Hackers Exploit Old Telerik Flaws to Deploy Cobalt Strike

IT Security Guru

‘Blue Mockingbird’, a threat actor, targets Telerik UI vulnerabilities to compromise servers, install Cobalt Strike beacons, and mine Monero by hijacking system resources. The attacker leverages the CVE-2019-18935 flaw, a critical severity (CVSS v3.1: 9.8) deserialisation that leads to remote code execution in the Telerik UI library for ASP.NET AJAX. In May 2020, the same […]

The post Hackers Exploit Old Telerik Flaws to Deploy Cobalt Strike appeared first on IT Security Guru.