Hackers exploit three-year-old Telerik flaws to deploy Cobalt Strike _bleepingcomputer.com
| posted by rouiejay12 in : threats | No comments |
1

A threat actor known as ‘Blue Mockingbird’ targets Telerik UI vulnerabilities to compromise servers, install Cobalt Strike beacons, and mine Monero by hijacking system resources.

The flaw leveraged by the attacker is CVE-2019-18935, a critical severity (CVSS v3.1: 9.8) deserialization that leads to remote code execution in the Telerik UI library for ASP.NET AJAX.

Comments

You must log in or register to comment.

There's nothing here…