Connect with us

Hi, what are you looking for?

Cyber Security

CISA: Hackers exploit critical Bitbucket Server flaw in attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has added three more security flaws to its list of bugs exploited in attacks, including a Bitbucket Server RCE and two Microsoft Exchange zero-days.

CISA’s Known Exploited Vulnerabilities (KEV) catalog now includes two Microsoft Exchange zero-days (CVE-2022-41040 and CVE-2022-41082) exploited in limited, targeted attacks, according to Microsoft.

While Microsoft hasn’t yet released security updates to address this pair of actively exploited bugs, it shared mitigation measures requiring customers to add an IIS server blocking rule that would block attack attempts.

“Microsoft is also monitoring these already deployed detections for malicious activity and will take necessary response actions to protect customers. [..] We are working on an accelerated timeline to release a fix,” Microsoft said earlier today.

The third security flaw CISA added to its KEV list today (tracked as CVE-2022-36804) is a critical severity command injection vulnerability in Atlassian’s Bitbucket Server and Data Center, with publicly available proof of concept exploit code.

Attackers can gain remote code execution by exploiting the flaw via malicious HTTP requests. Still, they must have access to a public repository or read permissions to a private one.

This RCE vulnerability impacts all Bitbucket Server and Data Center versions after 6.10.17, including 7.0.0 and up to 8.3.0.

BinaryEdge and GreyNoise confirmed that attackers have been scanning and attempting to exploit CVE-2022-36804 in the wild [12] since at least September 20th.

Federal agencies ordered to mitigate

All Federal Civilian Executive Branch Agencies (FCEB) agencies apply patches or mitigation measures for these three actively exploited bugs after being added to CISA’s KEV catalog as required by a binding operational directive (BOD 22-01) from November.

The federal agencies were given three weeks, until October 21st, to ensure that exploitation attempts would be blocked.

The U.S. cybersecurity agency also strongly urged all private and public sector organizations worldwide to prioritize patching these vulnerabilities, although BOD 22-01 only applies to U.S. FCEB agencies.

Applying patches ASAP will help them decrease the attack surface potential attackers could target in breach attempts.

“These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise,” CISA explained on Thursday.

Since the BOD 22-01 binding directive was issued last year, CISA has added more than 800 security flaws to its catalog of bugs exploited in attacks while requiring federal agencies to address them on a tighter schedule.

Source: https://www.bleepingcomputer.com/news/security/cisa-hackers-exploit-critical-bitbucket-server-flaw-in-attacks/

Advertisement. Scroll to continue reading.
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

Bureaucracy and dispersed authorities hinder the Cybersecurity and Infrastructure Security Agency’s ability to carry out its mission as network cyber lead, according to an...

Cyber Security

Agency resources are intended to address the longstanding challenges health systems and hospitals have faced from increasingly advanced cyberattacks. The Cybersecurity and Infrastructure Security...

Cyber Security

The nation’s cyber defense agency wants to play a key role in hardening the broader open source software security ecosystem. The Cybersecurity and Infrastructure...

Cyber Security

A group of Researchers unearthed critical code Proton Mail vulnerabilities that could have jeopardized the security of Proton Mail, a renowned privacy-focused webmail service. ...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO