A Jira vulnerability that’s leaking data in the public cloud - Research Saturday

Unit 42 (the Palo Alto Networks threat intelligence team) released new research on a Jira vulnerability that’s leaking data of technology, industrial and media organizations in the public cloud. The vulnerability (a Server Side Request Forgery -- SSRF) is the same type that led to the Capital One data breach in July 2019.

Jen Miller-Osborn is the Deputy Director of Threat Intelligence for Unit 42 at Palo Alto Networks, and she joins us to share their findings.

The research can be found here:
https://unit42.paloaltonetworks.com/server-side-request-forgery-exposes-data-of-technology-industrial-and-media-organizations/

The CyberWire's Research Saturday is presented by Juniper Networks.

Thanks to our sponsor Enveil, closing the last gap in data security.