all InfoSec news
JetBrains TeamCity Authentication Bypass (CVE-2023-42793)
Dec. 15, 2023, 5:57 p.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
Multiple cyberthreat actors seen exploiting the authentication bypass flaw in JetBrains TeamCity that could lead to remote code execution. If compromised, access to a TeamCity server would provide malicious actors with access to the software developer's source code, signing certificates, and the ability to manipulate software compilation and deployment processes. The malicious actors could further use to conduct supply chain operations.
What is the Vendor Solution?
JetBrains released patch on September 18, 2023 to fix the …
access attack authentication authentication bypass authentication bypass flaw bypass certificates code code execution compromised cve cyberthreat deployment developer exploiting flaw jetbrains jetbrains teamcity malicious malicious actors processes remote code remote code execution server signing software software developer source code teamcity what is
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Intern, Cyber Security Vulnerability Management
@ Grab | Petaling Jaya, Malaysia
Compliance - Global Privacy Office - Associate - Bengaluru
@ Goldman Sachs | Bengaluru, Karnataka, India
Cyber Security Engineer (m/w/d) Operational Technology
@ MAN Energy Solutions | Oberhausen, DE, 46145
Armed Security Officer - Hospital
@ Allied Universal | Sun Valley, CA, United States
Governance, Risk and Compliance Officer (Africa)
@ dLocal | Lagos (Remote)