The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Atlassian

One-Click Exploit Could Have Let Attackers Hijack Any Atlassian Account

One-Click Exploit Could Have Let Attackers Hijack Any Atlassian Account

June 24, 2021Ravie Lakshmanan
Cybersecurity researchers on Wednesday disclosed critical flaws in the Atlassian project and software development platform that could be exploited to take over an account and control some of the apps connected through its single sign-on ( SSO ) capability. "With just one click, an attacker could have used the flaws to get access to Atlassian's publish Jira system and get sensitive information, such as security issues on Atlassian cloud, Bitbucket and on premise products," Check Point Research said in an analysis shared with The Hacker News. After the issues were reported to Atlassian on Jan. 8, 2021, the Australian company deployed a fix as part of its  updates  rolled out on  May 18 . The sub-domains affected by the flaws include -  jira.atlassian.com confluence.atlassian.com getsupport.atlassian.com partners.atlassian.com developer.atlassian.com support.atlassian.com training.atlassian.com Successful exploitation of these flaws could result in a supply-ch
WebAuthn Passwordless Authentication Now Available for Atlassian Products

WebAuthn Passwordless Authentication Now Available for Atlassian Products

June 15, 2020The Hacker News
Atlassian solutions are widely used in the software development industry. Many teams practicing agile software development rely on these applications to manage their projects. Issue-tracking application Jira, Git repository BitBucket, continuous integration and deployment server Bamboo, and team collaboration platform Confluence are all considered to be proven agile tools. Considering how popular agile has become, it's no wonder Atlassian now serves 83 percent of Fortune 500 companies and has over 10 million active users worldwide. To help create a better experience for these users,  Alpha Serve  has developed WebAuthn add-ons to bring passwordless authentication to various Atlassian products. Having a more convenient and secure way to login to their Atlassian instances should be a welcome development for development teams. How WebAuthn Works WebAuthn is a browser-based security standard recommended by World Wide Web Consortium (W3C) that allows web apps to simplif
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.