March 4, 2024 at 06:09PM TeamCity’s cloud versions are already patched against new critical vulnerabilities, but on-premises deployments require immediate patching, warns the vendor. The platform, used by major organizations including Citibank and Nike, manages the software development CI/CD pipeline. The vulnerabilities (CVE-2024-27198 and CVE-2024-27199) could enable threat actors to bypass authentication and gain admin … Read more
February 7, 2024 at 01:33PM JetBrains has issued a security patch for a critical vulnerability in its TeamCity On-Premises server, which could be exploited by remote attackers to gain control over the server. This impacts all versions from 2017.1 to 2023.11.2. Users are urged to update to the patched version or install a security patch … Read more
February 7, 2024 at 07:37AM JetBrains urges all TeamCity (on-prem) users to upgrade to the latest version due to a critical vulnerability (CVE-2024-23917) with a 9.8 CVSS score, allowing unauthenticated remote attackers to seize control of vulnerable servers. This affects versions from 2017.1 to 2023.11.2, patched in 2023.11.3. Admins are advised to upgrade immediately or … Read more
February 7, 2024 at 04:02AM JetBrains warns of critical security flaw (CVE-2024-23917) in TeamCity On-Premises software, allowing unauthenticated attackers to gain administrative control. Users advised to update to version 2023.11.3 or use a security patch plugin. Vulnerability affects versions from 2017.1 to 2023.11.2. No known exploits, but caution urged due to past similar incidents. Key … Read more
February 6, 2024 at 12:36PM JetBrains has issued a critical security alert, urging customers to patch their TeamCity On-Premises servers to address a vulnerability (CVE-2024-23917) allowing attackers to gain admin privileges through remote code execution attacks. Customers are advised to update to version 2023.11.3 immediately. An earlier flaw (CVE-2023-42793) has been exploited by various threat … Read more
December 14, 2023 at 06:24AM Russian threat actors linked to APT29 and SVR have been targeting unpatched JetBrains TeamCity servers since September 2023, exploiting CVE-2023-42793. This involves initial access to the compromised network environments and subsequent deployment of backdoors. The attacks aim to compromise source code, signing certificates, and software deployment processes, impacting numerous sectors … Read more
October 19, 2023 at 04:33PM North Korean state-backed threat groups, Diamond Sleet and Onyx Sleet, are exploiting a critical vulnerability in JetBrains TeamCity server to carry out cyber espionage, data theft, and other malicious activities. Over 30,000 organizations, including Citibank, Nike, and Ferrari, use TeamCity. The vulnerability allows attackers to gain administrative privileges and execute … Read more
October 19, 2023 at 07:06AM Multiple North Korean threat actors, including Diamond Sleet and Onyx Sleet, have been targeting vulnerable TeamCity servers using the CVE-2023-42793 vulnerability, which allows remote code execution and admin-level access. Microsoft warns that these threat actors have a history of conducting software supply chain attacks and poses a high risk to … Read more
October 18, 2023 at 06:34PM Microsoft reports that the North Korean hacking groups Lazarus and Andariel are exploiting a vulnerability in TeamCity servers, CVE-2023-42793, to deploy backdoor malware. These attacks are likely aimed at conducting software supply chain attacks. Once the server is breached, the hackers use different attack chains to gain persistence on the … Read more