Critical Confluence Flaw CVE-2023-22518 Exploited: Cerber Ransomware Attack Alert

April 18, 2024
Critical Confluence Flaw CVE-2023-22518 Exploited: Cerber Ransomware Attack Alert
  • Atlassian has alerted users to a critical security flaw, CVE-2023-22518, affecting Confluence Data Center and Server.

  • Cybercriminals are exploiting the vulnerability to install Cerber ransomware, create unauthorized admin accounts, and run malicious commands via web shells.

  • The Cerber ransomware encrypts files accessible to the 'confluence' user and can introduce additional malicious payloads from a command and control (C2) server.

  • An advanced version of the ransomware has been identified, capable of network propagation and disabling Microsoft Defender Antivirus.

  • The situation highlights the urgency of fixing security vulnerabilities and the necessity for strong security practices and a culture of cybersecurity awareness.

Summary based on 2 sources


Get a daily email with more Tech stories

Related Stories