Attacks on the zero-day vulnerability in Confluence

B2B Cyber ​​Security ShortNews

Share post

After the zero-day vulnerability – now known as CVE-2022-26134 – was exposed in Atlassian's collaboration tool Confluence, attackers attempt to exploit it in a targeted manner. The attacks come mainly from Russia, USA, India, Netherlands and Germany.

Confluence touts “the remote-ready workspace for your team, where knowledge and collaboration meet.” This work is currently endangered by a security vulnerability. Security analysts from Barracuda have now analyzed data from the cloud security specialist's worldwide installations and have identified an increasing number of attempted attacks via the vulnerability. These range from harmless intentions to some more complex attempts to infect systems with DDoS botnet malware and cryptominers.

Vulnerability in the collaboration tool Confluence

The CVE-2022-26134 vulnerability allows attackers to create new administrative accounts, run privileged commands and take control of the servers. After the attempted attack reached a temporary peak on June 13th, the analysts recorded new peaks on June 21st and 24th.

🔎 Most attacks on Confluence come from Russia (Image: Barracuda).

The attacks mainly came from IP addresses in Russia (45 percent), followed by the USA (25 percent), India (11 percent), the Netherlands and Germany (each three to four percent). Attacks originating from US IP addresses, according to previous studies, mainly come from cloud providers. In Germany, too, most attacks came from hosting providers.

Patches are ready

Given the continued interest of cybercriminals in this vulnerability, users of the Confluence tool should install current patches. Basically, the use of a web application firewall is recommended in order to have comprehensive protection against zero-day attacks and other threat vectors.

More at Barracuda.com

 


Via Barracuda Networks

Striving to make the world a safer place, Barracuda believes that every business should have access to cloud-enabled, enterprise-wide security solutions that are easy to purchase, implement and use. Barracuda protects email, networks, data and applications with innovative solutions that grow and adapt as the customer journey progresses. More than 150.000 companies worldwide trust Barracuda to help them focus on growing their business. For more information, visit www.barracuda.com.


 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more