Coldfusion

CISA reveals how fed agency succumbed to ColdFusion attacks • The Register

CISA reveals how fed agency succumbed to ColdFusion attacks • The Register

CISA has released details about a federal agency that recently had at least two public-facing servers compromised by attackers exploiting a critical Adobe ColdFusion vulnerability. The vulnerability, tracked as CVE-2023-26360, was disclosed in March and was shortly after added to CISA’s known exploited vulnerability (KEV) catalog, setting an April 5 deadline for agencies to fix the issue. In a Tuesday advisory, CISA revealed the federal civilian executive branch (FCEB) in question was successfully attacked in June and into July, meaning the vulnerability went unpatched for more than three months after CISA’s deadline.  CISA did not respond to questions about whether the agency has now patched the vulnerability,… Source link

Read More »

Hackers breach US govt agencies using Adobe ColdFusion exploit

Hackers breach US govt agencies using Adobe ColdFusion exploit

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers. The security issue allows executing arbitrary code on servers running  Adobe ColdFusion 2018 Update 15 and older, and 2021 Update 5 and earlier. It was exploited as a zero day before Adobe fixed it in mid-March by releasing ColdFusion 2018 Update 16 and 2021 Update 6. At the time, CISA published a notice about threat actors exploiting the flaw and urged federal organizations and state services to apply the available security updates. In an alert today, America’s Cyber Defense Agency warns that CVE-2023-26360 is still leveraged in attacks, showcasing… Source link

Read More »

ColdFusion Exploit Used to Access Federal Agency

ColdFusion Exploit Used to Access Federal Agency

Unknown attackers exploited a known access control vulnerability in two Adobe ColdFusion application servers at a federal government agency in June, gaining access to the environment, uploading a webshell, and adding malicious code to the servers. There were two separate incidents at the unnamed agency in June, and according to a new advisory from the Cybersecurity and Infrastructure Security Agency the attacks may be the work of one group or two separate groups. The intrusions appeared to be focused on reconnaissance and mapping out the network infrastructure, and CISA said there is no evidence that data was exfiltrated during the intrusions. In both instances, the attackers exploited CVE-2023-26360 in ColdFusion, a bug that Adobe released a fix for in March. “In both… Source link

Read More »

CISA details twin attacks on federal servers via unpatched ColdFusion flaw • The Register

CISA details twin attacks on federal servers via unpatched ColdFusion flaw • The Register

CISA has released details about a federal agency that recently had at least two public-facing servers compromised by attackers exploiting a critical Adobe ColdFusion vulnerability. The vulnerability, tracked as CVE-2023-26360, was disclosed in March and was shortly after added to CISA’s known exploited vulnerability (KEV) catalog, setting an April 5 deadline for agencies to fix the issue. In a Tuesday advisory, CISA revealed the federal civilian executive branch (FCEB) in question was successfully attacked in June and into July, meaning the vulnerability went unpatched for more than three months after CISA’s deadline.  CISA did not respond to questions about whether the agency has now patched the vulnerability, who was behind the attack, or its stance on the missed… Source link

Read More »

Hackers breach US govt agencies using Adobe ColdFusion exploit

Hackers breach US govt agencies using Adobe ColdFusion exploit

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers. The security issue allows executing arbitrary code on servers running  Adobe ColdFusion 2018 Update 15 and older, and 2021 Update 5 and earlier. It was exploited as a zero day before Adobe fixed it in mid-March by releasing ColdFusion 2018 Update 16 and 2021 Update 6. At the time, CISA published a notice about threat actors exploiting the flaw and urged federal organizations and state services to apply the available security updates. In an alert today, America’s Cyber Defense Agency warns that CVE-2023-26360 is still leveraged in attacks,… Source link

Read More »

Federal agency breached through Adobe ColdFusion vulnerability

Federal agency breached through Adobe ColdFusion vulnerability

Public-facing servers at a U.S. federal agency were compromised by hackers in June and July through a vulnerability in a popular product from Adobe, according to the nation’s leading cybersecurity agency. The unidentified hackers exploited CVE-2023-26360 — a bug affecting Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) as well as earlier installations of the software that Adobe no longer supports. ColdFusion is a tool used by organizations for rapid web-application development, allowing them to build web applications and integrate things like databases and other third-party libraries. An analysis of network logs confirmed the compromises, according to the Cybersecurity and Infrastructure Security Agency (CISA). “In June 2023, through the… Source link

Read More »