Tag: atlassian confluence

2 Attack Reports | 0 Vulnerabilities

Attack reports

Attacker Abuses Victim Resources to Reap Rewards from Titan Network

An attacker exploited the Atlassian Confluence vulnerability CVE-2023-22527 to achieve remote code execution for cryptomining via the Titan Network. The malicious actor gathered system details using public IP lookup services and various commands. Multiple shell scripts were downloaded and executed …
cryptomining
aws
ssh
remote code execution
CVE-2023-22527
atlassian confluence
2024-11-04
titan network
cassini testnet
aleo-pool
Published: November 4, 2024
Downloadable IOCs: 1

Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence

Trend Micro researchers have identified a new attack vector exploiting CVE-2023-22527 in older versions of Atlassian Confluence Data Center and Server. The attack deploys an in-memory fileless backdoor known as the Godzilla webshell, which uses AES encryption for communication and remains memory-re…
godzilla
remote code execution
2024-09-02
aes encryption
CVE-2023-22527
atlassian confluence
fileless backdoor
in-memory
Published: September 2, 2024
Downloadable IOCs: 0
Click here to see more Attack Reports