Thursday, 3 April 2025
26.2 C
Singapore
29.3 C
Thailand
21 C
Indonesia
26.9 C
Philippines

Microsoft alerts on nation-state hackers exploiting Atlassian Confluence vulnerability

Microsoft identifies a critical Atlassian Confluence vulnerability exploited by nation-state actor Storm-0062, urging companies to update their software to mitigate risks.

Microsoft has identified a severe vulnerability in the Atlassian Confluence Data Center and Server, which, it says, has been exploited by a nation-state entity known as Storm-0062 (also referred to as DarkShadow or Oro0lxy).

According to Microsoft’s threat intelligence crew, the exploit has been observed in action since September 14, 2023.

The vulnerability, labelled as CVE-2023-22515, is described as a critical privilege escalation flaw within Atlassian’s Confluence Data Center and Server. This flaw could be exploited if a device is network-connected to a susceptible application, allowing the perpetrator to create an administrator account within the Confluence application.

The cybersecurity implications

CVE-2023-22515, with a maximum severity score of 10.0 on the CVSS scale, enables remote attackers to fabricate unauthorized administrator accounts and gain access to Confluence servers. Atlassian has released patches for this flaw in its versions 8.3.3, 8.4.3 and 8.5.2 (Long Term Support release) or later.

The exact extent of the attacks remains unclear. Still, Atlassian became aware of the issue through reports from a few customers, indicating that the threat actor exploited this vulnerability as a zero-day.

Notably, Oro0lxy is a digital pseudonym used by Li Xiaoyu, a hacker from China who, as per the U.S. Department of Justice (DoJ) allegations in July 2020, infiltrated numerous companies across the U.S., Hong Kong, and China, Moderna – a coronavirus vaccine research developer, being among them.

Xiaoyu is believed to be associated with the Guangdong regional division of China’s Ministry of State Security (MSS), operated at times for personal financial gain and at others for the advantage of MSS or other Chinese government entities, as per the DoJ. The DoJ described the hacking activities as a significant and sophisticated threat involving the theft of terabytes of data from U.S. networks.

Companies using Confluence applications are strongly advised to update to the newest versions to lessen the risks and to keep these applications off the public internet until the remedial measures are implemented.

Hot this week

DEEPAL launches flagship S07 and opens showroom in Singapore

DEEPAL launches in Singapore with new showroom and flagship S07 electric SUV, marking its sixth global market.

Zelle is removing its stand-alone app

Zelle is shutting down its stand-alone app, but you can still use the service through your bankโ€™s app. Hereโ€™s what you need to know.

This tiny and affordable device upgrades any speaker with Wi-Fi streaming and hi-res audio

The Atonemo Streamplayer is a tiny, affordable device that adds Wi-Fi streaming and hi-res audio support to any speaker with a 3.5mm aux port.

Apple prepares for M5 iPad Pro and MacBook Pro release

Apple is set to launch the M5 iPad Pro and MacBook Pro in late 2024, with the M6 models expected to introduce an in-house modem in 2027.

OpenAI set to finalise US$40 billion funding round led by SoftBank

According to Bloomberg, OpenAI is close to finalising a US$40 billion funding round led by SoftBank, which will raise its valuation to US$300 billion.

Roblox introduces new parental controls to enhance child safety

Roblox introduces new parental controls, allowing parents to block games, restrict friends, and monitor their childโ€™s activity for better safety.

Anthropic introduces Claude for Education, a new AI chatbot plan for universities

Anthropic launches Claude for Education, an AI chatbot plan for universities that offers advanced learning tools and administration support.

Exabeam introduces Nova, an agentic AI that boosts cybersecurity operations

Exabeam unveils Nova, a proactive AI agent that boosts security team productivity and reduces incident investigation time by over 50%.

NUS partners with Microsoft Research Asia to advance AI research and nurture future tech talent

NUS and Microsoft Research Asia partner to boost AI research and develop future computing talent through a joint PhD and industry collaboration.

Related Articles