Atlassian

CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability

Oct 1, 2022 by iHash Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed critical flaw impacting Atlassian's Bitbucket Server and Data Center to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2022-36804, the issue relates to a command injection vulnerability that could allow malicious actors … [Read more...] about CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability

Critical Vulnerability Discovered in Atlassian Bitbucket Server and Data Center

Aug 26, 2022 by iHash Leave a Comment

Atlassian has rolled out fixes for a critical security flaw in Bitbucket Server and Data Center that could lead to the execution of malicious code on vulnerable installations. Tracked as CVE-2022-36804 (CVSS score: 9.9), the issue has been characterized as a command injection vulnerability in multiple endpoints that could be exploited via specially crafted HTTP requests. "An … [Read more...] about Critical Vulnerability Discovered in Atlassian Bitbucket Server and Data Center

Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild

Jun 4, 2022 by iHash Leave a Comment

Atlassian on Friday rolled out fixes to address a critical security flaw affecting its Confluence Server and Data Center products that have come under active exploitation by threat actors to achieve remote code execution. Tracked as CVE-2022-26134, the issue is similar to CVE-2021-26084 — another security flaw the Australian software company patched in August 2021. Both relate … [Read more...] about Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild

Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability

Apr 23, 2022 by iHash Leave a Comment

Atlassian has published a security advisory warning of a critical vulnerability in its Jira software that could be abused by a remote, unauthenticated attacker to circumvent authentication protections. Tracked as CVE-2022-0540, the flaw is rated 9.9 out of 10 on the CVSS scoring system and resides in Jira's authentication framework, Jira Seraph. Khoadha of Viettel Cyber … [Read more...] about Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability

Atlassian Confluence RCE Flaw Abused in Multiple Cyberattack Campaigns

Sep 28, 2021 by iHash Leave a Comment

Opportunistic threat actors have been found actively exploiting a recently disclosed critical security flaw in Atlassian Confluence deployments across Windows and Linux to deploy web shells that result in the execution of crypto miners on compromised systems. Tracked as CVE-2021-26084 (CVSS score: 9.8), the vulnerability concerns an OGNL (Object-Graph Navigation Language) … [Read more...] about Atlassian Confluence RCE Flaw Abused in Multiple Cyberattack Campaigns

Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server

Sep 7, 2021 by iHash Leave a Comment

The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner. The "successful attack," which is believed to have occurred last week, was mounted … [Read more...] about Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server

One-Click Exploit Could Have Let Attackers Hijack Any Atlassian Account

Jun 24, 2021 by iHash Leave a Comment

Cybersecurity researchers on Wednesday disclosed critical flaws in the Atlassian project and software development platform that could be exploited to take over an account and control some of the apps connected through its single sign-on (SSO) capability. "With just one click, an attacker could have used the flaws to get access to Atlassian's publish Jira system and get … [Read more...] about One-Click Exploit Could Have Let Attackers Hijack Any Atlassian Account

WebAuthn Passwordless Authentication Now Available for Atlassian Products

Jun 15, 2020 by iHash Leave a Comment

Atlassian solutions are widely used in the software development industry. Many teams practicing agile software development rely on these applications to manage their projects.Issue-tracking application Jira, Git repository BitBucket, continuous integration and deployment server Bamboo, and team collaboration platform Confluence are all considered to be proven agile … [Read more...] about WebAuthn Passwordless Authentication Now Available for Atlassian Products

AdGuard VPN + Ad Blocker Family Security Suite for $49

Microsoft Office 2024 Home for Mac or PC: One-Time Purchase for $119

ASUS 14" Chromebook C424 (2021) Intel N4020 4GB RAM 128GB eMMC (Refurbished) for $174

Lenovo IdeaPad 5, 14" Touchscreen 2-in-1 Laptop (2024) AMD Ryzen 7, 16GB RAM 1TB SSD Windows 11 Home Cosmic Blue (Refurbished) for $649

Stacks Be Productive Plan: Lifetime Subscription for $29