BianLian attackers exploited a TeamCity vulnerability (CVE-2024-27198 or CVE-2023-42793) to gain initial access and move laterally within the network. They deployed a PowerShell backdoor disguised as legitimate tools that use two-layer obfuscation with encryption and string substitution to communicate with a Command and Control (C2) server. Researchers at Guidepoint Security linked this backdoor to the […]
The post Hackers Compromised TeamCity Server To Install BianLian’s GO Backdoor appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers on Security | #1 Globally Trusted Cyber Security News Platform