Security News > 2023 > March > Hands up who DIDN'T exploit this years-old flaw to ransack a US govt web server...
Multiple criminals, including at least potentially one nation-state group, broke into a US federal government agency's Microsoft Internet Information Services web server by exploiting a critical three-year-old Telerik bug to achieve remote code execution.
"Analysts determined that multiple cyber threat actors, including an APT actor, were able to exploit a.NET deserialization vulnerability in Progress Telerik user interface for ASP.NET AJAX, located in the agency's Microsoft Internet Information Services web server," the joint advisory said.
Deserialization vulnerabilities affect multiple programming languages and applications, and, as Mandiant explains, are essentially the "Result of applications placing too much trust in data that a user can tamper with."
Top tip, everyone: Chinese hackers are hitting these 25 vulns, so make sure you patch them ASAP, says NSA US House reps, staff health data swiped in cyber-heist US Marshals Service leaks 'law enforcement sensitive information' in ransomware incident Pair accused of breaking into US law enforcement database, posing as cops.
The latest security alert follows a series of high-profile US government break ins and data theft.
In late February, the US Marshals Service admitted a "Major" breach of its information security defenses led to a ransomware infection and exfiltration of "Law-enforcement sensitive information." .
News URL
https://go.theregister.com/feed/www.theregister.com/2023/03/15/cisa_us_microsoft_hacked/
Related news
- Ransomware hits web hosting servers via vulnerable CyberPanel instances (source)
- Hackers exploit ProjectSend flaw to backdoor exposed servers (source)
- Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities (source)
- Apache fixes remote code execution bypass in Tomcat web server (source)