Advanced persistent threat (APT) actors and financially motivated cybercriminals have been spotted exploiting an old Telerik vulnerability as part of an attack that impacted a US government agency, according to a joint alert released on Wednesday by CISA, the FBI, and MS-ISAC.An investigation revealed that a Microsoft Internet Information Services (IIS) web server belonging to a federal civilian executive branch (FCEB) agency hosted a vulnerable instance of the Telerik UI for ASP.NET AJAX application development library.
#investigation #recommendations #vulnerabilities #exploitation #remote-code-execution #major-companies
[
add
]
[
|
|
...
]