March 29, 2024 at 07:18AM JetBrains released TeamCity 2024.03, addressing 26 security issues and introducing semi-automatic security updates. They emphasized not sharing vulnerability details to protect clients using older versions. The update patches seven CVEs, including a high-severity flaw enabling bypass of two-factor authentication. JetBrains’ cautious approach follows a recent incident of a critical flaw … Read more
March 28, 2024 at 01:29PM Users of JetBrains TeamCity are advised to upgrade to the latest version due to the release of 26 security fixes. However, JetBrains has not revealed specific details about the vulnerabilities, opting for extreme caution following past disclosure drama. The new version also introduces a semi-automatic upgrade feature for on-premises users, … Read more
March 20, 2024 at 07:30AM Multiple threat actors are exploiting security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based remote access trojan. The attacks entail the exploitation of CVE-2024-27198, enabling adversaries to gain administrative control over affected servers. Organizations using TeamCity are urged to update their software … Read more
March 12, 2024 at 12:34PM JetBrains and Rapid7 are embroiled in a public dispute over a software vulnerability disclosure. Following Rapid7’s detailed disclosure of vulnerabilities in TeamCity, JetBrains accused them of unethical actions which led to ransomware attacks. The spat highlights the need for clear disclosure norms in the infosec space to protect customers and … Read more
March 8, 2024 at 02:09AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in JetBrains TeamCity On-Premises software to its Known Exploited Vulnerabilities catalog due to active exploitation by threat actors. The vulnerability allows for complete server compromise and has been weaponized to deliver ransomware. Users are urged to … Read more
March 7, 2024 at 11:39AM Security researchers have observed increasing exploit attempts using the latest vulnerabilities in JetBrains’ TeamCity, leading to ransomware deployment. Telemetry indicates active attacks using modified Jasmin ransomware. The uncoordinated disclosure of vulnerabilities between JetBrains and Rapid7 has caused a stir in the cybersecurity community, highlighting contrasting policies regarding vulnerability disclosure. Users … Read more
March 7, 2024 at 07:34AM Hackers are exploiting a critical authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises. Hundreds of unpatched instances are being compromised, posing a risk of supply-chain attacks. Vulnerable hosts are mainly in Germany, the United States, and Russia. Rapid7 urges immediate update to fix the severe issue. (Word count: 50) Key takeaways … Read more
March 5, 2024 at 08:19AM Rapid7 accused JetBrains of silently patching two critical vulnerabilities in the TeamCity CI/CD server, despite Rapid7’s policy against such actions. JetBrains’ attempt to release patches before publicly disclosing was met with Rapid7’s refusal. JetBrains later released patches without informing researchers, leading to criticism from the infosec community. From the meeting … Read more
March 5, 2024 at 07:06AM JetBrains has released patches for critical authentication bypass vulnerabilities in its TeamCity build management server. Tracked as CVE-2024-27198 and CVE-2024-27199, these flaws allow unauthenticated attackers to gain full control of the server, execute arbitrary code, and access sensitive information. A security fix is available in TeamCity version 2023.11.4. Customers are … Read more
March 4, 2024 at 06:09PM TeamCity’s cloud versions are already patched against new critical vulnerabilities, but on-premises deployments require immediate patching, warns the vendor. The platform, used by major organizations including Citibank and Nike, manages the software development CI/CD pipeline. The vulnerabilities (CVE-2024-27198 and CVE-2024-27199) could enable threat actors to bypass authentication and gain admin … Read more