Hackers are exploiting a remote code vulnerability in Adobe Cold Fusion that a patch was recently issued for according to researchers at Volexity.
Justin Jett, Director of Audit and Compliance at Plixer:
“The recent Adobe ColdFusion flaw that has been exploited recently is another example of how quickly malicious actors are to take advantage of recently-patched vulnerabilities. In this case, fewer than two weeks after a patch was released, servers were compromised. Additionally, per the reports from Volexity, “the target server was missing a single update from Adobe that had been released just two weeks earlier,” which indicates that even the most diligent to patch servers are still vulnerable. Software vendors create windows of opportunity for malicious actors when they release patches to fix vulnerabilities. Because of this, IT professionals should continuously monitor their entire network and look for anomalous behavior. By having a good baseline of network traffic, organizations can use network traffic analytics to spot irregular traffic patterns and block further exploitation before it can spread throughout the network.”