CVE-2019-3396 Redux: Confluence Vulnerability Exploited to Deliver Cryptocurrency Miner With Rootkit
released on 2019-05-07 @ 06:19:22 PM
In March 2019, Atlassian published an advisory covering two critical vulnerabilities involving Confluence, a widely used collaboration and planning software. In April, Trend Micro observed one of these vulnerabilities, the widget connector vulnerability CVE-2019-3396, being exploited by threat actors to perform malicious attacks. Security provider Alert Logic also discovered the vulnerability being exploited to drop the Gandcrab ransomware.