Business

Barracuda researchers identifies continuous attack attempts on Atlassian confluence zero day

Barracuda examined a couple of the payloads supplied by malicious actors seeking to exploit CVE-2022-26134 in further depth in a subsequent Threat Spotlight.

Following the coordinated publication of a zero-day vulnerability in Atlassian Confluence by Volexity, now known as CVE-2022-26134, attackers rushed to exploit it.

Barracuda, a trusted partner and top provider of cloud-first security solutions, researchers have analysed data from their installations worldwide since the original disclosure and subsequent publication of various proofs of concept and discovered a large number of attempts to exploit this vulnerability.

The exploit attempts range from harmless reconnaissance to more complicated attempts to infect devices with DDoS botnet malware and cryptominers.

On June 2, information regarding CVE-2022-26134 was made public.

The vulnerability allows unauthenticated, remote attackers to establish new administrative accounts, execute privileged commands, and take control of the systems.

Atlassian Confluence is a solution for collaborative documentation.

Various threat actors exploited the vulnerability during the ensuing weekend, and hostile actors quickly got aware of it.

Initially, Barracuda researchers saw a steady flow of attacks attempting to exploit this vulnerability, with several significant spikes.

With the continuous monitoring of these attacks and the pattern, the researchers found that the overall volume dropped slightly in August. Attackers have not given up on trying to exploit this vulnerability.
Exploitation attempts originated mostly from IP addresses in Russia, followed by the United States, India, the Netherlands, and Germany.
Previous investigation revealed some of the payloads delivered as well as the sources of the attacks.

“There has been a consistent flow of attacks over time, and we anticipate that a large quantity of scanning and such attempts will continue for the time being.” “It’s crucial to take actions to secure your systems, Patching is a good idea right now, especially if the machine is connected to the internet. Putting a web application firewall in front of such systems will give comprehensive protection against zero-day attacks and other vulnerabilities.”

Tushar Richabadas, Senior Product Marketing Manager, Applications and Cloud Security, Barracuda, said

About Barracuda Networks

Barracuda is dedicated to making the world a safer place. We think that every company should have access to cloud-first, enterprise-grade security solutions that are simple to purchase, implement, and operate.
With creative solutions that develop and adapt to our clients’ journey, we protect email, networks, data, and apps.
More than 200,000 businesses worldwide rely on Barracuda to defend them – in ways they may not even realise they are vulnerable – so they can focus on growing their business.
Barracuda Networks, Barracuda, and the Barracuda Networks logo are registered trademarks of Barracuda Networks, Inc. in the US and other countries.
This article was shared with Prittle Prattle News as a Press Release.
Must Read-  EduCrack aligns with
Follow Us: Facebook Instagram | Twitter YouTube | LinkedIn Pinterest Tumblr

Related Posts

1 of 1,082