News – Page 484

Atlassian warns of critical Confluence flaw

Posted on 26 August 2021

From theregister.com

Atlassian has warned users of its Confluence Server that they need to patch the product to remedy a Critical-rated flaw.

The company’s not saying a lot about CVE-2021-26084, besides describing it as a “Confluence Server Webwork OGNL injection vulnerability … that would allow an authenticated user, and in some instances unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance.”

The bug scores 9.8 on the ten-point Common Vulnerability Scoring System.

Atlassian has released fixed versions of the product – namely versions 6.13.23, 7.4.11, 7.11.6, 7.12.5, and 7.13.0 – but the company’s advisory suggests upgrading to the latest long-term service release.

Linux Attackers Take Advantage of Unpatched Vulnerabilities

Posted on 26 August 2021

From securityboulevard.com

Linux operating systems are being targeted by malicious actors as organizations increase their digital footprint in the cloud, with many attackers of the open source OS likely taking advantage of outdated software with unpatched vulnerabilities, according to the Linux Threat Report 2021 1H from Trend Micro.

The Trend Micro report, which investigates the top malware families affecting Linux servers during the first half of 2021, found a quarter of the malware attacks were cryptocurrency miners (coinminers) followed by Web shells (20%) and ransomware (12%).

Web shell and coinmining attacks differ in the ways they operate but are both very popular styles of attacks due to their potential profitability. Coinmining is directly profitable for cybercriminals who hijack an organization’s resources to mine cryptocurrency. As a result, without proper resource monitoring, this style of attack can go undetected for months—while the attackers sit back and collect the money.

Vulnerability management is facing three core problems: Here’s how to solve them

Posted on 26 August 2021

From helpnetsecurity.com

From the get-go, too many organizations have an outdated idea of what vulnerability management entails. It’s not simply about scanning your networks for threats.

A holistic approach to vulnerability management includes identifying, reporting, assessing and prioritizing exposures. Crucially, it also involves risk context. Instead of merely scanning for security gaps, a comprehensive approach to vulnerability management shows you how those gaps could be exploited and the consequences that could occur.

VMware addressed 4 High-Severity flaws in vRealize Operations

Posted on 26 August 2021

From securityaffairs.co

VMware addressed multiple vulnerabilities in vRealize Operations, including four high severity flaws.

The most severe flaw, tracked as CVE-2021-22025 (CVSS score of 8.6), is a broken access control vulnerability in the vRealize Operations Manager API. An attacker could exploit the vulnerability to gain unauthenticated API access.

“The vRealize Operations Manager API contains a broken access control vulnerability leading to unauthenticated API access. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.6.“ reads the advisory published by the virtualization giant. “An unauthenticated malicious actor with network access to the vRealize Operations Manager API can add new nodes to existing vROps cluster.”

Israeli firm Bright Data named as enabler of Philippines government DDOS attacks on opposition groups

Posted on 26 August 2021

From theregister.com

Looks like a case of abuse of the service and/or being careless with what your customers get up to. Swedish digital rights organisation Qurium has alleged that an Israeli company called Bright Data has helped the government of the Philippines to DDOS local human rights organisation Karapatan.

In July, Qurium reported that the Philippines Department of Science and Technology and Army had conducted DDOS attacks on local media critical of the nation’s government, and targeted Karapatan.

Last week, Qurium reported a new wave of attacks on Karapatan, detailing a three-week campaign felt to be aimed at derailing efforts to protest extra-judicial killings – including the death of a Karapatan member.

Checking for misconfigurations isn’t enough

Posted on 26 August 2021

From helpnetsecurity.com

Earlier this year, Hobby Lobby accidentally exposed 136 GB of sensitive data for 300,000 customers. Artwork Archive was recently alerted that an Amazon S3 bucket with 200,000 files in it was left open, although it was found by a cybersecurity firm and not a threat actor so the issue was quickly resolved.

M1 taps 5G to enrich waterfront lifestyle, operations

Posted on 25 August 2021

From zdnet.com

M1 and its sister company Keppel Land have introduced 5G services that they say aim to improve maritime operations and enrich waterfront lifestyle. These include automated vessel analytics and recognition technologies to facilitate real-time surveillance.

Targeted for deployment at Marina at Keppel Bay, the new suite of services would be delivered on M1’s 5G Standalone network, said the companies in a joint statement Wednesday. M1 and Keppel Land are part of the Keppel Group.