Search the Community

Atlassian, a leading provider of collaboration and productivity software, has recently rolled out a series of patches aimed at fortifying the security of its popular products. These Atlassian flaws fixes address vulnerabilities across several platforms, including Bamboo, Bitbucket, Confluence, and Jira. Let’s delve into the details of these fixes and understand their significance in protecting […] The post Atlassian Flaws Fixes: Critical Bamboo Patch Mitigates Risk appeared first on TuxCare. The post Atlassian Flaws Fixes: Critical Bamboo Patch Mitigates Risk appeared first on Security Boulevard. View the full article

Hackers are exploiting misconfigured servers running Docker, Confluence, and other services in order to drop cryptocurrency miners. Researchers at Cado Security Labs recently observed one such malware campaign, noting how threat actors are using multiple “unique and unreported payloads”, including four Golang binaries, to automatically discover Apache Hadoop YARN, Docker, Confluence, and Redis hosts, vulnerable to CVE-2022-26134, an unauthenticated and remote OGNL injection vulnerability that allows for remote code execution. This flaw was first discovered two years ago, when threat actors targeted Confluence servers (typically the confluence user on Linux installations). At the time, the researchers said internet-facing Confluence servers were at “very high risk”, and urged IT teams to apply the patch immediately. It seem that even now, two years later, not all users installed the available fixes. Unidentified threat The tools are also designed to exploit the flaw and drop a cryptocurrency miner, spawn a reverse shell, and enable persistent access to the compromised hosts. Cryptocurrency miners are popular among cybercriminals, as they take advantage of the high compute power of a server to generate almost untraceable profits. One of the most popular crypto-miners out there is called XMRig, a small program mining the Monero currency. On the victim’s side, however, not only are their servers unusable, but the miners would rack up their electricity bill fairly quickly. For now, Cado is unable to attribute the campaign to any specific threat actor, saying it would need the help of law enforcement for that: “As always, it’s worth stressing that without the capabilities of governments or law enforcement agencies, attribution is nearly impossible – particularly where shell script payloads are concerned,” it said. Still, it added that the shell script payloads are similar to ones seen in attacks done by TeamTNT, and WatchDog. More from TechRadar Pro This new Linux malware floods machines with cryptominers and DDoS botsHere's a list of the best firewalls around todayThese are the best endpoint security tools right now View the full article

Check out our comprehensive review of Confluence. Discover its features, pricing, and weigh the pros and cons to see if it's the right collaboration tool for you.View the full article

Amazon Kendra is a highly accurate and easy to use intelligent search service powered by machine learning. Starting today, AWS customers can automatically index and search content that is contained in Confluence Cloud repositories using Kendra's new built-in Confluence Cloud connector. View the full article

Amazon Kendra is a highly accurate and easy to use intelligent search service powered by machine learning. Starting today, AWS customers can automatically index and search content that is contained in Confluence repositories using Kendra's new built-in Confluence Server connector. View the full article