Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
Auto Added by WPeMatico
Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability. The now-patched critical security flaw was disclosed by Atlassian in early June, at the time the company warned of a […]
Continue ReadingAtlassian has fixed three critical vulnerabilities and is urging customers using Confluence, Bamboo, Bitbucket, Crowd, Fisheye and Crucible, Jira and Jira Service Management to update their instances as soon as possible. There is no mention of these vulnerabilities being exploited in the wild, but flaws in Atlassian Confluence are often leveraged by attackers. About CVE-2022-26138 […]
Continue ReadingA threat actor is selling access to 50 vulnerable networks that have been compromised exploiting the recently disclosed Atlassian Confluence zero-day. A threat actor is selling access to 50 vulnerable networks that have been compromised by exploiting the recently discovered Atlassian Confluence zero-day flaw (CVE-2022-26134). The discovery was made by the Rapid7 Threat Intelligence team […]
Continue ReadingAccording to Volexity, a webshell was discovered in Atlassian Confluence server during an incident response investigation. Volexity determined that it was a zero-day vulnerability that could execute remote code even after the latest patch was completed and reported the issue to Atlassian. After receiving the issue report and identifying it as a zero-day, Atlassian issued […]
Continue ReadingRansomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware groups are actively exploiting the recently disclosed remote code execution (RCE) vulnerability, tracked as CVE-2022-26134, affecting Atlassian Confluence Server and Data Center. Proof-of-concept exploits for the CVE-2022-26134 vulnerability have been released online, Bleeping Computer reported that starting from […]
Continue ReadingThreat actors are exploiting the recently disclosed CVE-2022-26134 RCE in Atlassian Confluence servers to deploy cryptocurrency miners. CheckPoint researchers have observed threat actors exploiting the recently disclosed CVE-2022-26134 remote code execution vulnerability in Atlassian Confluence servers to deploy cryptocurrency miners. Last week, Atlassian warned of a critical unpatched remote code execution vulnerability affecting all Confluence […]
Continue ReadingA critical zero-day vulnerability (CVE-2022-26134) in Atlassian Confluence Data Center and Server is under active exploitation, the software maker has warned on Thursday. There is currently no fix available – though they are expected to be released today (Friday) – and users of the popular enterprise collaboration solution are advised to either temporarily restrict access […]
Continue ReadingIn 2021, threat actors aggressively exploited newly disclosed critical software vulnerabilities to hit a broad set of targets worldwide, says the latest advisory published by the US Cybersecurity and Infrastructure Security Agency. Most exploited vulnerabilities, new and old Compiled by cybersecurity authorities from the Five Eyes intelligence alliance, the list of top 15 CVEs routinely […]
Continue Reading