Patch/Configuration Management

Security researchers say they recorded several thousands exploit attempts on Atlassian Confluence RCE originating from more than 600 unique IP addresses.

Ivanti reported that it believes malicious code has been added to exploited Connect-Secure and Policy Secure products that allows a threat actor future access, even after mitigation is applied. 

BleepingComputer reports that ongoing attacks abusing zero-day flaws impacting Citrix NetScaler ADC and Gateway appliances, as well as Google Chrome have prompted their inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog.

SiliconAngle reports that Intel, American Megatrends, and Phoenix Technologies have been confirmed to be impacted by nine vulnerabilities within the widely used Unified Extensible Firmware Interface firmware TianoCore EDK II dubbed "PixieFail," which could be exploited to enable denial-of-service attacks, data leaks, and DNS cache poisoning.

Organizations using Citrix NetScaler ADC and Gateway appliances have been urged to immediately apply updates addressing two zero-day flaws, which have been leveraged in ongoing attacks, BleepingComputer reports.

The critical bug, given a maximum CVSS score of 10 by Atlassian, requires an urgent update to the fixed version to avoid exploitation.

“This exploitation has affected thousands of machines and may have infected many more,” Volexity researchers.