Remediating Atlassian Confluence servers fails to thwart Effluence backdoor

13 November 2023

Atlassian Confluence Data Center and Server instances infected with the Effluence backdoor through the exploitation of the critical vulnerability, tracked as CVE-2023-22515, remained compromised even after the application of issued patches, reports The Hacker News. Exploitation of the security flaw allowed attackers to deploy a new web shell consisting of a loader and the Effluence payload that enabled persistent remote access to all server-based web pages even without a valid user account, according to a report from Aon’s Stroz Friedberg Incident Response Services.

Source: SC Magazine

Date:

13 November 2023

Categorie(s):

NEWS

Tag(s):

Atlassian Confluence, IT, News

China’s Volt Typhoon reportedly breached Singtel in ‘test-run’ for US telecom attacks6 November 2024
Snowflake data theft suspect arrested in Canada6 November 2024
Scumbag puts ‘stolen’ Nokia source code, SSH and RSA keys, more up for sale6 November 2024
Canada arrests suspected hacker over breach of 160+ Snowflake users’ data6 November 2024
Cyberthreats linked to foreign actors aim to hinder Election Day proceedings5 November 2024