Security News > 2023 > October > Microsoft Warns of North Korean Attacks Exploiting JetBrains TeamCity Flaw
2023-10-19 07:11
North Korean threat actors are actively exploiting a critical security flaw in JetBrains TeamCity to opportunistically breach vulnerable servers, according to Microsoft. The attacks, which entail the exploitation of CVE-2023-42793 (CVSS score: 9.8), have been attributed to Diamond Sleet (aka Labyrinth Chollima) and Onyx Sleet (aka Andariel or Silent Chollima). It's worth noting that both the
News URL
https://thehackernews.com/2023/10/microsoft-warns-of-north-korean-attacks.html
Related news
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- Microsoft Defender will isolate undiscovered endpoints to block attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-19 | CVE-2023-42793 | Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | 9.8 |