Thursday, 24 April 2025
27.6 C
Singapore
31 C
Thailand
19 C
Indonesia
29.1 C
Philippines

Microsoft alerts on nation-state hackers exploiting Atlassian Confluence vulnerability

Microsoft identifies a critical Atlassian Confluence vulnerability exploited by nation-state actor Storm-0062, urging companies to update their software to mitigate risks.

Microsoft has identified a severe vulnerability in the Atlassian Confluence Data Center and Server, which, it says, has been exploited by a nation-state entity known as Storm-0062 (also referred to as DarkShadow or Oro0lxy).

According to Microsoft’s threat intelligence crew, the exploit has been observed in action since September 14, 2023.

The vulnerability, labelled as CVE-2023-22515, is described as a critical privilege escalation flaw within Atlassian’s Confluence Data Center and Server. This flaw could be exploited if a device is network-connected to a susceptible application, allowing the perpetrator to create an administrator account within the Confluence application.

The cybersecurity implications

CVE-2023-22515, with a maximum severity score of 10.0 on the CVSS scale, enables remote attackers to fabricate unauthorized administrator accounts and gain access to Confluence servers. Atlassian has released patches for this flaw in its versions 8.3.3, 8.4.3 and 8.5.2 (Long Term Support release) or later.

The exact extent of the attacks remains unclear. Still, Atlassian became aware of the issue through reports from a few customers, indicating that the threat actor exploited this vulnerability as a zero-day.

Notably, Oro0lxy is a digital pseudonym used by Li Xiaoyu, a hacker from China who, as per the U.S. Department of Justice (DoJ) allegations in July 2020, infiltrated numerous companies across the U.S., Hong Kong, and China, Moderna – a coronavirus vaccine research developer, being among them.

Xiaoyu is believed to be associated with the Guangdong regional division of China’s Ministry of State Security (MSS), operated at times for personal financial gain and at others for the advantage of MSS or other Chinese government entities, as per the DoJ. The DoJ described the hacking activities as a significant and sophisticated threat involving the theft of terabytes of data from U.S. networks.

Companies using Confluence applications are strongly advised to update to the newest versions to lessen the risks and to keep these applications off the public internet until the remedial measures are implemented.

Hot this week

Meta steps up AI age checks on Instagram to protect teens

Meta adds AI tools to find underage Instagram users and apply teen safety settings, even if their accounts list an adult age.

NVIDIA uses AI to address climate, wildlife and disaster risks

NVIDIA’s AI tools support climate action, wildlife monitoring, and disaster risk mitigation, with uses spanning sea, land, sky and space.

Western Digital and Microsoft launch rare earth material recycling programme in the US

Western Digital and Microsoft recover rare earths from hard drives in US pilot, cutting emissions and boosting supply chain sustainability.

Zoho partners with Cradle to boost Malaysia’s startup ecosystem

Zoho and Cradle are partnering to provide RM44 million in software credits to 4,400 startups, supporting Malaysia's tech innovation drive.

Tenable uncovers critical privilege escalation flaw in Google Cloud Composer

Tenable exposes a GCP vulnerability in Cloud Composer that allows privilege escalation through interdependent cloud services.

POCO launches entry-level C71 smartphone in Singapore with premium features

POCO launches the budget-friendly C71 smartphone in Singapore, offering premium design, enhanced cameras, and smooth performance at S$109.

NVIDIA uses AI to address climate, wildlife and disaster risks

NVIDIA’s AI tools support climate action, wildlife monitoring, and disaster risk mitigation, with uses spanning sea, land, sky and space.

Netflix raises subscription prices in Singapore again

Netflix again raises subscription prices in Singapore, with new rates for all plans and extra member slots.

GameMax unveils Blade Concept ATX case with bold design and powerful features

GameMax launches the Blade Concept ATX case, which features a striking blade design, RGB lighting, and support for high-end liquid-cooled PC builds.

Related Articles

Popular Categories