Security News

Security researchers have confirmed that ransomware criminals are capitalizing on a maximum-severity vulnerability in Apache ActiveMQ. Announced on October 25 and tracked as CVE-2023-46604, the insecure deserialization vulnerability allows for remote code execution on affected versions. "Apache ActiveMQ is vulnerable to remote code execution," Apache said in its advisory.

The cybersecurity biz confirmed in an update to its advisory for CVE-2023-46747 that it has evidence of active exploitation in the wild, less than five days after the initial limited-detail research was published by Praetorian. This critical Apache JServ Protocol smuggling vulnerability was what attracted much of the attention to F5's BIG-IP configuration utility last week.

Australian software company Atlassian warned admins to immediately patch Internet-exposed Confluence instances against a critical security flaw that could lead to data loss following successful exploitation. Described as an improper authorization vulnerability affecting all versions of Confluence Data Center and Confluence Server software, the bug is tracked as CVE-2023-22518 and puts publicly accessible instances at critical risk.

Atlassian has warned of a critical security flaw in Confluence Data Center and Server that could result in "significant data loss if exploited by an unauthenticated attacker." Tracked as...

Atlassian is urging enterprise administrators to update their on-premises Confluence Data Center and Server installations quickly to plug a critical security vulnerability that could lead to "Significant data loss if exploited by an unauthenticated attacker.""Versions outside of the support window may also be affected, so Atlassian recommends you upgrade to a fixed LTS version or later," the company said.

Atlassian has told customers they "Must take immediate action" to address a newly discovered flaw in its Confluence collaboration tool. An advisory issued on October 31st warns of CVE-2023-22518, described as an "Improper authorization vulnerability in Confluence Data Center and Server", the on-prem versions of Atlassian's products.

Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices. Cisco released patches for most releases of its IOS XE software but thousands of systems continue to be compromised, internet scans show.

F5 Networks has released hotfixes for three vulnerabilities affecting its BIG-IP multi-purpose networking devices/modules, including a critical authentication bypass vulnerability that could lead to unauthenticated remote code execution. "This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands," F5 confirmed.

1Password also affected by Okta Support System breachFollowing in the footsteps of BeyondTrust and CloudFlare, 1Password has revealed that it has been affected by the Okta Support System breach. Microsoft announces wider availability of AI-powered Security CopilotMicrosoft Security Copilot has been made available to a larger number of enterprise customers, via an invitation-only Early Access Program.

The Russian APT28 hacking group has been targeting government entities, businesses, universities, research institutes, and think tanks in France since the second half of 2021. The Russian hackers have been compromising peripheral devices on critical networks of French organizations and moving away from utilizing backdoors to evade detection.