A critical vulnerability in Atlassian’s Confluence enterprise server app that allows for malicious commands and resets servers is under active exploitation by threat actors in attacks that install ransomware, researchers said.
“Widespread exploitation of the CVE-2023-22518 authentication bypass vulnerability in Atlassian Confluence Server has begun, posing a risk of significant data loss,” Glenn Thorpe, senior director of security research and detection engineering at security firm GreyNoise, wrote on Mastodon on Sunday. “So far, the attacking IPs all include Ukraine in their target.”
He pointed to a page showing that between 12 am and 8 am on Sunday UTC (around 5 pm Saturday to 1 am Sunday Pacific Time), three different IP addresses began exploiting the critical vulnerability, which allows attackers to restore a database and execute malicious commands. The IPs have since stopped those attacks, but he said he suspected the exploits are continuing.
The first two prototype satellites for Amazon's broadband network launched Friday from Florida, the first in a series of at least 77 rocket launches the retail giant has booked over the next six years to deploy a fleet of more than 3,200 spacecraft to rival SpaceX's Starlink system.
These first two satellites for Amazon's $10 billion Internet megaconstellation, called Project Kuiper, took off on top of a United Launch Alliance Atlas V rocket from Cape Canaveral Space Force Station in Florida at 2:06 pm EDT (18:06 UTC).
On its 99th flight, ULA's Atlas V rocket fired a Russian-made RD-180 engine and thundered off the launch pad, heading east from the Florida coastline over the Atlantic Ocean. The kerosene-fueled engine—flying without the aid of solid rocket boosters on this flight—fired more than four minutes, then a hydrogen-burning engine on the rocket's Centaur upper stage took over for a 10-minute burn to reach a targeted 311-mile-high (500-kilometer) orbit.