#CVE-2023-22527

Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence

by

August 30, 2024 at 05:13AM Trend Micro researchers discovered an attack exploiting the CVE-2023-22527 vulnerability in older Atlassian Confluence versions, deploying an in-memory fileless backdoor called Godzilla webshell. The backdoor, developed by “BeichenDream,” evades detection with AES encryption and remains in-memory. The attack highlights the importance of regularly patching servers and using advanced security solutions. … Read more

Atlassian Confluence Vulnerability Exploited in Crypto Mining Campaigns

by

August 30, 2024 at 02:42AM Threat actors are exploiting a patched critical security flaw in Atlassian Confluence Data Center and Confluence Server to conduct illicit cryptocurrency mining. The flaw, CVE-2023-22527, allows unauthenticated attackers to achieve remote code execution. At least three different threat actors are exploiting this vulnerability using various methods. Users are advised to … Read more