all InfoSec news
Old Telerik UI vulnerability leveraged for Cobalt Strike distribution
June 16, 2022, 8:32 p.m. | SC Staff
SC Magazine feed for Strategy www.scmagazine.com
BleepingComputer reports that web servers are being compromised by threat actor Blue Mockingbird with the exploitation of a three-year-old security vulnerability in the Telerik UI library for ASP.NET AJAX to facilitate Cobalt Strike beacon deployment and Monero mining, two years after the same flaw, tracked as CVE-2019-18935, has been used to target unpatched Microsoft IIS servers with Telerik UI two years ago.
cobalt cobalt strike distribution old telerik vulnerability vulnerability management
More from www.scmagazine.com / SC Magazine feed for Strategy
Rockwell Automation posts advisories on 10 new bugs
1 day, 3 hours ago |
www.scmagazine.com
Call for 2024 SC Awards nominations
2 days, 9 hours ago |
www.scmagazine.com
Jobs in InfoSec / Cybersecurity
Information Technology Specialist II: Network Architect
@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA
Cybersecurity Skills Challenge -- Sponsored by DoD
@ Correlation One | United States
Security Operations Center (SOC) Analyst
@ GK Cybersecurity Group | Remote
Technical Writer Cybersecurity (Clearance Required)
@ ICF | Virginia Client Office (VA88)
Threat Management & Intelligence Expert (m/f/d)
@ METRO/MAKRO | Düsseldorf, Germany
IT Security Manager
@ Deutsche Telekom IT Solutions Slovakia | Košice, Slovakia (Slovak Republic)