all InfoSec news
Ransomware, Backdoors Deployed in JetBrains Flaw Attacks
Malware Analysis, News and Indicators - Latest topics malware.news
Threat actors have been exploiting a critical JetBrains flaw - disclosed and fixed earlier in March - in widespread attacks that have deployed ransomware, backdoors and cryptocurrency miners on compromised systems.
The JetBrains flaw (CVE-2024-27198), an authentication bypass in the web component of the TeamCity continuous integration and continuous deployment (CI/CD) server, can be exploited by unauthenticated attackers for remote code execution. The flaw was initially patched on March 4, along with another bug (CVE-2024-27199), in version 2023.11.4. Shortly after …
attacks authentication authentication bypass backdoors bypass can compromised continuous continuous integration critical cryptocurrency cve cve-2024-27198 deployment exploiting flaw integration jetbrains march miners ransomware server systems teamcity the web threat threat actors web