Security News
Opportunistic threat actors have been found actively exploiting a recently disclosed critical security flaw in Atlassian Confluence deployments across Windows and Linux to deploy web shells that result in the execution of crypto miners on compromised systems. Tracked as CVE-2021-26084, the vulnerability concerns an OGNL injection flaw that could be exploited to achieve arbitrary code execution on a Confluence Server or Data Center instance.
Trello is down for many users around the world, second time this week. Trello is a web-based TODO list-style platform owned by Atlassian, makers of Jira and Confluence.
The U.S. Cyber Command on Friday warned of ongoing mass exploitation attempts in the wild targeting a now-patched critical security vulnerability affecting Atlassian Confluence deployments that could be abused by unauthenticated attackers to take control of a vulnerable system. "Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate," the Cyber National Mission Force said in a tweet.
A just-patched, critical remote code-execution vulnerability in the Atlassian Confluence server platform is suffering wide-scale exploitation, the Feds have warned - as evidenced by an attack on the popular Jenkins open-source automation engine. Atlassian Confluence is a collaboration platform where business teams can organize its work in one place: "Dynamic pages give your team a place to create, capture, and collaborate on any project or idea," according to the website.
The maintainers of Jenkins-a popular open-source automation server software-have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner. The "Successful attack," which is believed to have occurred last week, was mounted against its Confluence service that had been deprecated since October 2019, leading the team to take the server offline, rotate privileged credentials, and reset passwords for developer accounts.
The Jenkins team issued a reminder over the weekend that one should keep one's systems patched as it found itself with a compromised Confluence service. Although the affected instance of Confluence integrated with the company's identity system, the group said: "At this time we have no reason to believe that any Jenkins releases, plugins, or source code have been affected."
US Cyber Command has issued a rare alert today urging US organizations to patch a massively exploited Atlassian Confluence critical vulnerability immediately.The USCYBERCOM unit also stressed the importance of patching vulnerable Confluence servers as soon as possible: "Please patch immediately if you haven't already- this cannot wait until after the weekend."
Hackers are actively scanning for and exploiting a recently disclosed Atlassian Confluence remote code execution vulnerability to install cryptominers after a PoC exploit was publicly released. Atlassian Confluence is a very popular web-based corporate team workspace that allows employees to collaborate on projects.
Atlassian has warned users of its Confluence Server that they need to patch the product to remedy a Critical-rated flaw. Atlassian has released fixed versions of the product - namely versions 6.13.23, 7.4.11, 7.11.6, 7.12.5, and 7.13.0 - but the company's advisory suggests upgrading to the latest long-term service release.
Atlassian has dropped a patch for a critical vulnerability in many versions of its Jira Data Center and Jira Service Management Data Center products, which can lead to arbitrary code execution. Atlassian is a platform that's used by 180,000 customers to engineer software and manage projects, and Jira is its proprietary bug-tracking and agile project-management tool.