Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware

By: Newsroom — April 17^th 2024 at 10:57

Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated attacker to reset Confluence and create an administrator account. Armed with this access, a

The Hacker News

Atlassian Releases Fixes for Over 2 Dozen Flaws, Including Critical Bamboo Bug

By: Newsroom — March 21^st 2024 at 03:34

Atlassian has released patches for more than two dozen security flaws, including a critical bug impacting Bamboo Data Center and Server that could be exploited without requiring user interaction. Tracked as CVE-2024-1597, the vulnerability carries a CVSS score of 10.0, indicating maximum severity. Described as an SQL injection flaw, it's rooted in a dependency called org.postgresql:

Naked Security

Atlassian announces 0-day hole in Confluence Server – update now!

By: Paul Ducklin — June 3^rd 2022 at 18:59

Zero-day announced - here's what you need to know

FreshRSS

Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware

Atlassian Releases Fixes for Over 2 Dozen Flaws, Including Critical Bamboo Bug

Atlassian announces 0-day hole in Confluence Server – update now!