Welcome to Security Sunday – Week 40. our weekly IT security summary (2 October – 8 October 2023).

We’re collecting notable incident and vulnerability reports from the past week.

MGM Resorts claims ransomware attack cost it $110 million

Active exploitation of a critical Zero-Day bug in Atlassian Confluence.

This week a zero-day vulnerability was discovered in the popular Atlassian Confluence software tool. This vulnerability, identified as CVE-2023-22515, exposes a critical access control vulnerability that impacted Confluence Data Center and Server versions.

  • Unexpected confluence-administrator group members
  • Unexpected newly created user accounts
  • Accesses to /setup/*.action
  • The presence of /setup/setupadministrator.action in the exception message in the atlassian-confluence-security.log file in the Confluence home directory

Exploit for CVE-2023-4911 vulnerability compromises many Linux systems

Sony reveals data leak that affected thousands of people

Cloudflare Versus Cloudflare: The Irony in Protecting Against DDoS Attacks

NSA and CISA reveal the 10 most common misconfigurations that compromise security

  • Default software configuration
  • Incorrect separation of user/administrator permissions
  • Insufficient monitoring of the internal network
  • Insufficient network segmentation
  • Poor update management
  • Bypassing system access controls
  • Weak or poorly configured multi-factor authentication (MFA) methods
  • Insufficient access control lists (ACLs) for network shares and services
  • Unlimited code execution
  • Insufficient password complexity

Interested in cyber security? Check out the next episodes of our weekly magazine Security Sunday.