Advertisement:

Quark

Partners:

Quark
Polskie Stowarzyszenie Bitcoin

“TeamCity Security in Question – Growing Threats from Cybercriminals”

Rising cybersecurity threats exploit JetBrains TeamCity vulnerabilities, posing risks to organizations. Ransomware groups leverage CVE-2024-27198 flaw for attacks. FBI data reveals a surge in ransomware incidents targeting critical infrastructure, despite overall attack reduction. Cybercriminals use advanced tactics like living-off-the-land methods, stressing the need for vigilant security measures and adaptation to evolving threats.

Attacks Exploiting Vulnerabilities in JetBrains TeamCity Software

The situation in the cybersecurity market is becoming increasingly dangerous due to the growing number of attacks exploiting vulnerabilities in popular applications. Recently disclosed vulnerability in JetBrains TeamCity software has become the target of many threat actors who are using it to spread various forms of malicious software.

Exploiting CVE-2024-27198 Vulnerability

Attacks based on the CVE-2024-27198 vulnerability pose a particular threat to TeamCity users as they allow bypassing authorization measures and gaining administrative control over affected servers. With a CVSS score of 9.8, the severity of this threat indicates potential serious consequences for organizations.

Response to Software Vulnerabilities

Ransomware groups like BianLian and Jasmin, as well as creators of cryptocurrency miners and other malicious programs, quickly exploited the disclosed TeamCity vulnerability for their purposes. Therefore, it is crucial for organizations using this software for CI/CD processes to immediately update their environments to secure against potential attacks.

Ransomware Infection Statistics

FBI data highlights an alarming trend of increasing ransomware infections. In 2023, 2825 cases were reported, resulting in financial damages exceeding $59.6 million. Notably, nearly half of these attacks targeted critical infrastructure, underscoring the scale of the problem.

Ransomware Activity Surge

According to Symantec, despite a reported decrease in ransomware attacks, the activity of these groups continues to rise. NCC Group reports that in February 2024, ransomware cases increased by 46% compared to January, with various groups like LockBit and Hunters dominating the landscape.

New Trends in Cybercriminal Tactics

Cybercriminals constantly refine their techniques and attack methods. Presently, attacks exploiting vulnerabilities in publicly available applications and living-off-the-land tactics are popular, allowing evasion of detection. Tools like TrueSightKiller and GhostDriver enable them to disable security software, making attacks even more effective.

Partnerships Among RaaS Operators

It is worth noting that the increased scrutiny on major ransomware operators is leading to the formation of new partnership relationships among them. This phenomenon may complicate detection and attribution of attacks, as well as facilitate operators transitioning to other providers due to lower requirements. It indicates the continuous evolution of threats in cyberspace and the necessity of constant adaptation to the changing landscape.

Related

Rampant Phishing Attacks in the Cryptocurrency World: Dramatic Consequences and Unveiled Culprits
Rampant Phishing Attacks in the Cryptocurrency World: Dramatic Consequences and Unveiled Culprits
Data security: traditional methods vs. blockchain – which method is more effective?
Data security: traditional methods vs. blockchain – which method is more effective?
Europol, a well-known institution, hacked by IntelBroker: Stolen information in the hands of the buyer
Europol, a well-known institution, hacked by IntelBroker: Stolen information in the hands of the buyer
Dell Company Alert: Data Breach Affects 49 Million Customers. What Risks Await the Affected?
Dell Company Alert: Data Breach Affects 49 Million Customers. What Risks Await the Affected?