Swarms of breach attempts against the Atlassian Confluence vulnerability are likely to continue for years, researchers say, averaging 20,000 attempts daily as of this week.
Since it was first identified on June 2, the Atlassian Confluence remote code-execution (RCE) vulnerability tracked as CVE-2022-26134 has attracted the repeated attention of threat actors. Now, after peaking at up to 100,000 attack attempts daily on targets, cyberattackers have settled at a steady rate of 20,000 malware injection shots per day, launched from around 6,000 IPs.
Researchers at Akamai observed that attacks on the Atlassian Confluence bug are mainly focused in the commerce, high tech, and financial services sectors, and range from probing to malware injection in hopes of installing cryptominers and Web shells.
"What is particularly concerning is how much of a shift upward this attack type has garnered over the last several weeks," a Tuesday Akamai report on the Atlassian Confluence vulnerability said. "As we have seen with similar vulnerabilities, this CVE-2022-26134 [bug] will likely continue to be exploited for at least the next couple of years."
About the Author(s)
You May Also Like
Defending Against Today's Threat Landscape with MDR
April 18, 2024The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024