July 17, 2024 at 12:54PM Atlassian released security updates to fix high-severity vulnerabilities in Bamboo, Confluence, and Jira products. Urgent attention was drawn to the Bamboo Data Center and Server updates, resolving two high-severity bugs. Patches for high-severity vulnerabilities in Confluence and Jira products were also released. Users are advised to apply patches promptly. From … Read more
July 16, 2024 at 02:01PM A threat actor exposed 15 million Trello email addresses by exploiting an unsecured API, selling the data for $2.32. Atlassian, Trello’s owner, acknowledged the issue and secured the API. This method of exploiting unsecured APIs is increasingly utilized, posing significant privacy risks. It’s crucial for organizations to prioritize API security … Read more
April 17, 2024 at 07:12AM Threat actors exploit an unpatched Atlassian server vulnerability (CVE-2023-22518) to deploy Linux Cerber ransomware. This creates a critical security risk, leading to loss of system control. Ransomware payloads are executed using a web shell, encrypting files and dropping ransom notes. The use of C++ payloads is noted, and new ransomware … Read more
March 20, 2024 at 10:51AM Atlassian patched 24 vulnerabilities in products including Bamboo, Bitbucket, Confluence, and Jira. The critical-severity bug (CVE-2024-1597) impacts org.postgresql:postgresql, could allow unauthenticated attackers to exploit assets, and affects Bamboo Data Center and Server versions 8.2.1 to 9.5.0. Atlassian also released security updates for Confluence and Jira. Users are advised to update … Read more
February 13, 2024 at 06:39AM The Midnight Blizzard and Cloudflare-Atlassian cyber incidents highlight the vulnerabilities in major SaaS platforms and the complex security challenges they face. Russian hackers breached Microsoft by leveraging legacy accounts and OAuth tokens. Cloudflare’s Atlassian systems were compromised due to unchanged Okta credentials. Such breaches emphasize the need for continuous monitoring … Read more
February 4, 2024 at 12:19PM Cloudflare disclosed a likely nation-state cyber attack involving unauthorized access to its Atlassian server, leading to exposure of documentation and source code. The breach led to rotating production credentials, system triages, and termination of malicious connections. The attacker exploited stolen credentials from other hacks, prompting increased security measures and engaging … Read more
February 1, 2024 at 08:20PM Cloudflare revealed that suspected government spies infiltrated their system by using credentials stolen from the October 2023 Okta security breach. The intruders gained access to Atlassian and other systems, potentially extracting source code and sensitive information. Cloudflare, assisted by a security firm, is working to bolster their security measures following … Read more
February 1, 2024 at 03:59PM Cloudflare revealed today that its internal Atlassian server was infiltrated by a ‘nation state’ attacker, who gained access to its Confluence wiki, Jira bug database, and Atlassian Bitbucket source code management system. The company detected the breach on November 23, severed access on November 24, and assured that customer data … Read more
January 22, 2024 at 11:06AM Attempts to exploit a critical Atlassian Confluence vulnerability, CVE-2023-22527, began shortly after its disclosure. Out-of-date versions of Confluence Data Center and Server are affected, allowing unauthenticated attackers to achieve remote code execution. The Shadowserver Foundation reported 40,000 exploitation attempts, highlighting widespread activity and the ongoing risk to vulnerable servers. Based … Read more
January 17, 2024 at 10:30AM Atlassian warns of a critical vulnerability in out-of-date Confluence Data Center and Server versions allowing remote code execution (RCE) without authentication, with a CVE-2023-22527 (CVSS score of 10). This template injection flaw impacts Confluence 8 versions released before Dec. 5, 2023. Atlassian advises immediate patching and recommends updating to the … Read more