all InfoSec news
Hackers Compromised TeamCity Server To Install BianLian’s GO Backdoor
GBHackers On Security gbhackers.com
BianLian attackers exploited a TeamCity vulnerability (CVE-2024-27198 or CVE-2023-42793) to gain initial access and move laterally within the network. They deployed a PowerShell backdoor disguised as legitimate tools that use two-layer obfuscation with encryption and string substitution to communicate with a Command and Control (C2) server. Researchers at Guidepoint Security linked this backdoor to the […]
The post Hackers Compromised TeamCity Server To Install BianLian’s GO Backdoor appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News …
access attackers backdoor bianlian command command and control compromised control cve cve-2024-27198 cyber-attack cyber security disguised encryption exploited guidepoint guidepoint security hackers initial access install malware network obfuscation powershell powershell backdoor researchers security server teamcity tools vulnerability