Atlassian Confluence data-wiping vulnerability exploited | allinfosecnews.com

Nov. 6, 2023, 10:08 a.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, Greynoise is observing. The Shadowserver Foundation has also seen 30+ IP addresses testing for the flaw in internet-facing Confluence installations. From security updates to active exploitation Atlassian released security updates for CVE-2023-22518 on October 31 and urged customers to upgrade quickly, even though there was no indication that the vulnerability was being targeted. “Instances … More →

The post …

addresses atlassian atlassian confluence attackers confluence critical cve cve-2023-22518 data database don't miss exploit exploitation exploited facing flaw foundation greynoise hot stuff internet ip addresses october poc reset security security updates shadowserver testing threat threat actors unauthenticated updates vulnerability vulnerability exploited vulnerable wiping

More from www.helpnetsecurity.com / Help Net Security

Adaptive Shield unveils SaaS security for AI 5 hours ago | www.helpnetsecurity.com

adaptive shield and response applications apps +28

Onyxia launches AI-powered predictive insights to optimize security management 5 hours ago | www.helpnetsecurity.com

address ai-powered can challenges +24

Island raises $175 million at $3 billion valuation 6 hours ago | www.helpnetsecurity.com

capital coatue financing funding +10

Synopsys Polaris Assist automates repetitive, time-consuming tasks for security and development teams 6 hours ago | www.helpnetsecurity.com

ai-powered application application security assistant +30

FCC fines major wireless carriers over illegal location data sharing 6 hours ago | www.helpnetsecurity.com

access att carriers communications +26

Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades 6 hours ago | www.helpnetsecurity.com

alto attackers aware concept +24

Cybersixgill Third-Party Intelligence module identifies potential supply chain risks 7 hours ago | www.helpnetsecurity.com

action cyber cybersecurity cybersixgill +25

ESET launches two MDR subscription tiers for SMBs and enterprises 10 hours ago | www.helpnetsecurity.com

and response businesses detection detection and response +15

ThreatX provides always-active API security from development to runtime 10 hours ago | www.helpnetsecurity.com

api api security application application protection +19

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineer - Vulnerability Management

@ Starling Bank | Southampton, England, United Kingdom

View on infosec-jobs.com

Manager Cybersecurity

@ Sia Partners | Rotterdam, Netherlands

View on infosec-jobs.com

Compliance Analyst

@ SiteMinder | Manila

View on infosec-jobs.com

Information System Security Engineer (ISSE)-Level 3, OS&CI Job #447

@ Allen Integrated Solutions | Chantilly, Virginia, United States

View on infosec-jobs.com

Enterprise Cyber Security Analyst – Advisory and Consulting

@ Ford Motor Company | Mexico City, MEX, Mexico

View on infosec-jobs.com