HackDig : Dig high-quality web security articles

Atlassian fixed 2 critical flaws in Crowd and Bitbucket products

Atlassian addressed this week two critical vulnerabilities impacting its Crowd and Bitbucket products. Atlassian announced the release of security updates to address critical-severity vulnerabilities in its identity management platform, Crowd Server and Data Center, and in the Bitbucket Server and Data Center, a self-managed solution that provides so
Publish At:2022-11-18 18:30 | Read:91436 | Comments:0 | Tags:Breaking News Security Atlassian bitbucket Crowd Hacking hac

Actively exploited vulnerability in Bitbucket Server and Data Center

On September 29, 2022 the Cybersecurity & Infrastructure Security Agency (CISA) added three vulnerabilities to the catalog of known to be exploited vulnerabilities. One of them is a vulnerability in Atlassian’s Bitbucket Server and Data Center. The other two are the Exchange Server zero-day vulnerabilities we wrote about last week. The Bitbuck
Publish At:2022-10-03 22:46 | Read:185636 | Comments:0 | Tags:Exploits and vulnerabilities News Atlassian Bitbucket git CV

Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign

Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability. The now-patched critical security flaw was disclosed by Atlassian in early June, at the ti
Publish At:2022-09-22 08:11 | Read:181461 | Comments:0 | Tags:Breaking News Digital ID Hacking Malware Atlassian Atlassian

Critical flaw impacts Atlassian Bitbucket Server and Data Center

Atlassian addressed a critical vulnerability in Bitbucket Server and Data Center that could lead to malicious code execution on vulnerable instances. Atlassian fixed a critical flaw in Bitbucket Server and Data Center, tracked as CVE-2022-36804 (CVSS score 9.9), that could be explored to execute malicious code on vulnerable installs The flaw is a comma
Publish At:2022-08-26 20:07 | Read:196479 | Comments:0 | Tags:Breaking News Hacking Security Atlassian bitbucket hacking n

Exploitation is underway for a critical flaw in Atlassian Confluence Server and Data Center

Threat actors are actively exploiting the recently patched critical flaw in Atlassian Confluence Server and Data Center Recenlty Atlassian released security updates to address a critical hardcoded credentials vulnerability in Confluence Server and Data Center tracked as CVE-2022-26138. A remote, unauthenticated attacker can exploit the vulnerability to
Publish At:2022-07-29 08:10 | Read:423120 | Comments:0 | Tags:Breaking News Hacking Atlassian CVE-2022-26138 hacking news

Atlassian patched a critical Confluence vulnerability

Atlassian released security updates to address a critical security vulnerability affecting Confluence Server and Confluence Data Center. Atlassian released security updates to address a critical hardcoded credentials vulnerability in Confluence Server and Data Center tracked as CVE-2022-26138. A remote, unauthenticated attacker can exploit the vulnerab
Publish At:2022-07-21 10:00 | Read:134867 | Comments:0 | Tags:Breaking News Hacking Security Atlassian hacking news inform

Threat actors sell access to tens of vulnerable networks compromised by exploiting Atlassian 0day

A threat actor is selling access to 50 vulnerable networks that have been compromised exploiting the recently disclosed Atlassian Confluence zero-day. A threat actor is selling access to 50 vulnerable networks that have been compromised by exploiting the recently discovered Atlassian Confluence zero-day flaw (CVE-2022-26134). The discovery was made by
Publish At:2022-06-26 15:20 | Read:455039 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Atlassian Atlassian Conflu

Update now!  Microsoft patches Follina, and many other security updates

The June 2022 Patch Tuesday may go down in history as the day that Follina got patched, but there was a host of other important updates. And not just from Microsoft. Many other software vendors follow the pattern of monthly updates set by the people in Redmond. Microsoft Microsoft released updates to deal with 60 security vulnerabilities. Undoubtedly t
Publish At:2022-06-15 13:00 | Read:462495 | Comments:0 | Tags:Exploits and vulnerabilities adobe Atlassian citrix confluen

“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft

Microsoft has warned that “multiple adversaries and nation-state actors” are making use of the recent Atlassian Confluence RCE vulnerability. A fix is now available for CVE-2022-26134. It is essential users of Confluence address the patching issue immediately. Confluence vulnerability: Background At the start of June, researchers discovere
Publish At:2022-06-14 09:02 | Read:315086 | Comments:0 | Tags:Exploits and vulnerabilities APT Atlassian confluence nation

PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online

Proof-of-concept exploits for the critical CVE-2022-26134 vulnerability in Atlassian Confluence and Data Center servers are available online. Proof-of-concept exploits for the critical CVE-2022-26134 flaw, affecting Atlassian Confluence and Data Center servers, have been released. Bleeping Computer reported that starting from Friday afternoon, a proof-
Publish At:2022-06-05 14:29 | Read:419351 | Comments:0 | Tags:Breaking News Hacking Atlassian CVE-2022-26134 hacking news

Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild

Atlassian has addressed on Friday an actively exploited critical remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center products. Early this week, Atlassian warned of a critical unpatched remote code execution vulnerability affecting all Confluence Server and Data Center supported versions, tracked as CVE-2022-26134, that is bein
Publish At:2022-06-05 06:33 | Read:204845 | Comments:0 | Tags:Breaking News Hacking Security Atlassian hacking news inform

Unpatched Atlassian Confluence vulnerability is actively exploited

Researchers found a vulnerability in Atlassian Confluence by conducting an incident response investigation. Atlassian rates the severity level of this vulnerability as critical. Atlassian has issued a security advisory and is working on a fix for the affected products. This qualifies the vulnerability as an actively exploited in the wild zero-day vulnerab
Publish At:2022-06-03 12:59 | Read:587792 | Comments:0 | Tags:Exploits and vulnerabilities Atlassian behinder China Choppe

Atlassian addresses a critical Jira authentication bypass flaw

Atlassian fixed a critical flaw in its Jira software, tracked as CVE-2022-0540, that could be exploited to bypass authentication. Atlassian has addressed a critical vulnerability in its Jira Seraph software, tracked as CVE-2022-0540 (CVSS score 9.9), that can be exploited by an unauthenticated attacker to bypass authentication. A threat actor could trigge
Publish At:2022-04-24 10:22 | Read:374832 | Comments:0 | Tags:Breaking News Hacking Security Atlassian authentication bypa

A server of the Jenkins project hacked by exploiting a Confluence flaw

The development team behind the Jenkins server disclose a security breach, threat actors deployed a cryptocurrency miner on one of its servers. The development team behind the Jenkins Project disclosed a security breach after threat actors compromised one of their internal servers and installed a cryptocurrency miner. Jenkins is the most popular open-s
Publish At:2021-09-07 09:27 | Read:167070 | Comments:0 | Tags:Breaking News Hacking Atlassian Confluence Cybercrime hackin

USCYBERCOM and CISA warn organizations to fix CVE-2021-26084 Confluence flaw

USCYBERCOM is urging organizations to patch a critical CVE-2021-26084 flaw in Atlassian Confluence Server and Data Center, ahead of the Labor Day weekend.  US Cyber Command (USCYBERCOM) has issued an alert to warn US organizations to address Atlassian Confluence CVE-2021-26084 vulnerability immediately, ahead of the Labor Day weekend. Government exper
Publish At:2021-09-03 18:45 | Read:136271 | Comments:0 | Tags:Breaking News Hacking Security Atlassian Confluence CVE-2021

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud