SecurityWeek
Cinterion Modem Flaws Pose Risk to Millions of Devices in Industrial, Other Sectors
A critical vulnerability in the Cinterion cellular modems can be exploited for remote code execution via SMS messages.
CSO
Most attacks affecting SMBs target five older vulnerabilities
Attackers target flaws for a reason: Even years after they are discovered, they still work.
Ars Technica
Cisco firewall 0-days under attack for 5 months by resourceful nation-state hackers
Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks?
Security Affairs
Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
The Hacker News
How Attackers Can Own a Business Without Touching the Endpoint
How attackers are hacking organizations without touching the endpoint by targeting cloud identities.
Cyber Security News
Cerber Linux Ransomware Exploits Atlassian Servers To Take Full Control
Hackers often use Linux ransomware due to its prevalence in server environments, offering higher potential payouts from organizations with
Security Affairs
Linux variant of Cerber ransomware targets Atlassian servers
Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware.
Infosecurity News
Linux Cerber Ransomware Variant Exploits Atlassian Servers
The attacks exploit CVE-2023-22518, a critical flaw in Atlassian Confluence Data Center and Server
The Hacker News
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
Hackers are exploiting a critical vulnerability in Atlassian servers to gain admin access and deploy a Linux variant of Cerber ransomware.
SC Magazine
Atlassian Confluence Linux instances targeted with Cerber ransomware
Attackers exploited a critical vulnerability to create a new administrator account.
Ars Technica
“Highly capable” hackers root corporate networks by exploiting firewall 0-day
No patch yet for unauthenticated code-execution bug in Palo Alto Networks firewall.
SecurityWeek
US Cyber Force Assisted Foreign Governments 22 Times in 2023
USCYBERCOM said its Cyber National Mission Force participated in 22 foreign hunt forward operations in 2023.
SecurityWeek
Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems
A critical OS command injection in Progress Flowmon can be exploited to gain remote, unauthenticated access to the system.
Security Affairs
Security Affairs newsletter Round 464 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
The Hacker News
China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws
China-linked threat group aggressively exploits software flaws in Connectwise ScreenConnect & F5 BIG-IP.
Cyber Security News
New Sysrv Botnet Abuses Google Subdomain To Spread XMRig Miner
First identified in 2020, Sysrv is a botnet that uses a Golang worm to infect devices and deploy cryptominers, propagates by exploiting
Cyber Security News
Atlassian Patches Critical Bamboo Server & Other 24 Flaws
A critical Bamboo Data Center and Server vulnerability has been discovered with a critical vulnerability which has been given CVE-2024-1597
The Hacker News
Atlassian Releases Fixes for Over 2 Dozen Flaws, Including Critical Bamboo Bug
Atlassian has issued patches for over 25 security issues, including a critical SQL injection bug (CVE-2024-1597) in Bamboo Data Center & Server.
Security Affairs
Critical flaw in Atlassian Bamboo Data Center and Server must be fixed immediately
Atlassian fixed tens of vulnerabilities in Bamboo, Bitbucket, Confluence, and Jira products, including a critical flaw that can be very dangerous.
SecurityWeek
Atlassian Patches Critical Vulnerability in Bamboo Data Center and Server
Atlassian releases patches for two dozen vulnerabilities, including a critical-severity bug in Bamboo Data Center and Server.
Bleeping Computer
Okta says data leaked on hacking forum not from its systems
Okta denies that its company data was leaked after a threat actor shared files allegedly stolen during an October 2023 cyberattack on a hacker forum.
The Hacker News
BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks
Hackers leveraging JetBrains TeamCity flaws to propagate BianLian ransomware attacks
DarkReading
Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory
The proof-of-concept exploits for Atlassian Confluence would enable arbitrary code execution without requiring file system access.
The Hacker News
4 Instructive Postmortems on Data Downtime and Loss
Learn from GitLab's 2017 incident: 300GB of data lost in seconds, but their transparent recovery is a masterclass in accountability.
Infosecurity News
Cyber Espionage France’s Top Threat Ahead of 2024 Paris Olympics
Ransomware and destabilization attacks rose in 2023, yet France’s ANSSI is most concerned about a diversification of cyber espionage campaigns
SC Magazine
Attackers target Confluence flaws with SSH-Snake pentesting tool
The fileless, self-modifying, worm-like network traversal tool automatically searches for SSH keys.
The Hacker News
CISA Warning: Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability
A critical vulnerability (CVE-2020-3259) in Cisco ASA and FTD software has been added to CISA's KEV catalog.
Infosecurity News
Hackers Exploit EU Agenda in Spear Phishing Campaigns
Adversaries targeting EU-based victims increasingly leverage EU affairs in spear phishing attacks, CERT-EU found
The Hacker News
Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents: What to Know
Password spraying, OAuth hijacking, and nation-state attacks – the cybersecurity world is under siege. Learn how to protect your organization.
The Hacker News
U.S. Offers $10 Million Bounty for Info Leading to Arrest of Hive Ransomware Leaders
U.S. Department of State is offering up to $10 million for information on Hive ransomware operators.
Trend Micro
Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks
In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution.
The Cyber Express
State Actors vs. Tech Titans: Decoding the Cloudflare Cyberattack
The impact of the massive Okta data breach lingers, continuing to provide an opportunistic terrain for hackers. Cloudflare, a prominent
CSO
Nation-state actor used recent Okta compromises to hack into Cloudflare systems
The hack, which used stolen tokens and credentials, was able to access “some documentation and a limited amount of source code” before being thwarted.
The Hacker News
AnyDesk Hacked: Popular Remote Desktop Software Mandates Password Reset
Discover the details of the recent AnyDesk cyber attack, including the company’s swift response to secure its production systems and the steps users s
DarkReading
Cloudflare Falls Victim to Okta Breach, Atlassian Systems Cracked
The cyberattackers, believed to be state sponsored, didn't get far into Cloudflare's global network, but not for lack of trying.
HACKRead
Cloudflare Hacked After State Actor Leverages Okta Breach
The aftermath of the 2023 Okta breach continues to unfold, with Cloudflare disclosing the details of its security compromise.
CyberSecurity Dive
Cloudflare hit by follow-on attack from previous Okta breach
A threat actor that previously intruded Cloudflare’s network through its Okta environment regained access with mistakenly unrotated credentials.
DataBreaches
Cloudflare hacked using auth tokens stolen in Okta attack
Sergiu Gatlan reports: Cloudflare disclosed today that its internal Atlassian server was breached by a suspected ‘nation state attacker’ who...
Cyber Security News
Cloudflare's Server Hacked Using Leaked Access Token in Okta Breach
Cloudflare discovered a threat actor on the self-hosted Atlassian server on November 23, 2023. The attack was launched with the use of one stolen access token.
SecurityWeek
Cloudflare Hacked by Suspected State-Sponsored Threat Actor
A nation-state threat actor accessed internal Cloudflare systems using credentials stolen during the Okta hack.
Infosecurity News
Cloudflare Suffers Breach After Failing to Rotate Stolen Credentials
Cloudflare revealed suspected nation-state attackers compromised its systems and accessed source code using credentials stolen in the Okta breach
Security Affairs
Cloudflare breached on Thanksgiving Day, but the attack was promptly contained
Cloudflare revealed that a nation-state actor breached its internal Atlassian server, gaining access to its wiki and its bug database
The Hacker News
Cloudflare Breach: Nation-State Hackers Access Source Code and Internal Docs
Cloudflare suffered nation-state attack. Hackers accessed documentation, source code, and attempted data center breach. Read full story for details.
SC Magazine
Cloudflare’s Atlassian systems breached in nation-state attack
Cloudflare admits that the attack was caused by a failure to rotate credentials following last fall’s Okta breach.
SC Magazine
Google supply chain bug patched in code-testing tool Bazel
A GitHub Actions workflow could have been used for a command injection vulnerability in Bazel, which had the potential for threat actors to add malicious code into the production environment for projects using the Google open-source product.
CyberNews
Cloudflare reveals Thanksgiving breach by 'sophisticated actor'
Cloudflare has revealed its global network was infiltrated by a sophisticated threat actor
PCMag
Cloudflare Fends Off 'Nation-State Attacker'
Cloudflare says the hacker infiltrated some systems by exploiting credentials that were stolen during the Okta breach last October. However, no Cloudflare customer data was affected.
Bleeping Computer
Cloudflare hacked using auth tokens stolen in Okta attack
Cloudflare disclosed today that its internal Atlassian server was breached by a 'nation state' attacker who accessed its Confluence wiki, Jira bug database, and Atlassian Bitbucket source code management system.
The Record
Nation-state actor used stolen Okta credentials in Thanksgiving attack, Cloudflare says
Senior executives at networking giant Cloudflare said a suspected nation-state attacker used credentials stolen from Okta to breach the company’s systems in late November.
Security Affairs
Security Affairs newsletter Round 456 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
SecurityWeek
In Other News: Secure Use of AI, HHS Hacking, CISA Director Swatting
Guidance on secure use of AI, HHS grant money stolen by hackers, CISA director Jen Easterly target of swatting.
Security Affairs
CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog - Security Affairs
U.S. CISA adds Atlassian Confluence Data Center and Server Template Injection bug to its Known Exploited Vulnerabilities catalog.
