{
  "name": "BORN Group Supply Chain Breach: In-Depth Analysis of Jenkins Exploitation",
  "slug": "born-group-supply-chain-breach-in-depth-analysis-of-jenkins-exploitation",
  "description": "This analysis examines a substantial supply chain assault on the IT service provider BORN Group. The cybercriminal Intelbroker leveraged a vulnerability (CVE-2024-23897) to breach BORN Group's infrastructure, leading to the exfiltration of sensitive information from various clients. Furthermore, Intelbroker claims to have compromised a database exposing approximately 196,000 individuals' personal details as part of this supply chain incident.",
  "published": "2024-08-23T10:23:05+00:00",
  "created_at": "2024-08-23T10:23:05+00:00",
  "modified_at": "2024-08-23T11:30:38+00:00",
  "created_at_opencti": "2024-08-23T10:23:05+00:00",
  "author": "",
  "confidence": null,
  "report_types": [],
  "labels": [],
  "tags": [
    "2024-08-23",
    "github",
    "supply-chain"
  ],
  "related_entities": {
    "observables": [
      {
        "id": "",
        "name": "olx.id7423.ru"
      },
      {
        "id": "",
        "name": "boxberry.id7423.ru"
      },
      {
        "id": "",
        "name": "avito-rent.id7423.ru"
      },
      {
        "id": "",
        "name": "3inf.site"
      },
      {
        "id": "",
        "name": "600be5ab7f0513833336bec705ca9bcfd1150a2931e61a4752b8de4c0af7b03a"
      }
    ],
    "intrusion_sets": [
      {
        "id": "01357f2b-fbd9-436d-aa9f-bf369a01ce31",
        "name": "Intelbroker",
        "slug": "intelbroker"
      }
    ],
    "attack_patterns": [
      {
        "id": "fb78af2c-240a-4d50-b232-a0c2df8beb1b",
        "name": "T1206"
      },
      {
        "id": "7e3e3784-9547-42ca-b888-482972d14be3",
        "name": "T1528"
      },
      {
        "id": "5c67e5d2-bc85-4ce0-822d-f2f5d3b0ae4e",
        "name": "T1185"
      },
      {
        "id": "1e043fe4-2413-4b8e-887c-0fe45d095a24",
        "name": "T1583"
      },
      {
        "id": "1f2ce0cc-430c-4317-a332-83a27cbad1d3",
        "name": "T1548"
      },
      {
        "id": "232fbdfa-94c6-443d-b575-373e75b4f4c2",
        "name": "T1567"
      },
      {
        "id": "e73b317e-ea92-49b4-a45d-051f7279aced",
        "name": "T1213"
      },
      {
        "id": "3245033a-53c4-454c-873a-fb653af0bf8a",
        "name": "T1552"
      },
      {
        "id": "5bab4974-1fc2-4144-b093-28ebcb8767dc",
        "name": "T1114"
      },
      {
        "id": "6efb8bea-11d7-418d-a429-9f4a3e6c50f6",
        "name": "T1087"
      },
      {
        "id": "926a888c-190c-4efb-ab6b-f9d7e6a0fc54",
        "name": "T1547"
      },
      {
        "id": "dc342445-1b78-48b4-aa06-89ed2ad7c28e",
        "name": "T1071"
      },
      {
        "id": "870bd958-53a3-4d25-9f23-00aa8bd6674d",
        "name": "T1102"
      },
      {
        "id": "c3af9fd7-d307-4df4-9220-cc627938fb85",
        "name": "T1055"
      },
      {
        "id": "14da8ebf-e0b0-4d4e-9c83-56277980f266",
        "name": "T1134"
      },
      {
        "id": "50514c04-b3a2-4abf-a855-e3a434200c87",
        "name": "T1204"
      },
      {
        "id": "bb20a9e1-f4f6-459d-94f4-470c6867dc2d",
        "name": "T1053"
      },
      {
        "id": "6c8f8a40-2746-4a37-86bd-81e82afa6e62",
        "name": "T1190"
      },
      {
        "id": "9f11a241-9abc-4c57-95dd-33955ab08826",
        "name": "T1078"
      }
    ],
    "vulnerabilities": [
      {
        "id": "",
        "name": "CVE-2024-23897"
      }
    ]
  },
  "external_refs": [
    "https://www.cloudsek.com/blog/born-group-supply-chain-breach-in-depth-analysis-of-intelbrokers-jenkins-exploitation",
    "https://otx.alienvault.com/pulse/66c87f293b4e2ea0a3a79b95"
  ]
}