Atlassian reveals critical Confluence RCE flaw, urges “immediate action” (CVE-2023-22527)
Atlassian has patched a critical vulnerability (CVE-2023-22527) in Confluence Data Center and Confluence Server that could lead to remote code execution. The good news is that the flaw was fixed in early December 2023 with the release of versions 8.5.....»»
Atlassian fixes four critical RCE vulnerabilities, patch quickly!
Atlassian has released security updates for four critical vulnerabilities (CVE-2023-1471, CVE-2023-22522, CVE-2023-22524, CVE-2023-22523) in its various offerings that could be exploited to execute arbitrary code. About the vulnerabilities CVE-2022-1.....»»
Critical vulnerability in Atlassian Confluence server is under “mass exploitation”
Atlassian's senior management is all but begging customers to take immediate action. Enlarge A critical vulnerability in Atlassian’s Confluence enterprise server app that allows for malicious commands and reset server.....»»
Atlassian Confluence data-wiping vulnerability exploited
Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, Greynoise is observing. The Shadowserver Foundation has also seen 30+ IP add.....»»
Week in review: Exploited Citrix Bleed vulnerability, Atlassian patches critical Confluence bug
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: AI threat landscape: Model theft and inference attacks emerge as top concerns In this Help Net Security interview, Guy Guzner, CEO at Savvy, discuss.....»»
Atlassian to buy enterprise video messaging platform Loom for nearly $1B
Atlassian plans to integrate Loom's async video capabilities across its family of products, including Jira, Trello and Confluence. Atlassian plans to integrate Loom's async video capabilities across its family of products, including Jira, Trello.....»»
Cloudflare integrates with Atlassian, Microsoft, and Sumo Logic to boost zero trust security
Cloudflare announced new integrations with Atlassian, Microsoft, and Sumo Logic to help businesses of any size secure the tools and applications they rely on with enterprise-ready zero trust security. Now businesses will be able to use security insig.....»»
Atlassian is the latest tech firm to axe jobs
Despite “massive opportunities” ahead, Atlassian’s co-CEOs and board have agreed to cut 5% of its headcount......»»
Patch your Jira Service Management Server and Data Center and check for compromise! (CVE-2023-22501)
Australian software maker Atlassian has released patches for CVE-2023-22501, a critical authentication vulnerability in Jira Service Management Server and Data Center, and is urging users to upgrade quickly. “Installing a fixed version of Jira.....»»
Accenture and Atlassian join forces to provide clients with enterprise agility solutions
Accenture and Atlassian have formed a strategic partnership to help organizations drive more value from technology investments, improve customer and employee experiences, embrace change and create new business value with enterprise agility services......»»
Atlassian is being actively exploited to compromise corporate networks
US Government urges organizations to patch their endpoints immediately......»»
Week in review: CISOs’ earnings per year, Atlassian Bitbucket Server and Data Center flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: US-based CISOs get nearly $1 million per year The role of the Chief Information Security Officer (CISO) is a relatively new senior-level executive p.....»»
Atlassian fixes critical flaws in Confluence, Jira, Bitbucket and other products, update quickly!
Atlassian has fixed three critical vulnerabilities and is urging customers using Confluence, Bamboo, Bitbucket, Crowd, Fisheye and Crucible, Jira and Jira Service Management to update their instances as soon as possible. There is no mention of these.....»»
Criminal IP analysis report on zero-day vulnerability in Atlassian Confluence
According to Volexity, a webshell was discovered in Atlassian Confluence server during an incident response investigation. Volexity determined that it was a zero-day vulnerability that could execute remote code even after the latest patch was complet.....»»
Critical Atlassian 0-day is under active exploit. You’re patched, right?
Researchers who found vulnerability warn it's “dangerous and trivially exploited.” Enlarge (credit: Getty Images) About this time last week, threat actors began quietly tapping a previously unknown vulnerability in Atlassi.....»»
Unpatched Atlassian Confluence zero-day exploited, fix expected today (CVE-2022-26134)
A critical zero-day vulnerability (CVE-2022-26134) in Atlassian Confluence Data Center and Server is under active exploitation, the software maker has warned on Thursday. There is currently no fix available – though they are expected to be rele.....»»
Tidelift raises $27 million to improve open source software supply chain security
Tidelift announced $27 million in Series C funding, led by Dorilton Ventures, with Kaiser Permanente and Atlassian Ventures joining existing investors General Catalyst and Foundry Group. As part of the transaction, Daniel Freeman of Dorilton Ventures.....»»
GitProtect.io releases Jira backup to bring data protection in the event of any failure or human error
GitProtect.io, a data backup, and recovery software vendor for DevOps ecosystems (GitHub, Bitbucket, and GitLab) now officially supports Jira Cloud, a widely-used Atlassian issue tracking and project management tool for software development teams. It.....»»
OpenSSF announces 15 new members to tackle supply chain security challenges
The Open Source Security Foundation (OpenSSF) announced 15 new members from leading software development, cybersecurity, financial services, communications, and academic sectors. This round of commitments is led by two new premier members, Atlassian.....»»
Inside the Longest Atlassian Outage of All Time
Gergely Orosz: We are in the middle of the longest outage Atlassian has had. Close to 400 companies and anywhere from 50,000 to 400,000 users had no access to JIRA, Confluence, OpsGenie, JIRA Status page, and other Atlassian Cloud services. The outag.....»»