Patch Now: Atlassian Discloses Zero-Day Bug in Confluence Data Center and Server
Image Source: Shutterstock Several customers have reported attackers exploiting the vulnerability to create unauthorized Confluence administrator accounts and to access Confluence instances, company says. Atlassian wants organizations using its on-premises Confluence Data Center and Server content collaboration software to immediately update to new versions that the company released today to address a critical privilege escalation […]
Read More
Here are 4 Vulnerabilities that CISA Added to the Known Exploited Vulnerabilities Catalog This Week.
Federal agencies need to apply vendor recommended mitigations for each flaw on or before October 25. The US Cybersecurity and Infrastructure Security Agency (CISA) has added a total of four security vulnerabilities to its Known Exploited Vulnerabilities (KEV) so far this week. Federal civilian executive branch agencies have until Oct. 25 to address the flaws. […]
Read More
CISA Adds Critical TeamCity Flaw to Known Exploited Vulnerabilities Catalog
Image source: Shutterstock Move follows reports this week of threat actors actively exploiting the flaw in ransomware attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) has added a recently disclosed authentication bypass flaw in the JetBrains TeamCity CI/CD platform (CVE-2023-42793) to its catalog of known exploited vulnerabilities (KEV). The move follows recent reports about […]
Read More
Here’s What You Need to Know About the Severe “Looney TUNABLES” Vuln in Multiple Linux Distros
Image source: Shutterstock CVE-2023-4911 is a local privilege escalation flaw that gives attackers a way to gain root access on versions of Debian, Fedora, Ubuntu and other Linux distributions using the glibc library. Millions of Linux systems running default installations of certain versions of Debian, Fedora, Ubuntu—and likely other distributions using the GNU C Library […]
Read More