FreshRSS

πŸ”’
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
☐ β˜† βœ‡ The Hacker News

~40,000 Attacks in 3 Days: Critical Confluence RCE Under Active Exploitation

By: Newsroom β€” January 23rd 2024 at 09:34
Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public disclosure. Tracked as CVE-2023-22527 (CVSS score: 10.0), the vulnerability impacts out-of-date versions of the software, allowing unauthenticated attackers to achieve remote code execution on susceptible
☐ β˜† βœ‡ The Hacker News

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

By: Newsroom β€” December 6th 2023 at 09:18
Atlassian has released software fixes to address four critical flaws in its software that, if successfully exploited, could result in remote code execution. The list of vulnerabilities is below - CVE-2022-1471 (CVSS score: 9.8) - Deserialization vulnerability in SnakeYAML library that can lead to remote code execution in multiple products CVE-2023-22522 (CVSS score
☐ β˜† βœ‡ The Hacker News

Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers

By: Newsroom β€” November 10th 2023 at 08:58
Cybersecurity researchers have discovered a stealthy backdoor namedΒ EffluenceΒ that's deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server. "The malware acts as a persistent backdoor and is not remediated by applying patches to Confluence," Aon's Stroz Friedberg Incident Response ServicesΒ saidΒ in an analysis published
☐ β˜† βœ‡ The Hacker News

Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws

By: Newsroom β€” November 7th 2023 at 07:14
Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7Β saidΒ it observed the exploitation ofΒ CVE-2023-22518Β andΒ CVE-2023-22515Β in multiple customer environments, some of which have been leveraged for the deployment ofΒ CerberΒ (akaΒ C3RB3R) ransomware. Both vulnerabilities are critical, allowing threat
☐ β˜† βœ‡ The Hacker News

Microsoft Warns of Nation-State Hackers Exploiting Critical Atlassian Confluence Vulnerability

By: Newsroom β€” October 11th 2023 at 04:12
Microsoft has linked the exploitation of a recently disclosed critical flaw in Atlassian Confluence Data Center and Server to a nation-state actor it tracks asΒ Storm-0062Β (aka DarkShadow or Oro0lxy). The tech giant's threat intelligence team said it observed in-the-wild abuse of the vulnerability since September 14, 2023. "CVE-2023-22515 is a critical privilege escalation vulnerability in
☐ β˜† βœ‡ The Hacker News

Atlassian Confluence Hit by New Actively Exploited Zero-Day – Patch Now

By: Newsroom β€” October 5th 2023 at 03:28
Atlassian has released fixes to contain an actively exploited critical zero-day flaw impacting publicly accessible Confluence Data Center and Server instances. The vulnerability, tracked asΒ CVE-2023-22515, is remotely exploitable and allows external attackers to create unauthorized Confluence administrator accounts and access Confluence servers. It does not impact Confluence versions prior to
❌