BORN Group Supply Chain Breach: In-Depth Analysis of Jenkins Exploitation
Aug. 23, 2024, 1:30 p.m.
Description
This analysis examines a substantial supply chain assault on the IT service provider BORN Group. The cybercriminal Intelbroker leveraged a vulnerability (CVE-2024-23897) to breach BORN Group's infrastructure, leading to the exfiltration of sensitive information from various clients. Furthermore, Intelbroker claims to have compromised a database exposing approximately 196,000 individuals' personal details as part of this supply chain incident.
Date
Published | Created | Modified |
---|---|---|
Aug. 23, 2024, 12:23 p.m. | Aug. 23, 2024, 12:23 p.m. | Aug. 23, 2024, 1:30 p.m. |
Indicators
600be5ab7f0513833336bec705ca9bcfd1150a2931e61a4752b8de4c0af7b03a
Attack Patterns
Intelbroker
T1206
T1528
T1185
T1583
T1548
T1567
T1213
T1552
T1114
T1087
T1547
T1071
T1102
T1055
T1134
T1204
T1053
T1190
T1078
CVE-2024-23897