Atlassian Zero-day Vulnerability Exposed

Earlier this week, a cybersecurity Twitter account inadvertently revealed a zero-day vulnerability flaw affecting software company Atlassian. According to @SwiftOnSecurity, Atlassian provided a domain that resolved to a local server with a common SSL certificate for its Confluence cloud service. This vulnerability would allow anyone with sufficient technical knowledge to conduct a man-in-the-middle attack, redirecting app traffic to a malicious site.


EXPERTS COMMENTS
Jake Moore, Cybersecurity Specialist,  ESET
December 05, 2019
Companies must always patch their systems at the earliest opportunity to mitigate any zero day threats.
“This is not only a reminder for companies to keep on top of their cyber security, but it also highlights how quickly this industry moves, and that some vulnerabilities can hide under the radar. This can sometimes be because some risks are perceived to be too small or simple to take any effect. Locating a vulnerability by accident is not uncommon and this highlights the scale at which threat act ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article