On November 10, 2023, the Newsroom reported a cyber attack on Atlassian Confluence Servers involving a malware backdoor called “Effluence.” Despite patches to Confluence, the backdoor allows attackers to access the system remotely, and is not fixed by patching the system. The attack involved exploiting two critical vulnerabilities, resulting in unauthorized access and loss of confidentiality, integrity, and availability. The attack included a novel web shell that grants persistent remote access to the server. A loader component, posing as a Confluence plugin, is responsible for decrypting and launching the payload. If you found this article interesting, follow us on Twitter and LinkedIn for more exclusive content.

, , , , , , ,
Show Comments

Fabio

Full Stack Developer

About the Author

I’m passionate about web development and design in all its forms, helping small businesses build and improve their online presence. I spend a lot of time learning new techniques and actively helping other people learn web development through a variety of help groups and writing tutorials for my blog about advancements in web design and development.

View Articles