CVE-2019-3396 Redux: Confluence Vulnerability Exploited to Deliver Cryptocurrency Miner With Rootkit

by Augusto Remillano II and Robert Malagad

In March 2019, Atlassian published an advisory covering two critical vulnerabilities involving Confluence, a widely used collaboration and planning software. In April, we observed one of these vulnerabilities, the widget connector vulnerability CVE-2019-3396, being exploited by threat actors to perform malicious attacks. Security provider Alert Logic also discovered the vulnerability being exploited to drop the Gandcrab ransomware.

Read more for full article!

Support the originator by clicking the read the rest link below.