Featured Story
JetBrains TeamCity Mass Exploitation Underway, Rogue Accounts Thrive
Attacks targeting two security vulnerabilities in the TeamCity CI/CD platform have begun in earnest just days after its developer, JetBrains, disclosed the flaws on March 3.
One of the vulnerabilities (CVE-2024-27198) has a CVSS rating of 9.8 and allows remote unauthenticated attackers to execute arbitrary code and gain full control of affected instances. 30,000+ organizations rely on TeamCity for automated software deployment, increasing the impact. The flaws follow previous critical bugs exploited by Russia’s Midnight Blizzard group.
JetBrains released a new version (2023.11.4) and a patch plugin to address the vulnerabilities. All users should update or apply the patch immediately.
If you require assistance with your vulnerability management, do not hesitate to contact our SOC.
Other Stories
VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws
VMware released patches for critical vulnerabilities that allow attackers to escape sandbox protections across ESXi, Workstation, and Fusion. Four flaws were disclosed, including two use-after-free bugs (CVE-2024-22252 and CVE-2024-22253) rated 9.3 in severity. Exploitation could allow code execution on host systems.
The vulnerabilities strike at the heart of VMware’s virtualization security model, threatening workloads thought to be isolated.
We recommend all organizations install the latest available updates immediately.
Patch details: VMSA-2024-0006
If you require assistance with your vulnerability management, do not hesitate to contact our SOC.
Council of the EU and Parliament Agree on “Cyber Solidarity Package”
On March 6, the European Parliament and the Belgian Presidency reached a political agreement on the Cyber Solidarity Act and a related update to the Cyber Security Act. This legislative package aims to reinforce EU-wide cybersecurity coordination and response capacity for large-scale incidents.
The initiative supports cross-border collaboration and the development of trusted cybersecurity service providers within the EU.
The “Cyber Solidarity Package” boosts Europe’s cybersecurity capacity. The move toward a “European SOC” is a promising step—our team is closely following implementation plans.
Don’t hesitate to contact us to benefit from the expertise of our awareness team.
Millions of Fake Text Messages Blocked by Belgian Telecom Operators
Telenet and Proximus have significantly reduced the flow of scam messages, blocking millions of smishing texts with the help of AI-based detection tools. Proximus alone intercepted 16 million fraudulent messages as part of the national “Stop Smishing” initiative.
The initiative is a joint effort from the CCB, BIPT, and Minister Petra De Sutter under Belgium’s recovery plan.
The drop in smishing volume is a strong signal, but vigilance remains crucial.
Forward suspicious messages to:
– verdacht@safeonweb.be
– suspect@safeonweb.be
– suspicious@safeonweb.be
Our SOC team is always ready to help evaluate suspicious messages.