DarkReading
Atlassian Tightens API After Hacker Scrapes 15M Trello Profiles
The company hasn't acknowledged responsibility for the incident, although allowing scraping paves the way for dangerous follow-on attacks.
SecurityWeek
PoC Code Published for Just-Disclosed Fortra GoAnywhere Vulnerability
PoC code exploiting a critical Fortra GoAnywhere MFT vulnerability gets published one day after public disclosure.
Bleeping Computer
Trello API abused to link email addresses to 15 million accounts
An exposed Trello API allows linking private email addresses with Trello accounts, enabling the creation of millions of data profiles containing both public and private information.
Infosecurity News
Hackers Target Atlassian Confluence With RCE Exploits
Shadowserver reported over 39,000 exploitation attempts from 600 unique IP addresses, mainly Russian
Cyber Security News
Atlassian Confluence Servers Attacked From 600+ IP Addresses
Atlassian disclosed a critical vulnerability last week which was related to Remote Code Execution (CVE-2023-22527).
CyberSecurity Dive
Atlassian Confluence Data Center under active exploitation in older versions
Security researchers warn that attacks are rapidly accelerating in recent days.
The Hacker News
~40,000 Attacks in 3 Days: Critical Confluence RCE Under Active Exploitation
Hackers are actively exploiting a critical Atlassian Confluence flaw (CVE-2023-22527) within days of its reveal.
The Record
Cybersecurity experts warn of new vulnerabilities affecting Apple, Atlassian and Fortra products
Multiple new vulnerabilities are being exploited by hackers in recent days, prompting alarm from experts worried about how they will be used by cybercriminals and nation states.
The Record
Suspected Pegasus spyware found on Togolese journalists’ phones
Reporters Without Borders (RSF) found spyware intrusions from 2021 on the phones of two journalists who are on trial for allegedly defaming a government minister.
SecurityWeek
Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure
The Atlassian Confluence vulnerability CVE-2023-22527 is being exploited in the wild just days after it was disclosed.
Bleeping Computer
Hackers start exploiting critical Atlassian Confluence RCE flaw
Security researchers are observing exploitation attempts for the CVE-2023-22527 remote code execution flaw vulnerability that affects outdated versions of Atlassian Confluence servers.
SC Magazine
Thousands of exploit attempts reported on critical Atlassian Confluence RCE
Security researchers say they recorded several thousands exploit attempts on Atlassian Confluence RCE originating from more than 600 unique IP addresses.
Bleeping Computer
Jira down: Atlassian outage affecting multiple cloud services
Multiple Atlassian Jira products are experiencing an ongoing outage as of this morning. Users of Jira Work management, Jira Software, Jira Service Management and Jira Product Discovery are facing connection issues.
SecurityWeek
Vulnerability Management Firm Vicarius Raises $30 Million
Vulnerability management firm Vicarius raised $30 million in Series B funding, bringing the total funding raised to more than $56 million.
SecurityWeek
Atlassian Warns of Critical RCE Vulnerability in Outdated Confluence Instances
Out-of-date Confluence Data Center and Server instances are haunted by a critical vulnerability leading to remote code execution.
The Hacker News
Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!
Citrix Patches Critical RCE Vulnerabilities (CVE-2023-6548, CVE-2023-6549) Exploited in Wild.
Security Affairs
Atlassian fixed critical RCE in older Confluence versions - Security Affairs
Atlassian warns of a critical remote code execution issue in Confluence Data Center and Confluence Server that impacts older versions. Atlassian warns of a critical remote code execution vulnerability, tracked as CVE-2023-22527 (CVSS score 10.0), in Confluence Data Center and Confluence Server that impacts older versions. The vulnerability is a template injection vulnerability that can […]
DarkReading
Patch ASAP: Max-Critical Atlassian Bug Allows Unauthenticated RCE
Rated at a CVSS score of 10, the bug is as bad as it gets, allowing remote cyberattackers unfettered access to corporate environments.
Bleeping Computer
Atlassian warns of critical RCE flaw in older Confluence versions
Atlassian Confluence Data Center and Confluence Server are vulnerable to a critical remote code execution (RCE) vulnerability that impacts versions released before December 5, 2023, including out-of-support releases.
CyberSecurity Dive
Apache OFBiz critical CVE leads to surge in exploitation attempts
A patch for a prior vulnerability failed to resolve the root cause of an issue, leading to additional threat activity.
DarkReading
Apache ERP Zero-Day Underscores Dangers of Incomplete Patches
Apache fixed a vulnerability in its OfBiz enterprise resource planning (ERP) framework last month, but attackers and researchers found a way around the patch.
