Threat Advisories

Vulnerable Atlassian Confluence Servers utilized to drop Crypto Miners

September 29, 2022

Threat Level

Red

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

The Atlassian Confluence Server’s CVE-2022-26134, an unauthenticated remote code execution (RCE) vulnerability that was recently patched, is being used by adversaries to deploy cryptocurrency mining malware.

Zero-day vulnerability in Windows terminal management tool gets a hotfix Date

Vulnerabilities & Threats that Matter 19 – 25 September