Coldfusion blog

Adobe ColdFusion bug recently fixed and exploited by the Chinese APT

A suspected Chinese APT group exploited the recently patched ColdFusion vulnerability in the wild by compromising a vulnerable ColdFusion server after directly downloading a China Chopper webshell. The targeted servers had not been updated with the patch released two weeks earlier. Volexity researchers observed the active exploitation of the recently fixed CVE-2018-15961 vulnerability, a critical […]

Coldfusion blog

Hackers Exploit Recently Fixed ColdFusion Vulnerability

A Chinese group APT hacked web servers by exploiting a vulnerability in Adobe ColdFusion which was patched in September and for which no exploit has been publicly released. The vulnerability, identified as CVE-2018-15961, affects ColdFusion 11 Update 14 and earlier, ColdFusion 2016 Update 6 and earlier, and the ColdFusion 2018 release of July 12. It […]

Adobe coldfusion

Adobe ColdFusion servers attacked by APT group

A nation-state cyber espionage group is actively hacking Adobe ColdFusion servers and installing backdoors for future operations, Volexity researchers told ZDNet. The attacks have been taking place since late September and have targeted ColdFusion servers that were not updated with security patches released by Adobe two weeks earlier on September 11. It looks like hackers […]