SecurityWeek
Critical Apache OFBiz Vulnerability in Attacker Crosshairs
Shadowserver sees possible in-the-wild exploitation of a critical Apache OFBiz vulnerability tracked as CVE-2023-49070.
Bleeping Computer
Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers
A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept (PoC) exploits.
SecurityWeek
3CX Urges Customers to Disable Integration Due to Potential Vulnerability
3CX tells customers to temporarily disable SQL Database integration to mitigate a potential vulnerability.
The Hacker News
Microsoft's Final 2023 Patch Tuesday: 33 Flaws Fixed, Including 4 Critical
Microsoft's final Patch Tuesday of 2023 is here, addressing 33 software flaws. This release includes 4 Critical and 29 Important fixes.
Bleeping Computer
Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day
Today is Microsoft's December 2023 Patch Tuesday, which includes security updates for a total of 34 flaws and one previously disclosed, unpatched vulnerability in AMD CPUs.
Infosecurity News
Apache Warns of Critical Vulnerability in Struts 2
Users are urged to patch critical vulnerability in Apache Struts 2 immediately
SC Magazine
Atlassian warns of 4 new critical vulnerabilities affecting Jira, Confluence, Bitbucket
Users must install updates to protect against remote code execution (RCE) attacks targeting users of the Australian software firm.
SecurityWeek
Atlassian Patches Critical Remote Code Execution Vulnerabilities
Atlassian has released patches for critical-severity remote code execution flaws in Confluence and other products.
Security Affairs
Atlassian addressed four new RCE flaws in its products
Software giant Atlassian addressed four critical Remote Code Execution (RCE) vulnerabilities in its products.
Bleeping Computer
Atlassian patches critical RCE flaws across multiple products
Atlassian has published security advisories for four critical remote code execution (RCE) vulnerabilities impacting Confluence, Jira, and Bitbucket servers, along with a companion app for macOS.
The Hacker News
Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution
Atlassian has released software fixes to address four critical flaws in its software that could lead to remote code execution.
SecurityWeek
Citrix, Gov Agencies Issue Fresh Warnings on CitrixBleed Vulnerability
Administrators are urged to patch the recent CitrixBleed NetScaler vulnerability as LockBit starts exploiting it.
Bleeping Computer
Hacktivists breach U.S. nuclear research lab, steal employee data
The Idaho National Laboratory (INL) confirms they suffered a cyberattack after 'SiegedSec' hacktivists leaked stolen human resources data online.
Bleeping Computer
Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits
The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems.
Latest Hacking News
Atlassian Confluence Vulnerabilities Exploited To Deploy Effluence Backdoor
Researchers have found a new malware exploiting Atlassian Confluence vulnerabilities. Identified as Effluence, the new malware is a backdoor that chains a known vulnerability with a newly reported security flaw affecting Atlassian Confluence servers. Once
The Hacker News
Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities
Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023.
The Hacker News
Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations
Chinese nation-state hackers are targeting 24 Cambodian government organizations in a long-term espionage campaign.
The Hacker News
Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers
Researchers found a persistent backdoor called Effluence in compromised Atlassian Confluence servers. This allows attackers to access resources and da
Trend Micro
Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518
We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations.
CyberSecurity Dive
Atlassian Confluence customers confront pair of critical vulnerabilities
Back-to-back vulnerabilities in the enterprise content collaboration and management workspace remain under active attack by threat actors.
Infosecurity News
Critical Atlassian Bug Exploited in Ransomware Attacks
Attempts to deploy Cerber variant on Confluence servers
The Hacker News
Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws
Ransomware groups are actively exploiting critical flaws in Atlassian Confluence & Apache ActiveMQ.
The Record
Atlassian confirms ransomware is exploiting latest Confluence bug
An Atlassian spokesperson said the company had evidence to support what cybersecurity researchers reported over the weekend: A vulnerability affecting the Confluence Data Center and Confluence Server products was being used in cybercrime.
Ars Technica
Critical vulnerability in Atlassian Confluence server is under “mass exploitation”
Atlassian's senior management is all but begging customers to take immediate action.
Bleeping Computer
Critical Atlassian Confluence bug exploited in Cerber ransomware attacks
Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber ransomware.
Cyber Security News
Threat and Vulnerability Roundup for the week of October 29th to November 4th
welcome to Cyber Writes' weekly publication - the Threat and Vulnerability Roundup! Get ready to dive into the latest and greatest in cybersecurity, as we bring you the most up-to-date information each week.
DarkReading
Critical Atlassian Bug Exploit Now Available; Immediate Patching Needed
In-the-wild exploit activity from dozens of cyberattacker networks is ramping up for the security vulnerability in Confluence, tracked as CVE-2023-22518.
Loading more articles....