Security News

Australian software firm Atlassian warned customers to immediately patch a critical vulnerability that provides remote attackers with hardcoded credentials to log into unpatched Confluence Server and Data Center servers. As the company revealed this week, the Questions for Confluence app creates a disabledsystemuser account with a hardcoded password to help admins migrate data from the app to the Confluence Cloud.

Atlassian has rolled out fixes to remediate a critical security vulnerability pertaining to the use of hard-coded credentials affecting the Questions For Confluence app for Confluence Server and Confluence Data Center. While this account, Atlassian says, is to help administrators migrate data from the app to Confluence Cloud, it's also created with a hard-coded password, effectively allowing viewing and editing all non-restricted pages within Confluence by default.

Complaints over Microsoft's latest patch Tuesday have intensified after some Windows 11 users found their systems worse for wear following installation. The July 12 patch, KB5015814, was a relatively straightforward one that dealt with a number of what Microsoft delicately termed "Security issues" in its summary.

A Windows 11 vulnerability, part of Microsoft's Patch Tuesday roundup of fixes, is being exploited in the wild, prompting the U.S. Cybersecurity and Infrastructure Security Agency to advise patching of the elevation of privileges flaw by August 2. The recommendation is directed at federal agencies and concerns CVE-2022-22047, a vulnerability that carries a CVSS score of high and exposes Windows Client Server Runtime Subsystem used in Windows 11 and also Windows Server 2022 to attack.

Microsoft released its monthly round of Patch Tuesday updates to address 84 new security flaws spanning multiple product categories, counting a zero-day vulnerability that's under active attack in the wild. Very little is known about the nature and scale of the attacks other than an "Exploitation Detected" assessment from Microsoft.

Despite worries that Patch Tuesday may not be as exciting now that Microsoft's Windows Autopatch is live - with a slew of caveats - the second Tuesday of this month arrived with 84 security fixes, including 4 critical bugs and one that's under active exploit. Microsoft deemed it an "Important" security issue, with low complexity and low privileges required to exploit.

CISA has added an actively exploited local privilege escalation vulnerability in the Windows Client/Server Runtime Subsystem to its list of bugs abused in the wild.This high severity security flaw impacts both server and client Windows platforms, including the latest Windows 11 and Windows Server 2022 releases.

Today is Microsoft's July 2022 Patch Tuesday, and with it comes fixes for one actively exploited zero-day vulnerability and a total of 84 flaws. This month's Patch Tuesday fixes an actively exploited zero-day elevation of privileges vulnerability.

Threat actors exchange beacons for badgers to evade endpoint securityUnidentified cyber threat actors have started using Brute Ratel C4, an adversary simulation tool similar to Cobalt Strike, to try to avoid detection by endpoint security solutions and gain a foothold on target networks, Palo Alto Networks researchers have found. Attackers are using deepfakes to snag remote IT jobsMalicious individuals are using stolen personally identifiable information and voice and video deepfakes to try to land remote IT, programming, database and software-related jobs, the FBI has warned last week.

With those major updates now in place, could we see a summertime lull in the July 2022 Patch Tuesday updates? We saw a rare SQL server update last Patch Tuesday and I don't anticipate another this month.