CISA is typically late to the party for many of the KEV additions, but it seems like the invitation was delivered early.
A Pair of Zero-Days in Exchange
Two zero-days in Microsoft Exchange servers were discovered that when chained together, can allow remote code execution. However, the advisory states that authenticated access to the servers are necessary in order to exploit. Thus, it is likely attackers will first run a phishing/social engineering campaign to gain authorization. So if you have Exchange servers, it is important to place all of the suggested mitigations in effect from Microsoft’s guidance. But what’s equally, if not more, important is to double down on efforts to recognize and report phishing in your organization.
Critical Bug in Bitbucket
The other vulnerability is a command injection flaw in Atlassian Bitbucket reported back in August. A patch is available for this CVE and a PoC exploit is also circulating out in the wild. As Bitbucket is a code repository, some sensitive intellectual property could be at risk as well as other components connected to the larger Jira/Trello framework. A malicious actor leveraging this kind of attack is most likely after admin-level control so they can sink their teeth in further into the network.
#cisa #cisanalysis #microsoftexchange #atlassian #zeroday
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About VRX
VRX is a consolidated vulnerability management platform that protects assets in real time. Its rich, integrated features efficiently pinpoint and remediate the largest risks to your cyber infrastructure. Resolve the most pressing threats with efficient automation features and precise contextual analysis.
