U.S. Cyber Command Warns of Ongoing Attacks Exploiting Atlassian Confluence Flaw

The Hacker News -

The U.S. Cyber Command on Friday warned of ongoing mass exploitation attempts in the wild targeting a now-patched critical security vulnerability affecting Atlassian Confluence deployments that could be abused by unauthenticated attackers to take control of a vulnerable system.

“Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate,” the Cyber National Mission Force (CNMF) said in a tweet. The warning was also echoed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Atlassian itself in a series of independent advisories.

Bad Packets noted on Twitter it “detected mass scanning and exploit activity from hosts in Brazil, China, Hong Kong, Nepal, Romania, Russia and the U.S. targeting Atlassian Confluence servers vulnerable to remote code execution.”

Atlassian Confluence is a widely popular web-based documentation service that allows teams to create, collaborate, and organize on different projects, offering a common platform to share information in corporate environments. It counts

The post U.S. Cyber Command Warns of Ongoing Attacks Exploiting Atlassian Confluence Flaw first appeared on The Hacker News.

Read More.....