[HackerNews] Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server

The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner.
The “successful attack,” which is believed to have occurred last week, was mounted against its

Source: Read More (The Hacker News)

You might be interested in …

Daily NCSC-FI news followup 2021-03-05

PLEASE LEAVE AN EXPLOIT AFTER THE BEEP www.dubex.dk/aktuelt/nyheder/please-leave-an-exploit-after-the-beep In January 2021, Dubex investigated suspicious activity on a set of Exchange servers. Generic post exploitation activity was seen, and many POST requests were sent to webshells hosted in the OWA directory. It was initially suspected the servers might be backdoored directly through the OWA and that […]

Read More

[SecurityWeek] U.S. Cyber Command Officially Links MuddyWater Group to Iranian Intelligence

All posts, Security Week

The U.S. Cyber Command (CYBERCOM) on Wednesday officially tied the advanced persistent threat (APT) actor known as MuddyWater to Iranian intelligence. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[ZDNet] ASIC says financial market cyber resiliency remained steady but fell short of target

All posts, ZDNet

The corporate watchdog said overly ambitious targets, a rise in cyber threats, and COVID-19 disruptions were to blame for the cyber resiliency shortfall. Source: Read More (Latest topics for ZDNet in Security)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.