infosec-jobs.com

IT and process Control Security Architect

@ Statkraft | Oslo, Norway

View on infosec-jobs.com

Data Scientist, Sr. Consultant - Cybersecurity AI Research & Products

@ Visa | Ashburn, VA, United States

View on infosec-jobs.com

Senior Platform Security Engineer

@ Block | Melbourne, Australia

View on infosec-jobs.com

Snr Security Engineer (cloud)

@ Verisk | Málaga, Spain

View on infosec-jobs.com

Cybersecurity Analyst

@ Visa | Bengaluru, India

View on infosec-jobs.com

Information Security Engineer

@ ServiceNow | Orlando, FL, United States

View on infosec-jobs.com

Director of Cloud Security - 100% US REMOTE

@ Experian | Allen, TX, United States

View on infosec-jobs.com