Atlassian Confluence Flaw Exploited to Install Cryptominers

Share post:

Security companies have reported that threat actors and researchers have actively scanned and exploited the Atlassian Confluence vulnerability.

The news comes just days after researchers publicly released a technical write-up on the vulnerability.

The Confluence Remote Code Execution vulnerability, known as CVE-2021-26084, allows an unauthenticated attacker to remotely execute commands on a vulnerable server.

While the cybersecurity intelligence company Bad Packets had used threat actors from different countries to download and execute PowerShell or Linux shell scripts, the investigation shows that the attacks are mainly to mine cryptocurrencies.

There are some additional concerns that the exploit could also be used for advanced attacks, including spreading the efforts through a network ransomware attack and data exfiltration.

Organizations running a Confluence Server are advised to install the latest updates as soon as possible.

For more information, read the original story in Bleeping Computer.

SUBSCRIBE NOW

Related articles

Microsoft MFA Outage Blocks Access to Microsoft 365 Apps, Raising Cloud Reliability Concerns

Microsoft faced another significant service disruption over the weekend, with a Multi-Factor Authentication (MFA) outage that blocked users...

AI Agents Could Surpass Humans as Primary App Users by 2030, Accenture Predicts

AI agents are poised to transform the way we interact with digital systems, potentially becoming the primary users...

Data Stolen From Thousands of Popular Mobile Apps: Cyber Security Today for January 13th, 2025

Massive location data harvesting steals data using thousands of popular mobile apps, hackers find new ways of breaching...

NVIDIA Puts A Supercomputer On The Desktop: Hashtag Trending for Monday January 13, 2025

Nvidia launches a mini AI supercomputer that could change computing forever, Microsoft shows that small AI models can...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways