BORN Group Supply Chain Breach: In-Depth Analysis of Jenkins Exploitation

Aug. 23, 2024, 1:30 p.m.

Description

This analysis examines a substantial supply chain assault on the IT service provider BORN Group. The cybercriminal Intelbroker leveraged a vulnerability (CVE-2024-23897) to breach BORN Group's infrastructure, leading to the exfiltration of sensitive information from various clients. Furthermore, Intelbroker claims to have compromised a database exposing approximately 196,000 individuals' personal details as part of this supply chain incident.

External References

https://www.cloudsek.com/blog/born-group-supply-chain-breach-in-depth-analysis-of-intelbrokers-jenkins-exploitation
https://otx.alienvault.com/pulse/66c87f293b4e2ea0a3a79b95
Tags
supply chain
github
2024-08-23

Date

  • Created: Aug. 23, 2024, 12:23 p.m.
  • Published: Aug. 23, 2024, 12:23 p.m.
  • Modified: Aug. 23, 2024, 1:30 p.m.

Indicators

  • 600be5ab7f0513833336bec705ca9bcfd1150a2931e61a4752b8de4c0af7b03a
  • olx.id7423.ru
  • boxberry.id7423.ru
  • avito-rent.id7423.ru
  • 3inf.site
Download all indicators here!

Attack Patterns

  • Intelbroker

Linked vulnerabilities

CVE-2024-23897

None
Published: