Skip to content
Threat Feed
Subscribe

Product

Bitbucket

10 briefs RSS
medium threat

Unusual Child Process Execution from Linux Web Servers

This rule detects unusual child process executions originating from web server processes on Linux systems, which attackers may use to maintain persistence on a compromised system by exploiting web server vulnerabilities.

Jira +20 persistence execution command_and_control initial_access linux webserver
2r 4t
medium threat

Suspicious Command Execution via Web Server on Linux

Identifies suspicious command executions via a web server on Linux systems, which may suggest a vulnerability and remote shell access.

Elastic Defend +43 persistence initial-access vulnerability linux
2r 3t
high advisory

Multiple Vulnerabilities in Atlassian Products

Multiple vulnerabilities exist in Atlassian products including Bamboo, Bitbucket, Confluence, Crucible, Fisheye, and Jira which could lead to arbitrary code execution, denial of service, information disclosure, cross-site scripting, and security bypass.

Bamboo +5 atlassian vulnerability code-execution dos xss security-bypass
2r 4t
critical advisory

Multiple Vulnerabilities in Atlassian Products

Multiple vulnerabilities in Atlassian Bamboo, Bitbucket, Confluence, Jira, and Jira Service Management allow attackers to execute arbitrary code, bypass security measures, manipulate data, disclose information, or perform cross-site scripting attacks.

Bamboo +4 atlassian vulnerability code-execution xss
2r 4t 26c
medium advisory

Bitbucket Secret Scanning Rule Deleted

Attackers may delete secret scanning rules in Bitbucket to impair defenses and introduce secrets into the code repository undetected, potentially leading to unauthorized access or data breaches.

Bitbucket attack.defense-impairment attack.t1685
2r 1t
medium advisory

Bitbucket Global SSH Settings Changed

An attacker modifies Bitbucket global SSH settings to potentially enable unauthorized access and lateral movement.

Bitbucket lateral-movement defense-impairment
2r 2t
medium advisory

Bitbucket Audit Log Configuration Modified

An attacker may modify the Bitbucket audit log configuration to impair security monitoring and evade detection.

Bitbucket attack.defense-impairment attack.t1562.004
2r 1t
medium advisory

Bitbucket Global Secret Scanning Rule Deletion

An adversary with administrative privileges may delete global secret scanning rules in Bitbucket to impair defenses and exfiltrate sensitive data without detection.

Bitbucket attack.defense-impairment attack.t1685
2r 1t
low advisory

Bitbucket Project Secret Scanning Allowlist Added

An adversary may impair defenses by adding a secret scanning allowlist rule for Bitbucket projects, potentially allowing secrets to be committed and exposed.

Bitbucket attack.defense-impairment attack.t1685
2r
medium advisory

Bitbucket User Login Failure Detection

Detection of Bitbucket user login failures, potentially indicating credential access attempts, initial access attempts, or other malicious activity.

Bitbucket authentication brute-force credential-access initial-access
2r 3t