Over 8,000 Confluence Servers Exposed to Attacks via Old Flaws
Over 8,000 internet-facing Confluence servers remain vulnerable worldwide, leaving them exposed to attacks exploiting even years-old flaws. Recent mass scanning activities target popular vulnerabilities, posing a significant risk to organizations.
Last week, severe zero-days were patched in leading products from Atlassian Confluence to Fortinet devices to Microsoft Office. However, active exploitation of these vulnerabilities has already begun. Here's what we know:
Atlassian Confluence servers have been breached to install crypto-mining malware, leveraging the critical OGNL vulnerability CVE-2021-26084. This flaw allows attackers to execute arbitrary code on affected systems. Meanwhile, usernames and passwords from half a million Fortinet VPNs have been leaked due to the years-old Path Traversal flaw, CVE-2018-13379.
Microsoft Office users are also at risk. The MSHTML Remote Code Execution vulnerability, CVE-2021-40444, allows attackers to execute arbitrary code via malicious Office documents. This vulnerability has been exploited in mass attacks targeting organizations worldwide, including government agencies, financial institutions, and technology companies.
With over 8,000 vulnerable Confluence servers still online, organizations must prioritize patching these and other known vulnerabilities immediately. The active exploitation of these flaws underscores the importance of timely updates and robust cybersecurity measures.
Read also:
- Web3 social arcade extends Pixelverse's tap-to-earn feature beyond Telegram to Base and Farcaster platforms.
- Jaguar Land Rover Resumes Production After Cyberattack, UK Govt & Banks Provide £3.5B Support
- Jaguar Land Rover's Cyberattack Halts Production, Impacting 100,000 Jobs
- Navigating the Path to Tech Product Success: Expert Insights from Delasport, a Trailblazer in the Tech Industry
