Details of Atlassian Confluence RCE Vulnerability Disclosed

June 4, 2024 at 10:15AM A high-severity vulnerability, tracked as CVE-2024-21683, allows remote code execution in Atlassian Confluence Data Center and Server. Identified by SonicWall, the flaw requires user privileges to add and upload a malicious language file. Atlassian has released patches, yet threat actors could still target this and other known vulnerabilities. Key takeaways … Read more

Novel backdoor persists even after critical Confluence vulnerability is patched

November 14, 2023 at 06:03AM A new backdoor has been discovered in organizations’ environments, exploiting a critical vulnerability in Atlassian Confluence. The backdoor allows attackers remote access to a victim’s Confluence server and other network resources. It persists even after Confluence patches are applied. The malware responsible, called Effluence, is difficult to detect. Organizations are … Read more

Atlassian Customers Should Patch Latest Critical Vuln Immediately

November 1, 2023 at 01:05PM Atlassian has discovered a critical vulnerability in its Confluence Data Center and Server platform and is advising customers to patch it immediately. The vulnerability, CVE-2023-22518, is an improper authorization vulnerability that affects on-premises versions of Confluence. This is the second critical vulnerability found in a month. Atlassian has not detected … Read more

Ukrainian activists hack Trigona ransomware gang, wipe servers

October 18, 2023 at 07:18PM The Ukrainian Cyber Alliance has successfully hacked the servers of the Trigona ransomware gang, copying all available information before wiping the servers clean. The hackers gained access to Trigona’s infrastructure using a public exploit and managed to extract data, including source code and database records. The activists have deleted and … Read more

US cybercops urge admins to patch amid ongoing Confluence chaos

October 17, 2023 at 09:06AM US authorities have urged network admins to patch a critical vulnerability in Atlassian Confluence Data Center and Server due to ongoing nation-state exploitation. The potential consequences of the exploit are severe, as attackers could create new admin accounts for themselves. The attackers have already demonstrated sophistication by attempting to modify … Read more