* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Friday, August 29, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    South Park Is In Trouble And Needs To Change Course, Fast – yahoo.com

    South Park Faces Major Challenges and Must Adapt Fast to Survive

    ‘Netflix House’ entertainment complexes are coming. Here’s when they open – Los Angeles Times

    Exciting News: Netflix’s House Entertainment Complexes Are Opening Soon!

    ‘Big Brother’s’ Rylie Jeffries Finally Speaks Out on Katherine Woodman Controversy – El Paso Inc.

    Big Brother’s Rylie Jeffries Finally Speaks Out on Katherine Woodman Controversy

    ‘SNL’ Parts Ways With Emil Wakim Amid Rumored Season 51 Cast Shakeup – yahoo.com

    SNL Shakes Up Season 51 Cast with Emil Wakim’s Surprising Exit

    Do you have a favorable or an unfavorable opinion of Taylor Swift? – YouGov

    Do You Love Taylor Swift or Not? Share Your Thoughts!

    Upload Season 4 Review – yahoo.com

    Upload Season 4 Review: A Thrilling New Chapter Unveiled

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    13 Top Technology Trends (2025) – Exploding Topics

    13 Game-Changing Technology Trends to Watch in 2025

    Japan’s legacy LCD and chip technology find new home in India – Nikkei Asia

    How Japan’s Breakthrough LCD and Chip Technologies Are Driving Innovation in India

    ITSWC 2025: Thursday sessions guide – Traffic Technology Today

    Your Ultimate Guide to Thursday Sessions at ITSWC 2025

    MC Machinery Technology Summit Showcases Manufacturing Innovations – Modern Machine Shop

    MC Machinery Technology Summit Unveils Cutting-Edge Manufacturing Innovations

    US-ROK Technology Cooperation Faces Rising Tensions – The National Interest

    Rising Tensions Put US-South Korea Technology Partnership to the Test

    The Role of AI and Technology in Shaping the Future of Interactive Entertainment – Technology Org

    How AI and Technology Are Transforming the Future of Interactive Entertainment

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    South Park Is In Trouble And Needs To Change Course, Fast – yahoo.com

    South Park Faces Major Challenges and Must Adapt Fast to Survive

    ‘Netflix House’ entertainment complexes are coming. Here’s when they open – Los Angeles Times

    Exciting News: Netflix’s House Entertainment Complexes Are Opening Soon!

    ‘Big Brother’s’ Rylie Jeffries Finally Speaks Out on Katherine Woodman Controversy – El Paso Inc.

    Big Brother’s Rylie Jeffries Finally Speaks Out on Katherine Woodman Controversy

    ‘SNL’ Parts Ways With Emil Wakim Amid Rumored Season 51 Cast Shakeup – yahoo.com

    SNL Shakes Up Season 51 Cast with Emil Wakim’s Surprising Exit

    Do you have a favorable or an unfavorable opinion of Taylor Swift? – YouGov

    Do You Love Taylor Swift or Not? Share Your Thoughts!

    Upload Season 4 Review – yahoo.com

    Upload Season 4 Review: A Thrilling New Chapter Unveiled

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    13 Top Technology Trends (2025) – Exploding Topics

    13 Game-Changing Technology Trends to Watch in 2025

    Japan’s legacy LCD and chip technology find new home in India – Nikkei Asia

    How Japan’s Breakthrough LCD and Chip Technologies Are Driving Innovation in India

    ITSWC 2025: Thursday sessions guide – Traffic Technology Today

    Your Ultimate Guide to Thursday Sessions at ITSWC 2025

    MC Machinery Technology Summit Showcases Manufacturing Innovations – Modern Machine Shop

    MC Machinery Technology Summit Unveils Cutting-Edge Manufacturing Innovations

    US-ROK Technology Cooperation Faces Rising Tensions – The National Interest

    Rising Tensions Put US-South Korea Technology Partnership to the Test

    The Role of AI and Technology in Shaping the Future of Interactive Entertainment – Technology Org

    How AI and Technology Are Transforming the Future of Interactive Entertainment

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Russia joins North Korea in sending state-sponsored cyber troops to pick on TeamCity users

December 14, 2023
in Technology
Russia joins North Korea in sending state-sponsored cyber troops to pick on TeamCity users
Share on FacebookShare on Twitter

Updated The offensive cyber unit linked to Russia’s Foreign Intelligence Service (SVR) is exploiting the critical vulnerability affecting the JetBrains TeamCity CI/CD server at scale, and has been since September, authorities warn.

