I am rebuilding this site (click to read more)
Jump to content

Articles

wdfw w ff wdf sfsfd sfdwdfsdfwerw r werw erwe rwe rwer werwer werw erwer we r we rwerewrwe rwe rwer wer werwer werwe

My Articles
Community Articles
Guest Blogging Information

My Articles

Show all categories

QNAP devices vulnerable to remote takeover attacks

According to Henry Huang, a Taiwanese security researcher, there are still hundreds of thousands of QNAP NAS systems that have yet to be patched for no less than three bugs. This allow an attacker to exploit the three bugs to take full control over QNAP devices.
These bugs was found last year and Henry Huang reported it to QNAP last June. QNAP issues a patch in November last year to fix these bugs and still, 6 months later there are hundreds of thousands of unpatched units online.  These bugs are:
CVE-2019-7192 (CVSS 9.8) (Photo Station bug) CVE-2019-7194 (CVSS 9.8) (Photo Station bug) CVE-2019-7195 (CVSS 9.8) (Photo Station) The bugs that are connected to the Photo Station app are in themselves not a big issue. It is when chained together they can bypass authentication (bug #1), insert malicious code in the Photo Station app PHP session (bug #2), and then install a web shell on unpatched QNAP devices (bug #3).
Henry Huang have written detailed information regarding the bugs in an article on Medium. He also strongly advice users to patch their QNAP NAS as soon as possible. If that is not possible then he suggest that you take it off the Internet as it can be used for malicious purposes or you could attract a ransomware gang.
This is of course the official recommendation from QNAP as well.
Jimi Wikman
💫 Jimi Wikman

Atlassian acquire Halp - turn slack into an integrated helpdesk

Atlassian has announced that they have acquired Halp. Halp is an interesting take on support for Slack that allow you to create support tickets directly from conversations in Slack. As Halp can also be integrated with Jira Service Desk it makes sense for Atlassian to make the investment to purchase Halp to further strengthen their service portfolio on the support side.
Halp have made a bit of an impact in its only 12 months life span and with the simplicity of just posting an emote in Slack to create separate support tickets it has been a hit. Good integrations with Jira Service Desk and Zendesk has of course been a big part and now with integrations to Microsoft Teams it is even better.
Not only will Halp make it so much easier to keep track of support questions in Slack, but by integrating with other tools such as Jira Service Desk, then you have a powerhouse. It will update on both sides of the integration allowing you to meet your clients where they feel most comfortable and still maintain proper workflows. You can even connect it to Confluence or Slack messages to create knowledge bases.
This is of course another step to connect closer to Slack that purchased the rights to Atlassians previous chat products. Naturally Slack is very happy about this acquisition:
In the future we will see deeper integrations with Jira Service Desk and Confluence for sure, but there are hints forr new integrations with OpsGenie and Trello for example. It will undoubtedly be an interesting journey to follow in the future.
 
 
Jimi Wikman
💫 Jimi Wikman

End of support for Confluence gadgets - four gadgets are being deprecated in May

Atlassian is ending their support of four gadgets for Confluence Cloud at the end of May. The gadgets will still work after that if you are already using them, but you will not be able to add them into the legacy editor or the new editor using the macro browser, slash command, or a shortcut key. Three out of four gadgets are replaced with macros.
The time has come for gadgets to fade away and be replaced by the more modern macros for Confluence Cloud. While the gadgets will still work on your confluence pages, you will no longer be able to add them to pages. That goes for legacy and new editor as well as for macro browser, slash command and shortcut. If you want similar functionality then there are macros suggested for all but the news gadget.
Activity Stream gadget
The Activity stream gadget shows a list of recently changed content in your site. Atlassian recommend using the Recently Updated macro as an alternative in Confluence. 
Confluence Page gadget
This gadget displays the contents of a Confluence page. Atlassian recommend using the Include Page macro as an alternative in Confluence.  
Confluence Quick Nav gadget
This gadget provides a search field that can be used to search for page titles in Confluence. Atlassian recommend using the Livesearch macro as an alternative in Confluence. 

News gadget
This gadget previously displayed blogs and other news from Atlassian. It has no suggested alternative.
 
End of support means that Atlassian will no longer fix bugs for these gadgets. If your Confluence site is integrated with a Jira site, any Jira gadgets installed in Confluence ARE NOT IMPACTED by this change. You can continue to insert Jira gadgets into any Confluence page.
Jimi Wikman
💫 Jimi Wikman

Microsoft Teams Impersonation Attacks flood inboxes to Phish for Credentials

In the wake of Covid-19 and the increased need for communication for people working from home it comes as no surprise that Microsoft Teams are targeted by malicious people. This week we see both CISA and Abnormal security reporting on targeted phishing campaigns that have affected more than 50.000 users so far.
With so many starting to work from home due to the Covid-19 situation invites to different Microsoft Teams are very common. This is something that malicious people have started to take advantage of. Since many organizations are still a bit new to the situation of many employees working from home, this also mean that security is not always up to par with the situation.
The tactic is rather simple, but sadly also effective. One example is that a mail that seems legit are sent out with a link to a document on a Microsoft Team. If the link is clicked the user is asked to login and if that button is clicked, they’re taken to a malicious page which convincingly impersonates the Microsoft Office login page in order to steal their credentials
Another example include an email link that points to a YouTube page.  From there the users are redirected twice to finally land on another Microsoft Office login phishing site which convincingly impersonates the Microsoft Office login page.
This is even more effective on mobile according to the articles. This is because the images take up most of the space and because domain links are more difficult to see and therefore identify.  These phishing attempts are however very convincing even on desktop, which makes it more likely that someone will get caught in the phishers net.
As Microsoft Teams are integrated with Office 365 single sign on it means that if compromised the phisher will have access to other, possibly much more damaging, areas.  This is not the only issues facing office 365 users however and Sway got a bit of heat earlier this week as well.
Microsoft is not being idle however and this week they patched a nasty subdomain takeover vulnerability in Teams that could have allowed an inside attacker to weaponize a single GIF image and use it to pilfer data from targeted systems and take over all of an organization’s Teams accounts.
As always, be careful with email links and make sure you vet the urls carefully before submitting any user information online.
Jimi Wikman
💫 Jimi Wikman

Organization insights with Atlassian access and Premium plans

For users that have Atlassian Access or a Premium plan of Jira Software, Jira Service Desk, Jira Core, and Confluence a new feature have been released called Organization insights. In it's first iteration we get two charts that help us understand and predict product usage.
The new feature called Organization insights is starting out with two charts, but more are coming. The idea behind Organization insights is to give insight into the usage of your products. These two charts can be used to:
Identify adoption trends of specific products throughout your organization Understand and forecast product usage in the future Make data-driven decisions to increase usage in certain departments or use cases. Understand whether your license should be adjusted based on user activity Compare spending on various products against each other Quickly understand which users are inactive and should be deactivated.
 
 
 
 
Organization Insights is available for Jira Software, Jira Service Desk, Jira Core, and Confluence  for anyone with a Premium plan or have Atlassian Access.  To access your organization's insights, you must be an organization admin. From your organization at admin.atlassian.com, select Security > Insights.
 
Jimi Wikman
💫 Jimi Wikman