Atlassian Confluence Flaw Exploited to Install Cryptominers

Security companies have reported that threat actors and researchers have actively scanned and exploited the Atlassian Confluence vulnerability.

The news comes just days after researchers publicly released a technical write-up on the vulnerability.

The Confluence Remote Code Execution vulnerability, known as CVE-2021-26084, allows an unauthenticated attacker to remotely execute commands on a vulnerable server.

While the cybersecurity intelligence company Bad Packets had used threat actors from different countries to download and execute PowerShell or Linux shell scripts, the investigation shows that the attacks are mainly to mine cryptocurrencies.

There are some additional concerns that the exploit could also be used for advanced attacks, including spreading the efforts through a network ransomware attack and data exfiltration.

Organizations running a Confluence Server are advised to install the latest updates as soon as possible.

For more information, read the original story in Bleeping Computer.

Atlassian Confluence Flaw Exploited to Install Cryptominers

Top Stories

New Deepfakes Can Mimic Heartbeats, Evading Detection Tools

RBC Pushes Employees Back to Office to Preserve ‘Winning Culture’

Microsoft Azure Closes Cloud Gap with AWS as AI and Enterprise Migrations Fuel Growth

Sleeper Supply Chain Attack Activates After 6 Years

Dell has another major round of layoffs

One of the biggest data breaches ever, billions of users affected

Related Articles

Ottawa Warns of China-Linked Hack on Canadian Telecom Gear

Broadcom Defends VMware Price Hikes, Says Customers Are “Using It Wrong”

MIT Warns SpaceX Could Lose Up to Two‑Thirds of Starlink Fleet to Orbital Congestion

Google’s Cloud Meltdown Shows Just How Fragile the Hyperscaler Structure Is

Jim Love

Follow Us

Popular categories

Tech News Delivered