exploit

Cases of Attacks Targeting Vulnerable Atlassian Confluence Servers

The ASEC analysis team has been monitoring attacks that are targeting vulnerable systems. This post will discuss cases of attacks targeting vulnerable Atlassian Confluence Servers that are not patched. Atlassian’s Confluence is a major collaboration platform used by many companies across the globe. Being a web-based platform, services such as managing projects and collaboration are mainly provided by Confluence Servers (or Confluence Data Centers). As it is a solution used by many companies, many vulnerabilities targeting vulnerable Confluence Servers and…

Follina Vulnerability (CVE-2022-30190) Attack Using ‘Antimicrobial Film Request’ File

On June 7th, the ASEC analysis team swiftly uploaded a brief introduction of a zero-day vulnerability for Microsoft Office files (Follina). As the patch for the vulnerability is not distributed yet, users are advised to take caution. Caution! Microsoft Office Zero-day Vulnerability Follina (CVE-2022-30190) AhnLab has distributed a detection rule for attack attempts exploiting the vulnerability from the perspectives of file and behavior detections. The vulnerability can be detected by various AhnLab products (V3, MDS, and EDR). While the team…