대규모로 악용된 Confluence 버그를 패치하도록 조직에게 경고하는 미국 정부

newsroom 9/6 '21 posted 뉴스 IT

• USCYBERCOM(US Cyber COM)은 오늘 미국 조직에 대규모로 악용된 아틀라시안 Confluence 중요 취약점을 즉시 패치할 것을 촉구하는 드문 경보를 발령했습니다.

• Atlassian Confluence는 직원들이 다양한 프로젝트에서 협업할 수 있도록 설계된 매우 인기 있는 웹 기반 기업 팀 작업 공간입니다.

• 해커들은 최근 Atlassian Confluence 서버 및 데이터 센터에서 패치된 중요한 원격 코드 실행 취약성을 이용하기 시작했습니다.

USCYBERCOM Warns of Mass Exploitation of Atlassian Vulnerability Ahead of Holiday Weekend [www.securityweek.com]

US govt warns orgs to patch massively exploited Confluence bug [www.bleepingcomputer.com]

Critical flaw in Atlassian Confluence actively exploited [www.csoonline.com]

Cyber Command alerts US firms of 'ongoing' hacks targeting Atlassian enterprise software [www.cyberscoop.com]

US Cyber Command Warns of Ongoing 'Mass Exploitation' of Critical Confluence Vuln [www.darkreading.com]

CVE-2021-26084: Confluenza [censys.io]

newest replies popular replies

Open Wiki - Feel free to edit it. -

9/6 '21 answered

Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate. Please patch immediately if you haven’t already— this cannot wait until after the weekend.
— USCYBERCOM Cybersecurity Alert (@CNMF_CyberAlert) September 3, 2021

CVE-2021-26084 exploit activity also detected from 2.57.33.43 (??) as of 2021-09-02T06:46:57Z. pic.twitter.com/kbl9zEXgNA
— Bad Packets (@bad_packets) September 2, 2021

As if just having to use Confluence wasn’t bad enough… https://t.co/YipP6mk5I1
— jstrauss (@jstrauss) September 4, 2021

“Please patch immediately if you haven’t already -- this cannot wait until after the weekend.” https://t.co/WOvPKkpS5M
— Ryan Naraine (@ryanaraine) September 3, 2021

⁦@CNMF_CyberAlert⁩ & ⁦@CISAgov⁩ sound alarm just before #LaborDay weekend in U.S., urging orgs to patch a critical vulnerability (CVE-2021-26084) affecting ⁦@Atlassian⁩ Confluence Server. ⁦@dynamicCISO⁩ #girlswhocode #100daysofcode https://t.co/TBPTKKrVGL
— Rahul Neel Mani (@rneelmani) September 4, 2021

Patch yo sh!t https://t.co/xTio933JfR
— Lucy_? (@82Lucybravo) September 3, 2021

"Atlassian Confluence flaw under active attack"https://t.co/KRD2Thqepm

"Atlassian Confluence flaw actively exploited to install cryptominers"https://t.co/O40ECvJnPa

"Critical flaw in Atlassian Confluence actively exploited"https://t.co/wRZKbWQSWu pic.twitter.com/tPPON2297K
— Bad Packets (@bad_packets) September 3, 2021

Seems to affect specialised software running only on some servers
https://t.co/AIthwYDcJd
— Mira K McMullen (@MiraTweeta) September 3, 2021

On September 02, the number of Atlassian Confluence servers vulnerable to CVE-2021-26084 was 11,689: https://t.co/AjmZPCR7qx

Background story: https://t.co/eY1pnf9Brn pic.twitter.com/watJTKYKa1
— Catalin Cimpanu (@campuscodi) September 4, 2021

permanent link

Featured

Important Notice: Discontinuation of Our Wiki Service

Dear Valued Users,

We hope this message finds you well. We are writing to inform you of an important upcoming change to our services. After careful consideration and analysis, we have made the difficult decision to discontinue our wiki site, effective one month from 2024/04/30.

This was not an easy decision to make, as we understand the importance of the resources and community that have been built around our wiki. However, due to evolving market conditions and strategic realignments, we must redirect our resources and efforts towards other ventures that will allow us to serve you better in the future.

What This Means for You:

Access to Content: You will continue to have full access to all content on the wiki until the discontinuation date. We encourage you to save or migrate any content you wish to retain.
Final Date of Service: The wiki will become inaccessible starting 1st June 2024, after which all content will be permanently removed.

We are immensely grateful for the support and contributions of our user community throughout the years. The wiki is being retired, but our team will be back soon with new services and apps.

Thank you for being a part of our journey.

Warm regards,

editoy Inc.

Related

Featured