A vulnerability in collaboration software is undergoing “mass exploitation,” according to U.S. Cyber Command.
The Cybersecurity and Infrastructure Security Agency is imploring administrators to apply recent updates to “Confluence”—collaboration software made by Atlassian—in an event officials have been anticipating.
“CISA urges users and administrators to review Atlassian Security Advisory 2021-08-25 and immediately apply the necessary updates,” reads an alert the agency posted to the National Cyber Awareness System Friday. “On August 25, 2021, Atlassian released security updates to address a remote code execution vulnerability (CVE-2021-26084) affecting Confluence Server and Data Center. Recently, CVE-2021-26084 has been detected in exploits in the wild. A remote attacker could exploit this vulnerability to take control of an affected system.”
On Tuesday, CISA and the FBI published an advisory with trends and mitigation measures to raise awareness of the need for heightened vigilance as the Labor Day weekend approaches. And on Thursday, Deputy National Security Advisor for Cyber and Emerging Tech Anne Neuberger took to the White House podium to do the same.
“We encourage you to please visit the site, read the advisory and take those critical steps,” she said. “Organizations and individuals should be on alert now because criminals sometimes lay in their steps in advance and begin their planning. The purpose of this is really to raise awareness, before a holiday weekend, given the history of increased criminal cyber activity during holiday weekends.”
The attacks they warned of have arrived in time to foil plans of taking off early to enjoy the holiday, except perhaps for those who have already patched the vulnerability and enforced their defenses as advised.
“Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate,” US Cyber Command tweeted Friday. “Please patch immediately if you haven’t already— this cannot wait until after the weekend.”