ATP Group Attacks ColdFusion Servers

Posted on
November 9, 2018 at
6:39 PM

A cyberspying group appears to have reversed a security patch from Adobe and currently going after unpatched ColdFusion Servers.

According to information gathered by Volexity researchers, a spying group is aggressively hacking into the servers of Adobe ColdFusion and creating backdoors for future attacks. This attack has been ongoing since late September with servers not updated with security patches released by Adobe on September 11. Apparently, the hackers have studied Adobe’s September patches and discovered a means of exploiting the CVE-2018-15961 to its advantage.

Categorized as an “unauthenticated file upload,” this weakness allowed this nation-state…

Source link

About coldfusion

Check Also

Microsoft’s end-of-summer software security cleanse crushes more than 80 bugs • The Register

Patch Tuesday For its September Patch Tuesday, Microsoft churned out fixes for 66 vulnerabilities alongside …

Leave a Reply

Your email address will not be published. Required fields are marked *