The US Cybersecurity and Infrastructure Security Agency (CISA) has instructed government organizations — and advised private sector companies — to address a recently disclosed Confluence vulnerability that has been exploited in attacks.
The alert is based on the increased number of consumer complaints about unwanted text messages, in recent years it raised from approximately 5,700 in 2019, 14,000 in 2020, 15,300 in 2021, to 8,500 through June 30, 2022
Ukrainian officials shared the information with the U.S. government, Cyber Command said, and then the agency uploaded various technical details to VirusTotal, Pastebin and GitHub. The agency did not attribute the malware.
According to the law enforcement authority, threat actors are misusing the names, logos, and other identifying information of legitimate businesses to create fake websites in an attempt to lure potential investors.