Today > | 5 Medium | 2 Low vulnerabilities   -   You can now download lists of IOCs here!

BORN Group Supply Chain Breach: In-Depth Analysis of Jenkins Exploitation

Aug. 23, 2024, 1:30 p.m.

Description

This analysis examines a substantial supply chain assault on the IT service provider BORN Group. The cybercriminal Intelbroker leveraged a vulnerability (CVE-2024-23897) to breach BORN Group's infrastructure, leading to the exfiltration of sensitive information from various clients. Furthermore, Intelbroker claims to have compromised a database exposing approximately 196,000 individuals' personal details as part of this supply chain incident.

Date

Published: Aug. 23, 2024, 12:23 p.m.

Created: Aug. 23, 2024, 12:23 p.m.

Modified: Aug. 23, 2024, 1:30 p.m.

Indicators

600be5ab7f0513833336bec705ca9bcfd1150a2931e61a4752b8de4c0af7b03a

olx.id7423.ru

boxberry.id7423.ru

avito-rent.id7423.ru

3inf.site

Attack Patterns

Intelbroker

T1206

T1528

T1185

T1583

T1548

T1567

T1213

T1552

T1114

T1087

T1547

T1071

T1102

T1055

T1134

T1204

T1053

T1190

T1078

CVE-2024-23897