[HackerNews] Atlassian Confluence RCE Flaw Abused in Multiple Cyberattack Campaigns

Opportunistic threat actors have been found actively exploiting a recently disclosed critical security flaw in Atlassian Confluence deployments across Windows and Linux to deploy web shells that result in the execution of crypto miners on compromised systems.
Tracked as CVE-2021-26084 (CVSS score: 9.8), the vulnerability concerns an OGNL (Object-Graph Navigation Language) injection flaw that

Source: Read More (The Hacker News)

You might be interested in …

Daily NCSC-FI news followup 2020-08-15

PoC Exploit Targeting Apache Struts Surfaces on GitHub threatpost.com/poc-exploit-github-apache-struts/158393/ Researchers have discovered freely available PoC code and exploit that can be used to attack unpatched security holes in Apache Struts 2. Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack krebsonsecurity.com/2020/08/medical-debt-collection-firm-r1-rcm-hit-in-ransomware-attack/ R1 RCM Inc. [NASDAQ:RCM], one of the nations largest medical debt collection companies, […]

Read More

[ZDNet] Hackers breach UC San Diego hospital, gaining access to SSNs and medical info of patients, employees, and students

All posts, ZDNet

The attackers gained access to personal data ranging from claims information to laboratory results, prescriptions, treatments, SSNs, payment card numbers or financial account information. Source: Read More (Latest topics for ZDNet in Security)

Read More

[BleepingComputer] Data of 100+ million Android users exposed via misconfigured cloud services

A banking trojan named Bizarro that originates from Brazil has crossed the borders and started to target customers of 70 banks in Europe and South America. […] Source: Read More (BleepingComputer)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.