Free Video Downloader

Fast and free all in one video downloader

For Example: https://www.youtube.com/watch?v=OLCJYT5y8Bo

1

Copy shareable video URL

2

Paste it into the field

3

Click to download button


State-backed hackers are exploiting new ‘critical’ Atlassian zero-day bug
October 12, 2023

State-backed hackers are exploiting new ‘critical’ Atlassian zero-day bug

Reading Time: 2 minutes

Microsoft says Chinese state-backed hackers are exploiting a ‘critical’-rated zero-day vulnerability in Atlassian software to break into customer systems.

The technology giant’s threat intelligence team said in a post on X, formerly Twitter, that it has observed a nation-state threat actor it calls Storm-0062 exploiting a recently disclosed critical flaw in Atlassian Confluence Data Center and Server. Microsoft has previously identified Storm-0062 as a China-based state-sponsored hacker.

Microsoft said it observed in-the-wild abuse of the maximum rated 10.0 vulnerability, tracked as CVE-2023-22515, since September 14, some three weeks before Atlassian’s public disclosure on October 4. A bug is considered a zero-day when the vendor — in this case Atlassian — has zero time to fix the bug before it is exploited.

Atlassian updated its advisory this week to confirm it has ‘evidence to suggest that a known nation-state actor’ is exploiting the bug, which the company says could allow a remote attacker to create unauthorized administrator accounts to access Confluence servers.

Atlassian’s Confluence is a widely popular collaborative wiki system used by corporations around the world to organize and share work.

Atlassian’s advisory states that the company has so far received reports from a ‘handful of customers.’ It’s not clear if the company yet knows the scale of customer exploitation. When asked whether Atlassian was able to determine whether a customer environment has been compromised, the spokesperson declined to comment.

‘Our priority is the security of our customers’ instances during this critical vulnerability, and we are collaborating with industry-leading threat intelligence partners, such as Microsoft, to obtain additional information that may assist customers with responding to the vulnerability,’ the spokesperson said. ‘This is an ongoing investigation, and we encourage customers to share evidence of compromise to support these efforts.’

Atlassian, which notes that the vulnerability impacts only on-premises instances of Confluence Data Center and Confluence Server, has released a patch for the flaw, and is urging users to upgrade as soon as possible.

Reference: https://techcrunch.com/2023/10/11/chinese-state-hackers-atlassian-zero-day/

Ref: techcrunch

MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG

Leave a Reply

Your email address will not be published. Required fields are marked *