On January 28, 2021, a report was published that linked a Hezbollah-affiliated threat actor to intrusions at telco operators and internet service providers in a number of locations globally.
A security vendor identified that a malicious actor had been exploiting previously disclosed vulnerabilities in outdated versions of Jira Server, Jira Data Center, Confluence Server, and Confluence Data Center.
"Based on our investigation, this was a known vulnerability and we had issued patches two years ago to address this issue. As always, we recommend that our server and data center customers apply the latest security patches as soon as available to receive the latest features and fixes. We also recommend that our customers move to the cloud versions of Atlassian products to receive automatic upgrades and patches."
Adrian Ludwig, Chief Information Security Officer, Atlassian
For further information, please don't hesitate to reach out to our Customer Support.
1 comment