216.73.216.86

BORN Group Supply Chain Breach: In-Depth Analysis of Jenkins Exploitation

· Published 23/08/2024 12:23 · Modified 23/08/2024 13:30

Export JSON

Essential information

Published
23/08/2024 12:23
Modified
23/08/2024 13:30
Tags
2024-08-23 github supply-chain
Related entities
1 vulnerabilities (cve), 5 observables, 1 intrusion sets (apt), 19 techniques (mitre)

Description

This analysis examines a substantial supply chain assault on the IT service provider BORN Group. The cybercriminal Intelbroker leveraged a vulnerability (CVE-2024-23897) to breach BORN Group's infrastructure, leading to the exfiltration of sensitive information from various clients. Furthermore, Intelbroker claims to have compromised a database exposing approximately 196,000 individuals' personal details as part of this supply chain incident.

External references