1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Atlassian Confluence is under heavy attack

    From TechnologyDaily@1337:1/100 to All on Mon Sep 6 17:00:05 2021
    Atlassian Confluence is under heavy attack

    Date:
    Mon, 06 Sep 2021 15:53:55 +0000

    Description:
    A massive worldwide campaign against the popular collaboration platform has the security community on tenterhooks.

    FULL STORY ======================================================================

    Cybersecurity researchers at the US Cyber Command (USCYBERCOM) have urged admins to immediately patch their on-premise Atlassian Confluence collaboration platform , which is at the receiving end of an ongoing attack.

    USCYBERCOM put out a public notice on Twitter informing Atlassian users of an active large-scale exploitation campaign that it expects to accelerate.

    Please patch immediately if you havent alreadythis cannot wait until after
    the weekend, USCYBERCOM wrote on Twitter . These are the best endpoint protection tools Check our list of the best firewall apps and services Here's our choice of the best malw a re removal software on the market

    The flaw, tracked as CVE-2021-26084 , enables threat actors to remotely execute arbitrary code on the popular workplace collaboration platform. Ongoing campaign

    Described as an OGNL injection vulnerability, the bug exists in the Atlassian Confluence Server and Confluence Data Center products, both of which are vulnerable to unauthenticated remote attackers.

    With a high CVSS severity rating of 9.8 out of 10, the vulnerability was
    first reported on July 27, 2021. However, given its serious nature, Atlassian didnt publish details about its exploitation mechanism, even after it had issued a patch last month on August 25, 2021.

    Reportedly however, threat actors began exploiting the vulnerability soon after the patch was released. Threat intelligence firm Bad Packets first detected mass scanning and exploit activity against the vulnerability from hosts in Brazil, China, Hong Kong, Nepal, Romania, Russia and the US, before Atlassian updated its advisory warning users about the attack.

    This vulnerability is being actively exploited in the wild. Affected servers should be patched immediately, said Atlassian .

    The vulnerability affects Confluence Server and Data Center versions before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5. Protect your devices with
    these best antivirus software



    ======================================================================
    Link to news story: https://www.techradar.com/news/atlassian-confluence-is-under-heavy-attack/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)