RCE with exploit in Confluence Server and Confluence Data Center (CVE-2021-26084)

On August 25, Atlassian reported a critical Remote Code Execution vulnerability in Confluence Server and Confluence Data Center. The vulnerability allows an authenticated user, and in some cases an unauthenticated user, to execute arbitrary code in Confluence Server and Confluence Data Center. Today, September 1, an article was published with a research of the vulnerability … Continue reading RCE with exploit in Confluence Server and Confluence Data Center (CVE-2021-26084)

Monthly red digest with red vulnerabilities and incidents

Microsoft is the headliner of the outgoing month. Too many too critical vulnerabilities in the last month. Also, other vendors with zero-day and 1-click vulnerabilities are worth noting. In addition to vulnerabilities, there were several high-profile hacks and news about ransomware + some APT for our monthly digest. Vulnerabilities: Microsoft, IOT, Nvidia, Atlassian, Western Digital … Continue reading Monthly red digest with red vulnerabilities and incidents