Cyber Security Today, June 6, 2022 – Atlassian and GitHub issue patches for critical bugs

Atlassian and GitHub issue patches for critical bugs.

Welcome to Cyber Security Today. It’s Monday, June 6th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

My thanks to IT World Canada CIO Jim Love for filling in while I was away. And now the news:

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Atlassian has issued security updates that have to be installed immediately to fix a critical vulnerability in two of its main on-premise collaboration products. The vulnerability affects all currently supported versions of Confluence Server and Confluence Data Center. According to the company, hackers are already trying to exploit this bug so it needs to be patched. Briefly, a hole in the language for setting properties of Java objects could allow an unauthenticated user to execute code in a Confluence environment. A SANS Institute analyst notes unsupported versions of Confluence may be affected as well. So if you have an older version of these applications either upgrade to a newer version, make sure Confluence isn’t exposed to the internet or migrate to the cloud version of Confluence.

Application developers and administrators using GitLab Community or Enterprise editions are urged to install the latest version as soon as possible. That’s because they include important security fixes. One, in the Enterprise Edition, closes a vulnerability rated as critical. Under certain conditions an attacker could take over the account of a user if it isn’t protected with two-factor authentication.

Electronics manufacturer Foxconn has confirmed its Mexico factory was hit by ransomware late last month. The company told SecurityWeek that it is still recovering from the attack but expects the impact on overall operations will be minimal. No details of the attack were given, but the threat group that operates the LockBit 2.0 ransomware recently claimed it stole data from the facility. A Foxconn IT system in the U.S. suffered a ransomware attack in December, 2020.

The IT infrastructure that helped spread the FluBot Android malware has been rendered mute. The Europol police co-operative said last week that Dutch police took down the infrastructure with the help of 10 law enforcement agencies, including agencies from the U.S. and Australia. The malware was installed by text messages that asked Android users to click on a link and install an application to track a package delivery, or to listen to a fake voicemail message. Once installed the malicious FluBot application would ask victims for accessibility permissions. Those who said yes had their passwords for accessing financial institutions stolen. The malware spread because it also copied phone number from victims’ contact lists. Europol says there are two ways to tell whether an app is malware: If you tap it and it doesn’t open, and if you try to uninstall an app you get an error message. If you think an app may be malware, reset the smartphone to factory settings.

Finally, the annual RSA cybersecurity conference in San Francisco begins today. I’ll be covering some of the sessions with detailed stories on ITWorldCanada.com. You can follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Sponsored By:

Cyber Security Today Podcast