US Government IIS Server Breached via Telerik Software Flaw

16 March 2023

The US Cybersecurity and Infrastructure Security Agency (CISA) has disclosed information regarding a .NET deserialization vulnerability (CVE-2019-18935) in the Progress Telerik user interface (UI) for ASP.NET AJAX. CISA described the findings in an advisory on Wednesday, saying multiple cyber-threat actors were able to exploit the flaw, which also affected the Microsoft Internet Information Services (IIS) web server of a federal civilian executive branch (FCEB) agency between November 2022 and January 2023.

Read full article on Infosecurity

Date:

16 March 2023

Categorie(s):

NEWS

Tag(s):

Flaws, IIS, Servers, Softwares, Telerik

Skills shortage directly tied to financial loss in data breaches5 November 2024
Washington courts grapple with statewide outage after ‘unauthorized activity’5 November 2024
Warning: Hackers could take over your email account by stealing cookies, even if you have MFA5 November 2024
US Voters Urged to Use Official Sources for Election Information5 November 2024
Tor and Tails Team Up for Better Online Privacy Protections5 November 2024