Cybercriminals, State-Sponsored Threat Actors Exploiting Confluence Server Vulnerability By Orbit Brain June 13, 2022 0 422 views House › CyberwarfareCybercriminals, State-Sponsored Risk Actors Exploiting Confluence Server VulnerabilityBy Eduard Kovacs on June 13, 2022TweetA not too long ago patched Confluence Server vulnerability is being exploited by a number of cybercrime and state-sponsored menace teams, based on Microsoft.The safety gap, tracked as CVE-2022-26134, might be exploited by an unauthenticated attacker for distant code execution. It impacts all supported variations of Confluence Server and Knowledge Middle, and it has been patched by Atlassian with the discharge of variations 7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.Four and seven.18.1.The zero-day vulnerability was exploited earlier than its existence got here to gentle, however the quantity of assaults has elevated considerably following disclosure.Within the days instantly after the disclosure of the flaw, Censys and Shadowserver reported seeing hundreds of internet-exposed Confluence servers that might have been susceptible to assaults.The preliminary assaults exploiting CVE-2022-26134 appeared to come back from China and so they targeted on the supply of net shells.Risk intelligence firm GreyNoise has up to now seen greater than 1,700 distinctive IP addresses trying to use the vulnerability.Microsoft reported on Saturday that it has seen a number of menace teams, together with profit-driven cybercriminals and state-sponsored actors, exploiting the flaw of their assaults.“In lots of instances impacted units have been noticed with a number of disparate cases of malicious exercise, together with in depth gadget and area discovery, and the deployment of payloads like Cobalt Strike, net shells, botnets like Mirai and Kinsing, coin miners, and ransomware,” Microsoft mentioned.The corporate has named two teams which have been noticed focusing on CVE-2022-26134: DEV-0401 and DEV-0234. The previous is a China-based ransomware operator that has been identified to deploy numerous ransomware households, together with LockFile, AtomSilo and Rook.Within the assaults aimed toward Confluence Server cases, Microsoft has seen the supply of a chunk of ransomware named Cerber2021.Cloud safety agency Lacework has additionally seen assaults focusing on CVE-2022-26134. These operations concerned the cryptocurrency miners named Kinsing a Hezb, in addition to the Darkish.IoT botnet.Cybersecurity firm Examine Level has additionally seen assaults delivering cryptocurrency miners, together with to Home windows and Linux methods.Associated: Atlassian Patches Important Code Execution Vulnerability in ConfluenceAssociated: Atlassian Patches Important Authentication Bypass Vulnerability in JiraAssociated: USCYBERCOM Warns of Mass Exploitation of Atlassian Vulnerability Forward of Vacation WeekendGet the Each day Briefing Most LatestMost LearnDrupal Patches ‘Excessive-Threat’ Third-Celebration Library FlawsHYCU Raises $53 Million for Knowledge Backup Know-howResearchers: Wi-Fi Probe Requests Expose Consumer KnowledgeChinese language Hackers Including Backdoor to iOS, Android Web3 Wallets in ‘SeaFlower’ Marketing campaignFacilitating Convergence of Bodily Safety and Cyber Safety With Open Supply IntelligenceLecturers Devise New Speculative Execution Assault In opposition to Apple M1 ChipsCybercriminals, State-Sponsored Risk Actors Exploiting Confluence Server VulnerabilityResearcher Exhibits How Tesla Key Card Characteristic Can Be Abused to Steal VehiclesCybersecurity Programs Ramp Up Amid Scarcity of ProfessionalsBillion-Greenback Valuations Cannot Halt Layoffs at OneTrust, CybereasonOn the lookout for Malware in All of the Incorrect Locations?First Step For The Web’s subsequent 25 years: Including Safety to the DNSTattle Story: What Your Laptop Says About YouBe in a Place to Act Via Cyber Situational ConsciousnessReport Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant2010, A Nice Yr To Be a Scammer.Do not Let DNS be Your Single Level of FailureMethods to Determine Malware in a BlinkDefining and Debating Cyber WarfareThe 5 A’s that Make Cybercrime so EngagingMethods to Defend In opposition to DDoS AssaultsSafety Budgets Not in Line with ThreatsAnycast – Three Causes Why Your DNS Community Ought to Use ItThe Evolution of the Prolonged Enterprise: Safety Methods for Ahead Pondering OrganizationsUtilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous EnterpriseShare this:FacebookXPrintEmailLinkedInRedditTwitterTumblrPinterestTelegramWhatsApp Confluence Server CVE-2022-26134 exploited malware ransomware state-sponsored attack Orbit Brainhttps://orbitbrain.com/ Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy waysand much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.
Cisco Warns of Critical Vulnerability in EoL Small Business RoutersIntroducing the Cyber Security News Cisco Warns of Critical Vulnerability in EoL Small Business Routers.... January 13, 2023 Cyber Security News
FTC Targets Drizly and Its CEO Over Cybersecurity Failures That Led to Data BreachIntroducing the Cyber Security News FTC Targets Drizly and Its CEO Over Cybersecurity Failures That Led to Data Breach.... October 25, 2022 Cyber Security News
Victim of Private Spyware Warns It Can be Used Against USIntroducing the Cyber Security News Victim of Private Spyware Warns It Can be Used Against US.... July 28, 2022 Cyber Security News
Cisco Squashes High-Severity Bug in Web Protection SolutionIntroducing the Cyber Security News Cisco Squashes High-Severity Bug in Web Protection Solution.... August 19, 2022 Cyber Security News
US Gov Issues Software Supply Chain Security Guidance for CustomersIntroducing the Cyber Security News US Gov Issues Software Supply Chain Security Guidance for Customers.... November 18, 2022 Cyber Security News
Attackers Can Exploit Critical Citrix ADM Vulnerability to Reset Admin PasswordsIntroducing the Cyber Security News Attackers Can Exploit Critical Citrix ADM Vulnerability to Reset Admin Passwords.... June 15, 2022 Cyber Security News
Solana Memecoin Presale Gone Wrong: Creator Accidentally Burns $10M, Whale Makes Huge ProfitMarch 18, 2024 71
The Next Shiba Inu and Dogecoin? Dogecoin20 ICO and the Promise of Millionaire ReturnsMarch 20, 2024 68