The news came in an advisory issued by the US’ Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), the Polish Military Counterintelligence Service (SKW), CERT Polska (CERT.PL), and the UK’s National Cyber Security Centre (NCSC).

Announced in late September, the vulnerability, tracked as CVE-2023-42793 with a 9.8 severity score, can be seen as analogous to the one that facilitated the 2020 attack on SolarWinds – which claimed more than 18,000 victims.

The exploit in TeamCity could give attackers enough access to manipulate a software’s source code, sign certificates, and compile and deploy processes, the advisory says.

Although SVR has reportedly exploited servers since September, authorities have not gathered evidence to suggest they have used this access to launch attacks similar to the SolarWinds case.

However, the evidence suggests the access was used to plant additional backdoors in victim’s environments after attackers escalated their privileges and moved laterally around compromised networks.

Software supply chain attacks are particularly valuable for attackers given the potential for delivering malicious code that’s signed as “trusted” to an untold number of organizations.

North Korea is continually looking for opportunities in this area, recent reports revealed, and the country’s state-sponsored attackers were among the first to be observed exploiting CVE-2023-42793.

The authorities warned that although SolarWinds-like attacks have not yet been carried out as a result of the SVR’s TeamCity exploitation, they believe attackers are still in a preparatory phase and that more serious attacks may come further down the line.

Currently, the SVR’s priorities appear to be establishing a foothold in victims’ environments and deploying command and control (C2) infrastructure that’s difficult to detect – a sign of attackers laying the groundwork for future operations.

Legitimate services like Dropbox have been used to mask the SVR’s C2 traffic and malware-related data passing through these were obfuscated inside randomly generated BMP files.

Attackers were also spotted abusing OneDrive for the same purposes, but Microsoft has since confirmed this was disrupted.

This activity was spotted with the SVR’s use of the GraphicalProton backdoor, which itself was wrapped in numerous layers of encryption, obfuscation, encoders, and stagers.

The malware has remained largely unchanged in the months since the authorities began tracking it. However, different variants are being spotted, some with “noteworthy” packaging that use DLL hijacking in the open source monitoring tool Zabbix to begin execution and potentially facilitate long-term stealthy access to victims’ environments. 

Another variant also hides its activity within open source C++ build analysis tool vcperf.

Other post-exploitation activity has involved the deployment of the Mimikatz toolkit, enumerating victims’ Active Directories, disabling antivirus and EDR tools, and more.

The advisory contains an extensive list of recommended mitigations and indicators of compromise to help potential victims uncover any undetected activity.

The number of TeamCity users exploited by the SVR wasn’t disclosed, but the US, Polish and UK authorities say in the advisory that exploits are being carried out on “a large scale.”

Telemetry from Shadowserver indicates that nearly 800 TeamCity instances remain vulnerable to CVE-2023-42793 exploits as of this week, despite patches released by JetBrains in late September.

Aligned with Russia’s ambitions

The authorities say the attempts to exploit TeamCity on a large scale fit in with the country’s broad objectives in cyberspace, which have remained largely unchanged for the past ten years.

“Since 2013, cybersecurity companies and governments have reported on SVR operations targeting victim networks to steal confidential and proprietary information,” they say in the advisory. 

“A decade later, the authoring agencies can infer a long-term targeting pattern aimed at collecting, and enabling the collection of foreign intelligence, a broad concept that for Russia encompasses information on the politics, economics, and military of foreign states; science and technology; and foreign counterintelligence. The SVR also conducts cyber operations targeting technology companies that enable future cyber operations.”

For the past decade, the SVR has primarily relied on spear phishing (targeted phishing) methods to steal political, economic, scientific, and technological foreign intelligence. It was been known to target the likes of governments, think tanks and policy groups, educational institutions, and political organizations. 

The authorities also say it’s less common for the SVR to steal information by exploiting vulnerabilities and breaking into targets’ systems, though the group has extensive experience in the area.

Memory-safe languages so hot right now, agrees Lazarus Group as it slings DLang malware

Korean peninsula space race sees South and North launch tit for tat spy sats

North Korea makes finding a gig even harder by attacking candidates and employers

Industry piles in on North Korea for sustained rampage on software supply chains

Among the examples the agency cites is the 2020 case in which the SVR targeted organizations involved in the development of COVID-19 vaccines using the custom malware WellMess, WellMail, and Sorefang. 

In this week’s advisory, the spy agencies reveal for the first time that this malware was also used to target companies operating in the energy sector in addition to the biomedical sector, though few details were disclosed about this revelation.

