Subj : Even the FBI says you need to patch this Atlassian Confluence bug To : All From : TechnologyDaily Date : Tue Oct 17 2023 17:30:06 Even the FBI says you need to patch this Atlassian Confluence bug right now Date: Tue, 17 Oct 2023 16:14:35 +0000 Description: Significant Atlassian Confluence vulnerability is being exploited in the wild to grant system access. FULL STORY ====================================================================== The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) warned Atlassian Confluence server users to patch their endpoints immediately. The warning was issued after new findings suggesting a recently discovered flaw - CVE-2023-22515 - is being actively exploited in low-complexity, highly damaging attacks that dont require any victim interaction to be successful. In a security advisory , the organizations said that hackers are using the flaw to gain access to systems and then continue active exploitation even post-patch. The flaw is deemed critical, with the three bodies expecting widespread, continued exploitation due to ease of exploitation. Privilege escalation flaw Besides applying the patch with utmost urgency, users are also encouraged to hunt for malicious activity on their networks using the detection signatures and indicators of compromise (IoC) published in the advisory. If a potential compromise is detected, organizations should apply the incident response recommendations, the advisory concludes. The three organizations are referring to a vulnerability tracked as CVE-2023-22515, a critical privilege escalation flaw found in Confluence Data Center and Server 8.0.0. Instances. Atlassian patched the flaw on October 4, urging users to immediately upgrade to versions that are not affected - 8.3.3 or later, 8.4.3 or later, 8.5.2 or later. Organizations that were unable to apply the patch immediately were advised to shut down the servers, or disconnect them from the global internet. In the meantime, a Chinese state-sponsored threat actor Storm-0062 was observed abusing it in attacks, BleepingComputer reported. The attacks were seemingly very limited, Greynoise added, but with proofs-of-concept being on the way, that might soon change for the worse. The publication added that previous similar campaigns involved Linux botnet malware, crypto miners, and ransomware attacks, hinting at the size of the problem. Via BleepingComputer More from TechRadar Pro Cisco releases urgent patch for flaw that could let hackers access Emergency Response Systems Here's a list of the best firewalls today These are the best malware removal tools right now ====================================================================== Link to news story: https://www.techradar.com/pro/security/even-the-fbi-says-you-need-to-patch-thi s-atlassian-confluence-bug-right-now --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .