November 10, 2023 at 04:03AM Researchers have discovered a stealthy backdoor called Effluence that exploits a security flaw in Atlassian Confluence Data Center and Server. The backdoor allows attackers to move laterally within the network and exfiltrate data. It can be accessed remotely without authenticating to Confluence. The attack chain involves exploiting two critical bugs … Read more
October 11, 2023 at 03:40PM China-sponsored APT Storm-0062 is responsible for exploiting a critical bug in Atlassian Confluence Server, according to Microsoft. Proof-of-concept exploits are now available, indicating potential mass exploitation. The vulnerability (CVE-2023-22515) allows remote code execution without authentication. Microsoft identified four IP addresses associated with the exploit and warned of the creation of … Read more
October 11, 2023 at 10:35AM A Chinese-backed threat group, known as Storm-0062 or DarkShadow, has been exploiting a zero-day vulnerability in Atlassian Confluence Data Center and Server since September 2023. Microsoft has shared more information about the group’s involvement and identified four offending IP addresses. The vulnerability allows the group to create arbitrary administrator accounts. … Read more
October 11, 2023 at 12:30AM Microsoft has identified a critical flaw in Atlassian Confluence Data Center and Server that is being exploited by a nation-state actor called Storm-0062. The vulnerability, known as CVE-2023-22515, allows attackers to create unauthorized administrator accounts. Atlassian has been made aware of the issue and advises users to upgrade to the … Read more
October 10, 2023 at 07:54PM Researchers at Microsoft have identified a known nation-state threat actor, referred to as Storm-0062, as responsible for the recent zero-day exploits targeting Atlassian’s Confluence Data Center and Server products. The malicious activity had been ongoing since September 14, before Atlassian publicly disclosed the issue. Microsoft has provided IP addresses related … Read more