Security News > 2023 > November > Novel backdoor persists even after critical Confluence vulnerability is patched
A new backdoor was this week found implanted in the environments of organizations to exploit the recently disclosed critical vulnerability in Atlassian Confluence.
The backdoor provides attackers remote access to a victim, both its Confluence server and other network resources, and is found to persist even after Confluence patches are applied.
Experts at Aon's incident response provider Stroz Friedberg said the backdoor is a novel piece of malware called Effluence.
"The malware is difficult to detect and organizations with Confluence servers are advised to investigate thoroughly, even if a patch was applied," according to the advisory.
In these cases, web shells can only be accessed if the attacker is able to log into Confluence or via an attacker-controlled webpage.
Defenders may find evidence of use when reviewing static confluence pages, monitoring the response size in relation to the organization's baseline range.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/11/14/novel_backdoor_persists_confluence/
Related news
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems (source)
- New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution (source)
- Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware (source)
- Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk (source)
- Fortinet releases patches for undisclosed critical FortiManager vulnerability (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)