BleepingComputer reports that the Cybersecurity and Infrastructure Security Agency has called for the immediate patching of a critical vulnerability in the Questions for Confluence app, tracked as CVE-2022-26138, which has been added to the Known Exploited Vulnerabilities catalog after reports of active exploitation.
Federal agencies have been advised by CISA to address the flaw in vulnerable servers by Aug. 19, while other organizations across the U.S. have been "strongly" urged to remediate the bug as soon as possible.
"These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise," said CISA. CISA's warning comes after Rapid7 had reported ongoing exploitation of the flaw.
"Unsurprisingly, it didnt take long for Rapid7 to observe exploitation once the hardcoded credentials were released, given the high value of Confluence for attackers who often jump on Confluence vulnerabilities to execute ransomware attacks," said Glenn Thorpe of Rapid7.
Canada had its various government agencies and financial and transportation industries subjected to distributed denial-of-service attacks by pro-Russian cybercrime operation NoName057(16), according to SecurityWeek.
TechCrunch reports that major payments technology platform Square disclosed that a daylong outage it suffered late last week was prompted by a DNS error and not by a cyberattack. "While making several standard changes to our internal network software, the combination of updates prevented our systems from properly communicating with each other, and ultimately caused the disruption."