Atlassian Confluence Exploits Peak at 100K Daily
Swarms of breach attempts against the Atlassian Confluence vulnerability are likely to continue for years, researchers say, averaging 20,000 attempts daily as of this week.
Since it was first identified on June 2, the Atlassian Confluence remote code-execution (RCE) vulnerability tracked as CVE-2022-26134 has attracted the repeated attention of threat actors. Now, after peaking at up to 100,000 attack attempts daily on targets, cyberattackers have settled at a steady rate of 20,000 malware injection shots per day, launched from around 6,000 IPs.
Researchers at Akamai observed that attacks on the Atlassian Confluence bug are mainly focused in the commerce, high tech, and financial services sectors, and range from probing to malware injection in hopes of installing cryptominers and Web shells.
"What is particularly concerning is how much of a shift upward this attack type has garnered over the last several weeks," a Tuesday Akamai report on the Atlassian Confluence vulnerability said. "As we have seen with similar vulnerabilities, this CVE-2022-26134 [bug] will likely continue to be exploited for at least the next couple of years."
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024