It also cites SolarWinds, an attack that Microsoft’s Brad Smith famously branded the most sophisticated in history, the attribution for which didn’t come until the following year.

“This attribution marked the discovery that the SVR had, since at least 2018, expanded the range of its cyber operations to include the widespread targeting of information technology companies,” the authorities say. 

“At least some of this targeting was aimed at enabling additional cyber operations. Following this attribution, the US and UK governments published advisories highlighting additional SVR TTPs, including its exploitation of various CVEs, the SVR’s use of ‘low and slow’ password spraying techniques to gain initial access to some victims’ networks, exploitation of a zero-day exploit, and exploitation of Microsoft 365 cloud environments.” ®

Updated at 14.58 on Dece,ber 14, 2023, to add:

Yaroslav Russkih, head of security at JetBrains, sent us the following statement:

“We were informed about this vulnerability earlier this year and immediately fixed it in TeamCity 2023.05.4 update, which was released on September 18, 2023. Since then, we have been contacting our customers directly or via public posts motivating them to update their software. We also released a dedicated security patch for organizations using older versions of TeamCity that they couldn’t upgrade in time. In addition, we have been sharing the best security practices to help our customers strengthen the security of their build pipelines. As of right now, according to the statistics we have, fewer than 2% of TeamCity instances still operate unpatched software, and we hope their owners patch them immediately. This vulnerability only affects the on-premises instances of TeamCity, while our cloud version was not impacted.”

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : The Register – https://go.theregister.com/feed/www.theregister.com/2023/12/14/russia_joins_north_korea_cybercity/

Tags: joinsRussiatechnology
Previous Post

Suffering from tab overload? Vivaldi unveils Session Panels

Next Post

Intel wants to run AI on CPUs and says its 5th-gen Xeons are ones to do it

Hottest engine in the world reveals weirdness of microscopic physics – New Scientist

The World’s Hottest Engine Unveils the Strange Secrets of Microscopic Physics

August 29, 2025
Secretary Greg Reed: ‘If we’re going to grow the economy, we must be able to grow the workforce’ – Yellowhammer News

Secretary Greg Reed: Expanding the Economy Starts with Growing the Workforce

August 29, 2025
South Park Is In Trouble And Needs To Change Course, Fast – yahoo.com

South Park Faces Major Challenges and Must Adapt Fast to Survive

August 29, 2025
RFK Jr. praises Texas for implementing his health vision – The Texas Tribune

RFK Jr. Applauds Texas for Leading the Way in His Bold Health Vision

August 29, 2025
Former special counsel Jack Smith responds to federal investigation against him about his prosecution of Donald Trump – CNN

Former Special Counsel Jack Smith Breaks Silence on Federal Investigation Into His Trump Prosecution

August 29, 2025
Lake Tanganyika cichlids partition habitat by time – Nature

How Lake Tanganyika Cichlids Share Their Habitat by Time to Thrive

August 29, 2025
Ancient Life “Wakes Up” After 100 Million Years Under the Seafloor – IFLScience

Ancient Life Resurfaces After 100 Million Years Hidden Beneath the Seafloor

August 29, 2025
Golden Apple: Seward science teacher helps students soar – KOLN | Nebraska Local News, Weather, Sports | Lincoln, NE

Golden Apple Award: Seward Science Teacher Inspires Students to Soar

August 29, 2025
Maverick Lifestyle Inc.’s Beta Climbs After Market Volatility getLinesFromResByArray error: size == 0 – thegnnews.com

Maverick Lifestyle Inc.’s Beta Climbs After Market Volatility getLinesFromResByArray error: size == 0 – thegnnews.com

August 29, 2025
13 Top Technology Trends (2025) – Exploding Topics

13 Game-Changing Technology Trends to Watch in 2025

August 29, 2025

Categories

Archives

August 2025
MTWTFSS
 123
45678910
11121314151617
18192021222324
25262728293031
« Jul    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (796)
  • Economy (816)
  • Entertainment (21,695)
  • General (16,744)
  • Health (9,857)
  • Lifestyle (829)
  • News (22,149)
  • People (816)
  • Politics (823)
  • Science (16,025)
  • Sports (21,314)
  • Technology (15,796)
  • World (798)

Recent News

Hottest engine in the world reveals weirdness of microscopic physics – New Scientist

The World’s Hottest Engine Unveils the Strange Secrets of Microscopic Physics

August 29, 2025
Secretary Greg Reed: ‘If we’re going to grow the economy, we must be able to grow the workforce’ – Yellowhammer News

Secretary Greg Reed: Expanding the Economy Starts with Growing the Workforce

August 29, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version