Cybercriminals turn a Jenkins server into a cryptominer
Posted date 10/09/2021
The Jenkins infrastructure team has reported that its deprecated Confluence service was the target of a cyberattack in early September, exploiting vulnerability CVE-2021-26084 to install a Monero cryptominer in the container running the service.
In response, servers were disabled, passwords were rotated and the incident was investigated, concluding that any other product, plugin or source code were affected.
References
Etiquetas