A vulnerability has been discovered in Atlassian Confluence Server and Data Center, which could allow for Privilege Escalation. Confluence is a collaboration tool that brings people, knowledge, and ideas together in a shared workspace. Successful exploitation of this vulnerability could allow an attacker to create unauthorized Confluence administrator accounts to access the instance. An attacker could then perform administrator actions in the context of the confluence instance.
A vulnerability has been discovered in Cisco Emergency Responder that could allow for arbitrary code execution on a targeted host. Successful exploitation could allow an unauthenticated remote attacker to log in to the affected system using the root account and execute arbitrary commands. Cisco Emergency Responder is used to enhance the existing emergency 9-1-1 functionality offered by Cisco Unified Communications Manager. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Is a deepfake Tom Hanks better than the real thing? Who has been attacking the British Royal Family’s website, and why? And how can you protect your vehicle from the spate of keyless car thefts?
All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.
Plus don’t miss our featured interview with Devo CISO Kayla Williams.
