Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,455,528
Community Members
 
Community Events
175
Community Groups

Malware issues continue after confluence security vulnerability addressed...

My environment was impacted by the security vulnerability introduced by Atlantis Confluence Security Advisory - 2019-03-20 https://confluence.atlassian.com/doc/confluence-security-advisory-2019-03-20-966660264.html?_ga=2.42850912.435297976.1555337817-950560266.1551278855&_gac=1.36301716.1552504971.EAIaIQobChMI-d6O2Ov_4AIVkoRpCh32zAEMEAAYASAAEgKqk_D_BwE

We followed the Atlassian provided troubleshooting steps to a T. Is anyone else continuing to experience fall out AFTER upgrading confluence? It seems the upgrade wasn't enough and we are continuing to experience malware issues in our environment.  

Are we alone? Please let me know.

1 comment

Hi Becky,

If your system was already infected prior to the upgrade, then just running the upgrade won't be enough unfortunately. There's been numerous examples where a system was compromised using the vulnerability, once the system was compromised, the bad actors then got their own software on those servers, so even with Confluence fixed, the other software was still running.

It's best practice (and in this case, pretty much a have to do) that if a system has been compromised that you setup a brand new installation on a clean server, carefully restore your data (database and home directory) - watch carefully that you're not pulling over infected files too, run your companies virus/etc over the data you restore and then closely monitor the new environment as well.

 

CCM

Comment

Log in or Sign up to comment
TAGS

Atlassian Community Events