"Federal Agency Breached Through Adobe ColdFusion Vulnerability"

According to the Cybersecurity and Infrastructure Security Agency (CISA), hackers compromised public-facing servers at a US federal agency in June and July by exploiting a vulnerability in a popular Adobe product. The hackers exploited a bug impacting Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier), as well as earlier installations of the software no longer supported by Adobe. CISA says there is no evidence of data exfiltration or lateral movement by the hackers. The hackers attempted to exfiltrate some files, but the attempt failed because the activity was detected and quarantined. The victimized server blocked other attempts to download data. This article continues to discuss the breach of a US federal agency through the exploitation of an Adobe ColdFusion vulnerability.

The Record reports "Federal Agency Breached Through Adobe ColdFusion Vulnerability"

Submitted by grigby1